By 63SATS News Desk
A ransomware attack targeting Comtel, a key data centre servicing major brokerage houses, has compromised the security of 16 stock brokers, including prominent names like IIFL Securities, 5 Paisa, and Axis Securities, according to a Moneycontrol report.
The attack, which occurred on the evening of December 9, has prompted the National Stock Exchange (NSE) and Multi Commodity Exchange (MCX) to block access for the affected brokers. As per SEBI regulations, these brokers must now secure certification from Certified Information Systems Auditors (CISA) affirming that their systems are free from malware before regaining access to the exchanges.
Comtel Data Centre at the Core
Comtel, a data centre providing shared IT services such as rack space, bandwidth, and hardware rentals, is integral to reducing operational costs for brokerage firms. However, this centralized setup became the entry point for the ransomware attack, which disrupted client order flows and raised fears of sensitive data exposure.
Order flows, typically routed from clients to brokers, then to the data centre, and finally to the exchanges, may have been compromised. Sources fear that client details and transactional information could have been accessed during the breach.
Potential Entry Point: Symphony OMS
There are concerns that a sister concern, Symphony’s multi-asset order management system (OMS), may have served as the entry point for the attack. If the breach was limited to Symphony OMS, the impact might be restricted to clients using this system. However, with the data centre compromised, the risk could extend to a broader spectrum of clients and brokers.
SEBI Regulations in Action
To mitigate risks, SEBI regulations require brokers to obtain certifications confirming the absence of ransomware from their systems. This stringent measure ensures that only secure operations are allowed back into the trading ecosystem. The impacted brokers are now working toward meeting these compliance standards to resume trading activities.