A huge reality check was delivered to the financial sector. Finance Minister Nirmala Sitharaman convened an urgent, high-level meeting in New Delhi on yesterday. She met the leaders of planned commercial banks, Reserve bank of India officers and the senior executives of cybersecurity. The program was urgent and unique. A recently created artificial intelligence model called Mythos has leaped on the radar screen of world regulators, and it threatens digital financial systems immense. Sitharaman was not holding back in the meeting. She described the scenario as a threat to the national banking security never seen before. The government is of visible concern on the ease with which modern financial infrastructure can be compromised in case this technology gets in the wrong hands. The IT Minister Ashwini Vaishnaw and the Computer Emergency Response Team officials were also dragged inside the room indicating that the administration is considering this as a high-level national security concern.
The Automatic Hacking Machine.
In order to see the panic, you need to go and see what Mythos actually does. It is not just another digital assistant that writes emails and summarizes long documents, developed by the American tech company Anthropic. It is an extremely specialized, independent system, which seeks to locate concealed bugs in computer code. In the course of testing, the model was able to unearth and exploit software bugs that had been lying dormant in the key operating systems over twenty-seven years. It works at a rate and magnitude that can not be matched by human hackers. In fact, anthropic executives considered the model to be too unsafe to be launched publicly. They secured it with a closed program known as Project Glasswing, so that only a limited number of corporate partners could access it and that too with the sole purpose of defensive testing. But, the latest reports show that this locked-down system was somehow accessed by unauthorized users. That one hack triggered warning bells all over the world, particularly among nations that extensively depend on online payment systems.
The Standard Defenses are a Thing of the Past.
The Indian banks were quite complacent in the digital security walls. They managed to withstand huge influxes of online traffic and coped with the shift to mobile banking quite successfully. But Sitharaman clarified beyond any doubt that the old playbook is dead. It is one thing to defend against human cybercriminals. It is a different ball game altogether to be able to fight off an automated machine that is constantly exploring the software architecture to find the smallest of the weaknesses. The Finance Minister gave a directive to bank chiefs to discontinue the use of simple firewalls. She instructed them to aggressively recruit the finest cybersecurity experts in the market. The requirement is to construct continuous monitoring systems that can identify the abnormal behavior as soon as it occurs. The overall plan is simply fighting fire with fire. The possibility of malicious actors using intricate algorithms to break into bank vaults means that the banks will need to install equally sophisticated systems to prevent such attacks.
Construction of a Unified Communication Network.
The problem of information hoarding is a significant issue in the corporate world. Banks tend to remain silent whenever a cyber attack occurs to them since they are afraid of negative publicity and fall in stock prices. The culture is being sternly stopped by the government. Sitharaman categorically recommended the Indian Banks Association to establish an extremely well-organized institutional infrastructure to exchange threat intelligence. When a foreign piece of code infiltrates a server of one bank, all other financial institutions should be aware of it immediately. The State Bank of India is likely to become a frontrunner in uniting all the people. Moreover, the Finance Ministry required real-time reporting that is very strict to the Indian Computer Emergency Response Team. Suspicious online activities should be reported to the law enforcement without wasting time. It is aimed at establishing a huge early notification system throughout the whole financial ecosystem in order to prevent the localized attack to become a systemic disaster.
Securing the Domestic Payment Web.
The weakness extends way beyond conventional bank accounts. The meeting was characterized by a big presence of the officials of the National Payments Corporation of India, the body that manages the Unified Payments Interface. Each month India processes billions of digital transactions. Through their phones, people purchase all items such as costly electronics to roadside tea. An effective cyberattack on such a huge network would result in complete havoc. Finance Services Secretary M Nagaraju noted that the wider fintech industry finds itself in an incredibly difficult situation. Over the past several years, non-banking financial businesses have been depending on digital devices to provide loans to underserved communities. When the software on which these operations are based is compromised, overnight the access to credit may be frozen. Regulators are in a frenzied effort to come up with a way of protective these interwoven layers of the financial system, which are increasingly complex and interdependent, against automated investigation.
Seeking a World remedy.
A threat which was conceived in a Californian technology lab cannot be countered completely in New Delhi. The Indian government is aware that it cannot do this alone. The Ministry of Electronics and Information Technology is in the process of establishing contacts with tech firms and regulatory agencies all over the world to know the precise extent of the threat. Government authorities are also attempting to know some actual intelligence of how the breach by the Anthronic occurred and what systems were violated. The Reserve Bank of India is already working back home to find the exact level of exposure of local financial institutions. The emphasis is shifting quickly towards the consideration of the problem itself and the construction of tangible regulatory guardrails. With the increasing complexity of software infrastructure, regulators have come to understand that national defenses in isolation will not work. The discussions currently taking place will probably influence the way digital banking will be run in the coming decade.
