This is an interesting fintech story about a major public sector bank in India; it has over 4300 branches and about 8000 ATM’s all over the country. It has millions of customers.
There were fraudulent transactions which were similar to the ones in Bangladesh where the cyber criminals had swindled off millions of dollars. (around 81 million USD). This is a lot of money. Luckily, this Indian bank survived this scam and got bulk of their money back (USD 171 million to be precise).
They employed an “auditor”; basically, paying someone to give an all okay report.
Here’s how it happened (emphasis mine):
This is also what happened in Union Bank’s case. The “phishing”—an attempt to obtain sensitive information such as usernames, passwords and other financial details by pretending to be a trustworthy entity—mails were sent to 15 email IDs. “Three people reported that the email was suspicious to the IT security.
What if these people had BlackBerry security installed? First, and foremost, is that the BlackBerry security creates an encrypted partition different from the main operating system. Any additional emails coming in are filtered as well. Assuming that the malware would have been loaded, it wouldn’t have run in the secured compartment of BlackBerry’s security. Problem solved. The malware is stopped in it’s tracks.
Lets see whether an employee uses his own personal device plugged in to the computer. That will infect the entire network right away. A BlackBerry device wouldn’t have been affected in the first place. This is because of secured kernel+ array of security considerations in designing a BlackBerry device (FIPS-2 compliance).
These people have paid the price. Folks, no one has been fired for insisting on BlackBerry security.