The National Stock Exchange (NSE) faces around 170 million cyberattacks daily, requiring a dedicated team of "cyber warriors" to work around the clock to ensure uninterrupted operations.
The NSE recorded its highest-ever 40 crore (400 million) cyberattacks in a single day during 'Operation Sindoor', designed as a DDoS simulation. However, attackers failed to cause any damage due to the coordinated efforts of men, machines, and advanced technology.
"Every day, millions of cyberattacks take place on the NSE. But our technical teams, their systems and technology combat these attacks round the clock using specialised software," a senior NSE official told PTI.
He said that the number of cyberattacks ranges from 150 million to 170 million daily, making the task for the teams and systems highly challenging.
Technical teams at the twin cyber defence centres remain in constant battle mode, equipped with upgraded software to neutralise and repel large-scale attacks on the financial market infrastructure 24/7, year-round.
"The strong cybersecurity architecture involving tech-savvy personnel, machines and technology makes the NSE's operations safe", the official said.
NSE has implemented strong internal cybersecurity measures for its operations and also runs a Cybersecurity Fundamentals Training Program through the NSE Academy. Trading members are required to undergo regular cybersecurity and cyber-resilience audits, with results submitted to the exchange, according to officials.
The security set-up includes strict protocols governing emails, external data, pen drives, and protection against Distributed Denial of Service (DDoS) attacks. Pop-ups and alerts are instantly generated upon detection of any suspicious activity through these channels, they added.
A DDoS attack overwhelms a server with traffic from multiple sources, making it crash or become unavailable to legitimate users, a serious threat to industries reliant on uninterrupted operations, such as the stock market, they pointed out.
To strengthen protection, NSE mandates Vulnerability Assessment and Penetration Testing (VAPT) for all trading members and staff to ensure the integrity of its systems.
A group of journalists from Jammu and Kashmir visited NSE on Saturday to observe its management facilities, cyber defence centres, and backup setups.
Top officials shared details about an incident during 'Operation Sindoor' -- likely a specific security exercise or period of heightened threat -- when NSE withstood a staggering 40 crore (400 million) cyberattacks in a single day.
In response to the extreme security threat during that period, the NSE took a conscious decision to temporarily restrict access to its website for foreign users as a precautionary measure, officials said.
The NSE leadership noted that not only the exchange's systems but "whatever is connected to us will get affected" in case of a breach, emphasising the ripple effect of digital vulnerabilities across interconnected networks.
Officials added that increasing global interconnectedness and system complexity have made the risk of large-scale cyberattacks more pertinent, posing a significant threat to the stability of financial markets.
They further said that the potential for large-scale cyberattacks on financial market infrastructure at very low cost remains a major global risk.
NSE has a durable, self-activated backup system that can be operated remotely from its Chennai base through a formal digital procedure and mandatory approvals.
"From trading systems to backup setups, the system largely takes care of itself. It can correct faults or errors automatically with minimal human intervention. If any problem arises here, a parallel backup setup in Chennai becomes operational after the necessary processes," an official said, adding that such a scenario has not occurred so far.