Ransomware attack on data center impacts 16 Indian stock brokers
What's the story
A ransomware attack on Comtel, a leading data center, has put the security of around 16 stock brokers in India and their clients at risk. The incident took place yesterday.
Major brokerage firms such as IIFL Securities, 5 Paisa, and Axis Securities are among those impacted by this cyberattack.
The breach has resulted in a temporary suspension of these brokers by two leading stock exchanges.
Data center
Comtel's role and services
Comtel is a data center that hosts servers and other networking equipment for stock brokers.
The company provides a range of services including rack space, power, bandwidth, and hardware rental.
These are generally utilized by brokerages to better manage costs. They can either maintain their own data centers or use shared services offered by companies like Comtel.
Regulatory compliance
Brokers must meet SEBI norms to regain access
In the wake of the cyberattack, the affected brokers have been temporarily suspended by stock exchanges.
To get back in action, they need to comply with the Securities and Exchange Board of India (SEBI) regulations.
These rules require brokers to get a certificate from certified auditors, which state that their systems are free from any ransomware and are working smoothly.
Only then can they resume operations on the exchanges.
Potential spread
Ransomware attack may have spread to Symphony's OMS
The ransomware attack on Comtel is suspected to have also impacted Symphony's multi-asset order management system (OMS), a related entity.
This system could be the entry point for the data center compromise.
If limited to the OMS, the risk would be restricted to the clients whose orders are processed through this system. But with the data center breach, the risk could go further.
Information breach
Client details and order flow potentially compromised
There are fears that client details may have been accessed through the data center, and their order flow could've been compromised.
The typical order flow process involves a client sending an order to a broker, who then sends it to a data center, which finally sends it to the exchanges.
This potential information breach raises major concerns about client security after the ransomware attack on Comtel.