BSE Warns Market Intermediaries About Cyber Attacks Amid Coronavirus Lockdown
BSE Ltd. has cautioned market intermediaries against malicious cyber attacks amid increased usage of mobile phones and tabs in the wake of lockdown to contain the Covid-19 pandemic.
Many organisations have switched to work-from-home, due to the outbreak of the pandemic, with employees using mobile phones, tabs, and personal laptops in order to maintain business continuity. This has resulted in an unprecedented increase in dependency on digital means by many folds and resulting in many operations that may possibly be under remote monitoring mode.
“Cybercriminals have started using this as an opportunity to target such users and computing devices used,” the exchange noted.
Accordingly, the BSE has cautioned market intermediaries against such threats and also issued an advisory with a series of suggestions to keep personal mobile phones healthy and secure.
In a circular, the exchange has asked all market infrastructure institutions, markets intermediaries, mutual funds and other SEBI-regulated entities to strictly adhere to 'cybersecurity guidelines' issued by the capital markets regulator and follow best practices and recommendations and other advisories by cybersecurity agency CERT-In. The suggestions have been issued for organisations as well as individuals.
“In case of an incident, report it to relevant authorities and keep the exchange informed accordingly,” BSE said. Advising 'work-from-home' employees and related vendor staff, the exchange has asked them to preferably work from a private space, in case of working in public place use a privacy screen and tether using a trusted 3G/4G connection instead of an untrusted WiFi hotspot.
Besides, it asked them to change default passwords on home WiFi router to prevent hackers from accessing the home network. “All personal computation devices, including mobile phones, tabs, desktops, and laptops should be protected with up-to-date antivirus and malware protection software with latest signatures,” BSE said.
The majority of the cyberattacks are primarily introduced via phishing emails, malicious messages through websites and social media and malicious apps. Hence, it has been advised not to click links and attachments which are suspicious.
BSE has asked the organisations to ensure that continuity of operations is up-to-date along with adequate measures to address cyber crises. Besides, they have been asked to ensure remote access to the organisation's network strictly through secured connectivity like virtual private network using multi-factor authentication.
Further, they have to make sure that all systems are implemented with anti-malware and anti-intrusion prevention having the latest updated signatures. It has been noted that many unique files dubbed as coronavirus spread related documents are circulating on the web which is filled with malevolent infections such as file-encrypting malware. These attacks and malware indiscriminately target individuals and organizations across the world stealing financial data and other sensitive information.