Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label India. Show all posts
Terrorism
Banking CERT-In Cybe Security Cyberattack DDoS defacement Digital Finance India Infrastructure Misinformation Pahalgam SocialMedia surveillance Terrorism

India Strengthens Cybersecurity Measures Amid Rising Threats Post-Pahalgam Attack

 

In response to a surge in cyberattacks targeting Indian digital infrastructure following the Pahalgam terror incident, the Indian government has directed financial institutions and critical infrastructure sectors to enhance their cybersecurity protocols. These instructions were issued by the Computer Emergency Response Team (CERT-In), according to a source familiar with the development, Moneycontrol reported.

The precautionary push isn’t limited to government networks — private sector entities are also actively reinforcing their systems against potential cyber threats. “We have been extra alert right from the Pahalgam attack, in terms of ensuring cyber security speedily not just by government agencies but also by the private sector,” the source stated.

CERT-In, India’s central agency for cyber defense, has released advisories to banking institutions and other essential sectors, urging them to tighten their digital safeguards. In addition, the government has engaged with organizations like NASSCOM to facilitate a collaborative cyber alert framework.

Recent attacks primarily involved DDoS, or distributed denial-of-service incidents, which overwhelm servers with excessive traffic, rendering websites inaccessible and potentially causing financial damage. Attempts to deface websites — typically for political messaging — were also reported.

This intensified focus on digital defense follows India’s military action against terrorist hideouts in Pakistan, occurring nearly two weeks after the Pahalgam incident, which resulted in the deaths of Indian tourists in Kashmir.

Moneycontrol previously highlighted that cyber surveillance across India's vital digital infrastructure is being ramped up following the Pahalgam attack and the subsequent Operation Sindoor. Critical sectors and strategic installations are under strict scrutiny to ensure adherence to robust cybersecurity practices.

Amid these developments, misinformation remains a parallel concern. Daily takedown requests under Section 69A of the IT Act have surpassed 1,000, as the government works with social media platforms to curb the spread of fake news, the source noted.
Read more »
Pakistan
Cyber Attacks Cyber Warfare Hacking India Internet Pakistan

Pakistan State-sponsored Hackers Attack Indian Websites, Attempts Blocked

Pakistan State-sponsored Hackers Attack Indian Websites, Attempts Blocked

Pakistan's cyber warfare against India

Recently, Pakistan state-sponsored hacker groups launched multiple failed hacking attempts to hack Indian websites amid continuous cyber offensives against India after the Pahalgam terror attack. These breach attempts were promptly identified and blocked by the Indian cybersecurity agencies. 

In one incident, the hacking group “Cyber Group HOAX1337” and “National Cyber Crew” attacked the websites of the Army Public School in Jammu (a union territory in India), trying to loiter on the site with messages mocking the recent victims of the Pahalgam terror attack.

State-sponsored attacks against Indian websites

In another cyberattack, hackers defaced the website of healthcare services for ex-servicemen, the sites of Indian Air Force veterans and Army Institute of Hotel Management were also attacked. 

Besides Army-related websites, Pakistan-sponsored hackers have repeatedly tried to trespass websites associated with veterans, children, and civilians, officials said.

Additionally, the Maharashtra Cyber Department defected more than 10 lakh cyberattacks on Indian systems by hacking gangs from various countries after the April 22 terror attack on tourists in Pahalgam. 

Rise of targeted cyberattacks against India

A Maharashtra Cyber senior police official said that the state’s police cybercrime detection wing has noticed a sudden rise in digital attacks after the Kashmir terror strike.

Experts suspect these cyber attacks are part of a deliberate campaign to intensify tensions on digital platforms. These attempts are seen as part of Pakistan’s broader hybrid warfare plan, which has a history of using terrorism and information warfare against India. 

Besides Pakistan, cyberattacks have also surfaced from Indonesia, Morocco, and the Middle East. A lot of hacker groups have claimed links to Islamist ideologies, suggesting a coordinated cyber warfare operation, according to the police official. 

Read more »
Threat Intelligence
Crypto Crime Crypto Funds Cyber Crime India ISKP Threat Intelligence

Terror Ourfits Are Using Crypto Funds For Donations in India: TRM Labs

 

Transaction Monitoring (TRM) Labs, a blockchain intelligence firm based in San Francisco and recognised by the World Economic Forum, recently published a report revealing the links between the Islamic State Khorasan Province (ISKP) and ISIS-affiliated fund-collecting networks in India. ISKP, an Afghan terrorist outfit, is reportedly using the cryptocurrency Monero (XMR) to gather funds.

Following the departure of US soldiers from Afghanistan, the ISKP terrorist group garnered significant attention. The "TRM Labs 2025 Crypto Crime Report," published on February 10th, focusses on unlawful cryptocurrency transactions in 2024. According to the reports, illicit transactions have fallen by 24% compared to 2023. 

The "TRM Labs 2025 Crypto Crime Report," published on February 10th, focusses on illicit cryptocurrency transactions in 2024. According to the reports, illicit transactions have fallen by 24% compared to 2023. However, it also emphasises the evolving techniques employed by terrorist organisations. 

TRM Labs' report uncovered on-chain ties between ISKP-affiliated addresses and covert fundraising campaigns in India. The on-chain link is a component of the Chainlink network that runs directly on a blockchain, featuring smart contracts that handle data requests and connect to off-chain oracles. The TRM report states that the ISKP has begun receiving donations in Monero (XMR). 

News reports state that Voice of Khorasan, a periodical created by ISKP's media branch, al-Azaim, announced the commencement of the organization's first donation drive in support of Monero. Since then, Monero's fundraising activities have consistently included requests for donations. 

According to the report, ISKP and other terrorist organisations are favouring Monero more and more because of its blockchain anonymity capabilities. Monero is now worth ₹19,017.77. This powerful privacy tool aids in transaction concealment. However, the report emphasises that terrorist groups will choose more stable cryptocurrencies over Monero money for the foreseeable future due to its volatility and possible crackdowns. 

Furthermore, reliance on cryptocurrency mixers and unidentified wallets has risen. The primary venues for exchanging guidance on best practices and locating providers with the highest security requirements are now online forums. Fake proofs are being used by people to get over Know Your Customer (KYC) rules enforced by exchanges, which makes it challenging for law enforcement to follow the illicit transactions. 

In contrast to Bitcoin and other well-known digital assets, Monero gained attention for its sophisticated privacy features that make transactions trickier to identify. Because of this, they are a tempting option for people who engage in illicit financial activity.
Read more »
User Safety
Banking Security Cyber Security India RBI User Safety

RBI Launches "bank.in" Domain to Combat Digital Banking Scam

 

The Reserve Bank of India (RBI) has made the "bank.in" domain exclusive to all authorised banking institutions in India in an effort to strengthen digital banking security and shield customers from online banking fraud. This effort aims to minimise the rising threat of digital banking fraud by establishing a secure and verified online presence for the banks across the nation.

Due to the surge in online banking transactions, fraudsters have taken advantage of vulnerabilities by impersonating actual banks via phishing attacks, phoney banking websites, and fraudulent email campaigns. The only registrar for this will be the Institute for Development and Research in Banking Technology (IDRBT).

It is expected that domain registration will get underway in April 2025. By implementing an exclusive bank.in domain strategy, the RBI lowers the risk of financial fraud by ensuring that users can quickly recognise and trust legitimate banking websites.

Importance of “bank.in” domain in banking security

The increased use of digital banking has transformed financial transactions in India, providing easy access to banking services. However, this digital transformation has resulted in an increase in cyber threats, with scammers creating fake banking portals to trick users into disclosing sensitive data such as login credentials, OTPs, and banking details. The RBI's special domain for banks called "bank.in" intends to: 

  • Enhance banking fraud prevention by eliminating fake sites that pose as authentic banking portals. 
  • Increase consumer trust and awareness by ensuring that all Indian banks use a single, verifiable domain structure.
  • Strengthen India's digital banking security by creating a centralised domain that is challenging for fraudsters to replicate.

The "bank.in" domain will be reserved solely for RBI-regulated banking institutions, guaranteeing that only reputable financial institutions can use this domain extension. Each bank's official website will be hosted under the bank.in domain, making it easy for consumers to check legitimacy. For example, a major bank like State Bank of India (SBI) may have an official URL such as sbi.bank.in, indicating that the website is trustworthy. 

To facilitate this transition, the RBI is working with financial institutions, cybersecurity professionals, and domain regulatory agencies to ensure a smooth transition to the new domain. Banks will be expected to phase out their current domains and redirect consumers to their new "bank.in" addresses, ensuring a smooth transition and avoiding confusion.
Read more »
WhatsApp
Banking Scams Cyber Crime India WhatsApp

The Rising Problem of Banking Scams in East India

The Rising Problem of Banking Scams in East India

Currently, India is battling with a fake banking applications spoofing genuine institutions to loot credentials and money.

The scale of the campaign is massive, impacting around 900 different malware samples linked to more than 1000 different contact numbers used to commit frauds/scams. Experts from Zimperium found that malware was hiding in apps that imitiate financial institutions worth billion-dollars, aimed to target common man in India. 

The rise of banking scams in East India

Throughout India, majority of the people have been getting WhatsApp messages containing malicious Android Package Kit (APK) files. When downloaded, these malicious files change into  fake apps spoofing one or multiple banks- ICICI Bank, State Bank of India (SBI) and more. 

The apps demand targets to provide their personal financial info- this includes ATM PINs, debit/credit card numbers and PAN card deta- used for different government and financial reasons, for instance, opening a bank account or paying taxes- adhar card. 

Stealing confidential info

To let hackers get access into victims' bank accounts, the malware hacks one-time passwords and resends them either to a threat actor-controlled phone number or C3 servers operating on Firebase. 

Additionally, the malware uses stealth and anti-analysis measures such as "packing," where the malware is hidden, compressed, and encrypted in ways that its almost impossible to notice them. It self installs by exploiting accessibility service, and get all required permissions on users' devices by just poking a user to careless click "Allow" when the malware asks nicely. 

Zimperium chief scientist Nico Chiaraviglio says "since we don't see the app, it's not easy to uninstall it." He adds "you [have to deal with the] higher permissions. So if you want to uninstall the app, the device will say you cannot install it because it's a system app. You basically need to connect the phone to a computer and uninstall it using the Android Debug Bridge (ADB). It's not something that you can do from a regular user's standpoint."

The success behind scams in India

Dark Reading reports "Phone numbers tied to the campaign lovingly named "FatBoyPanel" have tended to concentrate in eastern states: West Bengal (30.2%), Bihar (22.6%), Jharkjand (10%)."

According to experts, two reasons add to the problem- use of outdated phones in India that aren't equipped with latest updates, and the rise of scammers trapping innocent victims.

Read more »
User Privacy
Cyber Fraud India Online Scam TRAI User Privacy

TRAI Calling: Fraudsters Are Now Employing Novel Strategy to Target Mobile Users

 

As the government intensifies efforts to raise awareness about digital arrests and online financial fraud, fraudsters have shifted their strategies to stay ahead. A concerning trend has emerged where these individuals pose as representatives of the Telecom Regulatory Authority of India (TRAI). Exploiting the credibility associated with the regulatory body, they attempt to deceive unsuspecting users.

These fraudsters often initiate contact by mimicking official government alert messages that warn the public about scams. The tone and language of their communication are crafted to appear authoritative and urgent, persuading recipients to trust the information. In many cases, the messages aim to extract sensitive data, such as personal identification numbers, bank account details, or login credentials, under the guise of preventing fraud.

Such scams highlight the need for individuals to remain vigilant and verify the authenticity of any unsolicited messages or calls claiming to be from regulatory authorities. It is essential to cross-check the source of the communication, avoid sharing sensitive information over the phone or through unverified links, and report suspicious activities to the appropriate authorities.

By staying informed and adopting proactive measures, users can protect themselves from becoming victims of these evolving schemes, contributing to a safer digital environment for all.


Read more »
Technology
Cyber Security Digital Infrastructure India NCRF Technology

How India is Gearing Up to Tackle Cyber Threats Together

 


At the Bharat National Cybersecurity Exercise (Bharat NCX) 2024, experts highlighted the urgent need for collaboration, training, and technological innovation to protect India's expanding digital infrastructure from rising cyber threats. 

India, one of the most connected countries globally, faces increasing cybersecurity challenges as over 1.4 billion people access the internet. Colonel Nidhish Bhatnagar, Chief Mentor at the School of Information Technology, Artificial Intelligence & Cybersecurity, noted that this rapid digital growth has placed India among the top 10 cyber-resilient nations. Critical infrastructure such as power grids, healthcare, and financial networks now benefit from national-level security measures aimed at preventing large-scale disruptions.  

Training and Innovation: Key to Cyber Defense 

Dr. Jatin Patel, Director of Rashtriya Raksha University, emphasized the importance of simulation-based training exercises to prepare professionals in sectors like energy and healthcare for real-world cyberattacks. "Informed decision-making is crucial to safeguard India's critical infrastructure from targeted attacks," Patel explained. 

Key initiatives launched at the event include: 

1. National Cybersecurity Reference Framework (NCRF) – A standardized guideline for industries to adopt best practices in securing critical systems. 

2. National Cyber Range 1.0 (NCR-1.0) – India’s first indigenous cyber range designed to simulate sophisticated attacks and train cybersecurity professionals. 

Lt. Gen. M.U. Nair (Retd.), National Cyber Security Coordinator, stressed the importance of cross-sector collaboration, while Deputy National Security Advisor T.V. Ravichandran underscored the role of emerging technologies like AI, machine learning, and blockchain in building proactive cybersecurity frameworks. 

“Our goal is to embed cybersecurity into every aspect of critical infrastructure,” Ravichandran said, emphasizing the importance of being proactive rather than reactive in mitigating risks. 

A Vision for a Secure Digital Future 

Bharat NCX 2024 showcased India's commitment to cybersecurity innovation. With initiatives like NCRF, NCR-1.0, and a thriving startup ecosystem, India is well-positioned to tackle evolving cyber challenges. By fostering continuous collaboration, training, and technological adaptation, the nation aims to lead in global cybersecurity resilience, ensuring a secure digital future for all its citizens.

Read more »
Scam
Cyber Awareness Cyber Crime Digital Arrest India Internet Scam

Digital Arrest: How Even The Educated Become Victims

Digital Arrest: How Even The Educated Become Victims

One of the most alarming trends in recent times is the surge in digital arrest scams, particularly in India. These scams involve cybercriminals impersonating law enforcement officials to extort money from unsuspecting victims. 

Cybersecurity threats are rapidly escalating in India, with digital arrest scams becoming a major issue. Even well-educated individuals are falling victim to these sophisticated schemes. 

Digital Arrest: A Scam

The concept of a digital arrest does not exist in law. These scams involve cybercriminals masquerading as law enforcement officials or government agencies like the State Police, CBI, Enforcement Directorate, and Narcotics Bureau. 

These scams often leverage official-sounding language and sometimes even use fake police or court documents to appear legitimate. Scammers sometimes use deepfake technology to create convincing video calls, making it even harder for victims to distinguish between a real and a fraudulent interaction.

Scammers may also send fake arrest warrants, legal notices, or official-looking documents via email or messaging apps. They accuse victims of severe crimes like money laundering, drug trafficking, or cybercrime. 

Common claims include: "a phone number linked to your Aadhaar number is involved in sending abusive messages or making threatening calls," "a consignment with drugs addressed to you has been intercepted," or "your son has been found engaged in nefarious activity." They may even fabricate evidence to make their accusations more credible.

The Problem in India

India has seen a significant rise in digital arrest scams, affecting individuals across different strata of society. The problem is exacerbated by the fact that many people are unaware of the nuances of cybercrime and can easily fall prey to such tactics. 

Factors contributing to the rise of these scams in India include:

  1. Increased Internet Penetration: With more people accessing the Internet, especially on mobile devices, the pool of potential victims has expanded significantly.
  2. Lack of Cyber Awareness: Despite the growth in internet usage, there is a significant gap in cyber awareness and education. Many individuals are not equipped with the knowledge to identify and respond to such scams.
  3. The sophistication of Scammers: Cybercriminals are becoming increasingly sophisticated, using advanced technologies and psychological tactics to manipulate victims.

The impact of digital arrest scams on victims can be severe. Apart from financial loss, victims often experience psychological distress and a loss of trust in digital platforms. Educated individuals, who might otherwise be cautious, can also fall victim to these scams, as the fear of legal repercussions can cloud judgment.

Read more »
Security
AI Business Cyber Security India Mallox RansomHub Ransomware Security

India Faces Rising Ransomware Threat Amid Digital Growth

 


India, with rapid digital growth and reliance on technology, is in the hit list of cybercriminals. As one of the world's biggest economies, the country poses a distinct digital threat that cyber-crooks might exploit due to security holes in businesses, institutions, and personal users.

India recently saw a 51 percent surge in ransomware attacks in 2023 according to the Indian Computer Emergency Response Team, or CERT-In. Small and medium-sized businesses have been an especially vulnerable target, with more than 300 small banks being forced to close briefly in July after falling prey to a ransomware attack. For millions of Indians using digital banking for daily purchases and payments, such glitches underscore the need for further improvement in cybersecurity measures. A report from Kaspersky shows that 53% of SMBs operating in India have experienced the incidents of ransomware up till now this year, with more than 559 million cases being reported over just two months, starting from April and May this year.

Cyber Thugs are not only locking computers in businesses but extending attacks to individuals, even if it is personal electronic gadgets, stealing sensitive and highly confidential information. A well-organised group of attacks in the wave includes Mallox, RansomHub, LockBit, Kill Security, and ARCrypter. Such entities take advantage of Indian infrastructure weaknesses and focus on ransomware-as-a-service platforms that support Microsoft SQL databases. Recovery costs for affected organisations usually exceeded ₹11 crore and averaged ₹40 crore per incident in India, according to estimates for 2023. The financial sector, in particular the National Payment Corporation of India (NPCI), has been attacked very dearly, and it is crystal clear that there is an imperative need to strengthen the digital financial framework of India.

Cyber Defence Through AI

Indian organisations are now employing AI to fortify their digital defence. AI-based tools process enormous data in real time and report anomalies much more speedily than any manual system. From financial to healthcare sectors, high-security risks make AI become more integral in cybersecurity strategies in the sector. Lenovo's recent AI-enabled security initiatives exemplify how the technology has become mainstream with 71% of retailers in India adopting or planning to adopt AI-powered security.

As India pushes forward on its digital agenda, the threat of ransomware cannot be taken lightly. It will require intimate collaboration between government and private entities, investment in education in AI and cybersecurity, as well as creating safer environments for digital existence. For this, the government Cyber Commando initiative promises forward movement, but collective endeavours will be crucial to safeguarding India's burgeoning digital economy.


Read more »
Software
AI Cloud Computing Cyber Attacks Digital threats Financial Sector Healthcare India RBI Software

Cyberattacks Skyrocket in India, Are We Ready for the Digital Danger Ahead?


 

India is experiencing a rise in cyberattacks, particularly targeting its key sectors such as finance, government, manufacturing, and healthcare. This increase has prompted the Reserve Bank of India (RBI) to urge banks and financial institutions to strengthen their cybersecurity measures.

As India continues to digitise its infrastructure, it has become more vulnerable to cyberattacks. Earlier this year, hackers stole and leaked 7.5 million records from boAt, a leading Indian company that makes wireless audio and wearable devices. This is just one example of how cybercriminals are targeting Indian businesses and institutions.

The RBI has expressed concern about the growing risks in the financial sector due to rapid digitization. In 2023 alone, India’s national cybersecurity team, CERT-In, handled about 16 million cyber incidents, a massive increase from just 53,000 incidents in 2017. Most banks and non-banking financial companies (NBFCs) now see cybersecurity as a major challenge as they move towards digital technology. The RBI’s report highlights that the speed at which information and rumours can spread digitally could threaten financial stability. Cybercriminals are increasingly focusing on financial institutions rather than individual customers.

The public sector, including government agencies, has also seen a dramatic rise in cyberattacks. Many organisations report that these attacks have increased by at least 50%. Earlier this year, a hacking group targeted government agencies and energy companies using a type of malware known as HackBrowserData. Additionally, countries like Pakistan and China have been intensifying their cyberattacks on Indian organisations, with operations like the recent Cosmic Leopard campaign.

According to a report by Cloudflare, 83% of organisations in India experienced at least one cybersecurity incident in the last year, placing India among the top countries in Asia facing such threats. Globally, India is the fifth most breached nation, bringing attention  to the bigger picture which screams for stronger cybersecurity measures.

Indian companies are most worried about threats related to cloud computing, connected devices, and software vulnerabilities. The adoption of new technologies like artificial intelligence (AI) and cloud computing, combined with the shift to remote work, has accelerated digital transformation, but it also increases the need for stronger security measures.

Manu Dwivedi, a cybersecurity expert from PwC India, points out that AI-powered phishing and sophisticated social engineering techniques have made ransomware a top concern for organisations. As more companies use cloud services and open-source software, the risk of cyberattacks grows. Dwivedi also stresses the importance of protecting against insider threats, which requires a mix of strategy, culture, training, and governance.

AI is playing a growing role in both defending against and enabling cyberattacks. While AI has the potential to improve security, it also introduces new risks. Cybercriminals are beginning to use AI to create more advanced malware that can avoid detection. Dwivedi warns that as AI continues to evolve, it may become harder to track how these tools are being misused by attackers.

Partha Gopalakrishnan, founder of PG Advisors, emphasises the need for India to update its cybersecurity laws. The current law, the Information Technology Act of 2000, is outdated and does not fully address today’s digital threats. Gopalakrishnan also stressed upon the growing demand for AI skills in India, suggesting that businesses should focus on training in both AI and cybersecurity to close the skills gap. He warns that as AI becomes more accessible, it could empower a wider range of people to carry out sophisticated cyberattacks.

India’s digital growth presents great opportunities, but it also comes with strenuous challenges. It’s crucial for Indian businesses and government agencies to develop comprehensive cybersecurity strategies and stay vigilant.


Read more »
Technology Threats
Chinese App Ban Cyberspace India Social Media threats Technology Technology Threats

MCA to Strike Off 400 Chinese Companies for Fraud in India

 

The Ministry of Corporate Affairs (MCA) is preparing to strike off as many as 400 Chinese companies operating in India due to severe financial irregularities and incorporation-related fraud. These companies, which primarily deal in online loans and job services, are spread across 17 states, including key areas such as Delhi, Mumbai, Chennai, Bengaluru, Uttar Pradesh, and Andhra Pradesh. According to a report by Moneycontrol, which cited an anonymous government official, the action is expected to be completed within the next three months. 

The MCA has been investigating nearly 600 Chinese companies, focusing on those involved in digital lending and online job platforms. The official stated that the investigation phase has concluded, revealing that 300 to 400 of these companies are likely to be struck off the register. 

The primary reasons for this drastic action include predatory lending practices, financial fraud, and violations of India’s financial regulations. These Chinese companies have come under scrutiny for a variety of reasons. Many of them have been accused of engaging in aggressive tactics to recover loans, imposing exorbitant interest rates on borrowers, and resorting to harassment. 

Additionally, several companies have been found to have Indian directors but operate with Chinese bank accounts, with no recorded financial transactions in India. This has raised suspicions of money laundering and other financial crimes. Furthermore, some companies were not found at their registered office addresses, while others were discovered to be investing in businesses unrelated to their stated purpose, further indicating potential financial fraud. 

Under Section 248 of the Companies Act, the process of striking off a company from the register takes approximately three months. The MCA first issues a notice to the company, allowing time for a response. If the company fails to respond, a second notice is sent after one month. Should there be no reply even then, the company is removed from the register.  

This sweeping action by the MCA underscores the Indian government’s ongoing efforts to regulate the digital lending space and ensure financial transparency, particularly in light of the growing concerns around the proliferation of predatory lending apps in the country.
Read more »
Technology
CERT-In Cyber Fraud Cyber space India Technology

India Cybersecurity: Key Government Initiatives for Cybersecurity

India Cybersecurity: Key Government Initiatives for Cybersecurity

Indian Government to Enforce Robust Cybersecurity Measures

The Indian Government has done it again, reinforcing its main strategies to improve cyber defenses and protect its citizens in the digital space.

In April 2024, the Indian government released a report claiming India had a record 936.16 million internet subscriptions by December 2023, changing India into one of the largest connected nations globally. 

The Indians are now 'Digital Nagriks,' integrating the internet into their daily routine, using it for vital needs like education, financial activities, business transactions, and accessing government services.

The government has recognized the need for a safe digital space, therefore implementing strong policies. These measures are aimed at protecting against the growing threat of cyber attacks.

What is CERT-IN: Backbone of India's Cybersecurity

The Indian Computer Emergency Response Team (CERT-IN) is a national agency for incident response that plays an important role in protecting India's cyber landscape. Working 24x7, CERT-IN ensures quick responses to cybersecurity incidents.

CERT-IN's Fight Against Cybercrime

CERT-IN partners with Law Enforcement Agencies (LEAs), regulators, and service providers to track and bust phishing websites and investigate fraud activities. According to Cyber Express:
  • CERT-In releases advice to ministries outlining steps to improve cyber security for organizations that handle digital personal data and susceptible information.
  • CERT-In publishes advice through the Reserve Bank of India, the country's central bank, regarding audits and the adoption of security policies by firms issuing prepaid payment instruments.
  • CERT-In runs an automated cyber threat exchange platform that distributes targeted notifications across sectors.
  • CERT-In manages the Cyber Swachhta Kendra, which detects and removes dangerous applications and offers security advice.
  • The platform has developed a Cyber Crisis Management Plan to combat cyberattacks in government and essential sectors.
  • CERT-In conducts cybersecurity simulated drills to assess organizational readiness; 92 drills were conducted with involvement from a variety of sectors.

India's Measure Towards Cybersecurity Awareness

Cyber Crime Coordination Centre

The Centre works towards enhancing the coordinated response of LEAs to cybercrimes. The initiative aims to offer a robust framework for addressing digital threats. Currently, the National Cyber Crime Reporting Portal has been launched, allowing the public to directly report cybercrimes.

Citizen Financial Cyber Fraud Reporting and Management System

The program allows immediate reporting of financial fraud and avoids siphoning of funds by scammers. A toll-free helpline number '1930,' is set up to help in registering online cyber complaints, allowing swift response and assistance for victims of cyber fraud.

Read more »
NTA
Cyber Crime cyber threat Darknet Exam Scam India NTA

NTA Faces Exam Security Crisis Amid Darknet Threats

 

The National Testing Agency (NTA) in India is in the midst of a serious crisis, with its staff worried about the safety of any exam due to claims that the NTA's website was hacked. 

Following the cancellation of the UGC-NET due to claimed cyberthreats, an NTA officer has come forward, suggesting further risks to examinations.

According to the local media outlet, a senior NTA official stated that the testing organization's IT and administrative staff are concerned that re-conducting the examinations will be impossible owing to "terrorist organisations" getting into the NTA's security systems via the dark web to expose the chinks this year. 

Earlier this week, the Bihar Police asked for data about six candidates, including their roll numbers. Two of the roll numbers do not exist, and the names of the remaining two candidates do not match. There are other discrepancies, including the timing of the seizures, which took place after the exam, when all of the question papers had already been made public, the official added.

He also stated that simply looking at exam models would not be sufficient, saying that the computer-based ITEP exam had to be cancelled since each file of the examination was 5 GB and had to be downloaded at the allocated centres, and that some applicants received false question papers. 

What's happened so far?

Earlier, the NTA published a statement, claiming that the NTA website and all of its other web portals are completely secure and that accusations of hacking were false and misleading. The clarification comes amid a debate over suspected irregularities in exams such as NEET-UG and UGC-NET.

The investigation into the irregularities in the medical entrance exam NEET-UG has also been handed over to CBI, followed by the assigning of the India Trade Promotion Organisation (ITPO) Chairman and Managing Director Pradeep Singh Kharola as the additional charge of the NTA.

A high-level seven-member team, led by a former ISRO chairman Dr K Radhakrishnan, has been constituted to investigate the functioning and fair conduct of exams by the NTA, and will give its report in two months, the Centre revealed on June 22.
Read more »
Police Scam
Banking fraud Cyber Crime Fake Arrest India Police Scam

How Fear Tactics Led to a Pune Woman’s Financial Ruin: Insights into Cyber Fraud

How Fear Tactics Led to a Pune Woman’s Financial Ruin: Insights into Cyber Fraud

A 67-year-old Pune woman lost Rs 1.6 crore of her life savings to cyber crooks after receiving a call claiming that her phone number was used to send vulgar texts and that Mumbai police had arrested her.

She was issued an arrest order under the guise of a 'national security danger' and a 'Supreme Court case', and she was informed that disclosing her ordeal would result in the arrest of her children and seizure of their assets.

The deceptive call

The 67-year-old woman from Kothrud filed a First Information Report in the case at Pune's Cyber Crime Police Station earlier this week. In the first week of May, she received a call from a man posing as a Tilak Nagar police officer in Mumbai. While the individual presented himself as a sub-inspector, he used the identity of an IPS officer now stationed in Pune.

He informed her that vulgar messages had been sent from her phone number and requested her personal, financial, and Aadhar information for further clarity. He then stated that a 'FIR' had been registered in the 'Supreme Court' and that the charges included money laundering. The man said a CBI officer would call her and help.

The ‘fake’ CBI officer

The next day, she received a video call from a man pretending as a 'CBI officer' and providing the name of another working IPS officer. The officer informed her that to ensure that the money in her account was real and not used for money laundering, all funds from her account would have to be transferred to 'beneficiary accounts owned by the Reserve Bank of India.'

The officer informed her that the case against her was classified as 'national secrets' and that the account had been used to commit major crimes. Fearing legal repercussions, the victim made substantial transactions of Rs one crore and Rs 29 lakh from two separate accounts.

Coercion and surveillance: Imposing fear

During these transfers, the complainant was forced to remain on messenger calls, alleging she was under observation. The 'CBI official' informed her that if she shared the case with anyone in the family, her children would be detained and their possessions seized by the government. She was also instructed to make remittances of Rs 50 lakh to the 'Supreme Court.' The woman transferred more than Rs 30 lakh.

The aftermath

As the internet thieves increased their demands, the mother eventually confided in her daughter, who informed her that she had been duped by cybercriminals. She filed a complaint with the Cyber Crime Portal, and the case was then referred to the Cyber Crime Police Station in Pune City.

According to an officer from the Cybercrime Police Station, the crime's modus operandi is the same as that of drugs in parcel scams, but the grounds for threatening the victim differ. In a similar case recorded at Wakad police station in Pimpri Chinchwad, a software engineer in his 40s was duped of Rs 40 lakh after he was told that his number was being 'used to mistreat a woman' and threatened action under "national secret rule."

In these types of schemes, fraudsters mimic IPS personnel to defraud people. They pressure victims into transferring money for a variety of reasons, including customs taxes or legal expenses, as well as by saying that their bank accounts are under threat from hackers. Callers frequently threaten victims, stating they are under monitoring by the government.

Read more »
Telegram
APT Group Cyber Attacks Hactivist Group India Ransomware Telegram

Ransomware Attacks on the Rise! Nearly 2900 Assaults Reported in the First Quarter of 2024

 

The increasing frequency of ransomware attacks is a significant challenge, as seen by the recent rise in APT groups with ties to Pakistan before the Indian elections and the disruption of significant Ransomware-as-a-Service (RaaS) operations.

The Seqrite report states that initial access brokers are selling more access to Indian entities (corporate and government) in the underground forums. This led to over 2900 disruptive actions in the first quarter of 2024 by over 85 Telegram hacktivist groups, including DDoS, website defacement, and database dumps. According to the report, there is one ransomware attack for every 650 detections. 

The most recent findings paint a picture of increasing threats, with sophisticated attacks targeting governments, organisations, and individuals alike. 

The report also highlighted a recent spike in cyberattacks by Pakistan-linked APT groups such as SideCopy and APT36 (Transparent Tribe) targeting not only the Indian government and military bodies, which is especially concerning given the ongoing elections, but also new spear-phishing campaigns such as Operation RusticWeb and FlightNight. 

Another crimeware report by Arete discloses that during Q1, law enforcement continued to put pressure on large Ransomware-as-a-Service (RaaS) companies, significantly impacting LockBit activities. While LockBit and ALPHV's combined activity no longer accounts for the majority of ransomware engagements, Arete saw a much broader and more evenly spread threat landscape, with activity from groups such as 8Base, BianLian, Black Basta, Cactus, DragonForce, Hunters International, HsHarada, Medusa, Phobos, Rhysida, and Trigona.

Furthermore, the trend of fewer organisations paying ransoms persisted, with a ransom paid in 34% of Arete engagements in the first quarter of 2024. Another recent report, Cybernomics 101 by Barracuda, found that 71% of respondents had suffered a ransomware assault in the previous year, with 61% paying the ransom. 

Prevention tips

The researchers believe that backing up critical data is the most effective strategy to recover from a ransomware infestation. There are a few things to consider. Backup files should be appropriately safeguarded and stored offline or out-of-band so that attackers cannot target them. Using cloud services may help alleviate a ransomware outbreak because many retain prior copies of files, allowing you to restore to an unencrypted version. Make careful to test backups on a regular basis to ensure their effectiveness. In the case of an attack, ensure that your backups are not compromised before rolling back. 

Additionally, ensure that all of the organization's operating systems, apps, and software are frequently updated. Applying the most recent updates will help close the security gaps that attackers are attempting to exploit. Wherever possible, enable auto-updates so that you always have the most recent security upgrades.
Read more »
Telecom Sector
Cyber Fraud cybercriminals DoT Fake Calls Fraud Calls Identity Fraud India Indian Government Spoofing Telecom Sector

Combatting International Spoofed Calls: India's New Measures to Protect Citizens

 

In recent times, fraudsters have increasingly used international spoofed calls displaying Indian mobile numbers to commit cybercrime and financial fraud. These calls, which appear to originate within India, are actually made by criminals abroad who manipulate the calling line identity (CLI). 

Such spoofed calls have been used in various scams, including fake digital arrests, FedEx frauds, narcotics in courier schemes, and impersonation of government and police officials. To combat this growing threat, the Department of Telecommunications (DoT) and Telecom Service Providers (TSPs) in India have developed a system to identify and block incoming international spoofed calls. 

This initiative aims to prevent such calls from reaching any Indian telecom subscriber. The Ministry of Communications announced that TSPs have been directed to block these calls and are already taking steps to prevent calls with spoofed Indian landline numbers. In addition to this, the DoT has launched the Sanchar Saathi portal, a citizen-centric platform designed to enhance user safety and security amid the rising threat of fraud and international call scams. This portal includes a feature called "Chakshu," which allows individuals to report suspicious calls and messages. 

Chakshu simplifies the process of flagging fraudulent communications, providing an extra layer of protection against cybercriminals. Chakshu serves as a backend repository for citizen-initiated requests on the Sanchar Saathi platform, facilitating real-time intelligence sharing among various stakeholders. The platform also provides information on cases where telecom resources have been misused, helping to coordinate actions among stakeholders. 

Union Minister Ashwini Vaishnaw has highlighted additional measures, including creating a grievance redressal platform for reporting unintended disconnections and a mechanism for returning money frozen due to fraud. These efforts aim to address the concerns of citizens who may have been inadvertently affected by the anti-fraud measures. Since its launch in May last year, the Sanchar Saathi portal has been instrumental in enhancing the security of telecom users. It has helped track or block over 700,000 lost mobile phones and detect more than 6.7 million suspicious communication attempts. 

These efforts underscore the government's commitment to safeguarding citizens from cyber threats and ensuring the integrity of telecom services. The DoT and TSPs' proactive measures, along with the Sanchar Saathi portal, represent significant steps towards protecting Indian citizens from international spoofed calls and other forms of cybercrime. By leveraging advanced technology and fostering collaboration among stakeholders, these initiatives aim to create a safer digital environment for all.
Read more »
Threat Landscape
Cyber Crime Financial Fraud India Indian Banks MHA Threat Landscape

Indian Banks Mull New Move for Faster Freezing of Scammers’ Accounts

 

Indian banks have proposed integrating their systems with the National Cybercrime Reporting Portal (NCRP), a division of the ministry of home affairs, which could enable a quicker freeze on fraudulent accounts in the wake of a cyberattack. 

This is intended to prevent those who commit cybercrimes and phishing attacks from swiftly transferring funds from a target's bank account to accounts with various banks before it is withdrawn or spent. This is a tactic employed by voice phishers and cyber shysters to make it more difficult for banks and law enforcement to recover the funds. 

“Banks, in consultation with cybercrime experts, have recommended API integration with the NCRP to reduce the average response time and quick updation of cases. So, the idea is to mark a lien and freeze a bank account automatically without manual intervention,” noted a banker. “An industry sub-group has suggested this to I4C,” said the person. 

I4C, or the Indian Cybercrime Coordination Centre, is an MHA programme that focuses on combating cybercrime and enhancing coordination between law enforcement agencies (LEAs) and institutions such as banks. NCRP is a vertical under I4C.

API, or 'application programming interface', enables two applications or systems to interact with one another without the need for human intervention. If there is an API between a system with specific data and another system that requires reporting, the two can communicate without the need for manual data entry. In the event of a cybercrime, such as a hacked internet banking account, API integration would allow for the quick transmission of fraud information to a central system or other banks. 

“Typically, money from the account where the fraud happens is moved to accounts with several banks. There is a far better chance of retrieving the amount if the information is available with the entire industry instantaneously. The time spent by Bank A awaiting an instruction from a LEA, then sending emails to bank B, C and D, or calling them up, to request a lien on the accounts where funds have gone, can be saved,” noted another banker.

The group has also advised that data on accounts identified as lien and freeze be made available to banks on a regular basis so that they can reconcile their records. 

In this respect, it has been observed that I4C may share a broad standard operating procedure directing banks to place bank accounts on hold, freeze or de-freeze them, and release funds to victims' bank accounts in cases reported to NCRP. Furthermore, it is believed that the nodal organisation should establish guidelines for communicating 'negative account or KYC details' so that accounts are not opened with the same demographics or KYC details as other banks.
Read more »
Ransomware
2024 cyber crimes Cyber Crime cyber threat Cyber-attacks in India India Kaspersky Ransomware

India's Businesses Under Huge Cyber Threats, Kaspersky Reported

Indian businesses are being warned about the looming threat of ransomware attacks by cybersecurity experts. These attacks not only jeopardize company data but also pose a serious risk to user information. To address this urgent issue, experts stress the importance of promptly implementing advanced threat intelligence and industrial cybersecurity solutions. 

Kaspersky, a prominent cybersecurity firm, sheds light on the severity of the situation through their research findings. They indicate that ransomware attacks expected in 2024 could result in significant financial losses similar to those experienced in 2023. This underscores the vulnerability of both IT and operational systems within Indian companies, urging them to take proactive steps to defend against potential cyber threats. 

India's vast user base and thriving enterprises have become prime targets for cybercriminals, as per insights from Kaspersky. The cybersecurity firm reveals that India consistently ranks among the top 12 targeted countries and territories for Advanced Persistent Threats (APTs) globally. 

Kaspersky's data underscores ransomware as the predominant cyber threat in 2024. The company points out that the increasing adoption of digital platforms within Indian organizations has stretched the local ICT supply chain, exposing visible vulnerabilities that attract cyberattacks. 

According to Kaspersky, following are Current Challenges Faced by Organizations in India: 

Escalation of Cyberthreats: The advent of the digital age has exposed organizations to heightened vulnerabilities, underscoring the critical importance of cybersecurity. India grapples with a wide array of cyber threats, spanning from financial fraud and data breaches to sophisticated cyber espionage campaigns. 

Varied Attack Methods: Given its expansive population, India serves as a fertile ground for cybercriminals who employ diverse tactics such as phishing, ransomware, and social engineering to infiltrate systems and networks. 

Sector-Specific Targets: Certain sectors, including financial institutions, e-commerce platforms, and government entities, find themselves particularly susceptible to cyberattacks due to the sensitive nature of the data they handle. 

Surge in Ransomware Attacks: The proliferation of ransomware incidents has witnessed a dramatic surge, resulting in significant disruptions to businesses that endure downtime ranging from several days to weeks. 

Furthermore, according to Kaspersky's report, more than 200,000 ransomware incidents were identified by their solutions in India during 2023. Notable ransomware groups such as Fonix and LockBit have actively targeted Indian organizations spanning various sectors including manufacturing, retail, agriculture, media, and healthcare. 

Additionally, findings from a CISCO study reveal a significant impact of cyber attacks on Indian startup businesses and SMBs. Approximately 62% of these entities have incurred costs amounting to ₹3.5 crore (equivalent to over US$430,000). Interestingly, the financial damages resulting from these cyber attacks surpass the investment required for implementing solutions aimed at mitigating such threats.
Read more »
Technology
AI AI-generated misinformation Deepfake Technology Goverment of India India Technology

Indian Government Warns Social Media Platforms Over Deepfake Misinformation

In a strong statement directed at social media platforms, the government of India has emphasized the critical need for swift identification and removal of misinformation, including deepfakes, or risk facing legal consequences. This warning follows a deepfake scandal involving the esteemed Indian actor Akshay Kumar. 

The controversy erupted after a digitally manipulated video, allegedly portraying Kumar endorsing a gaming application, surfaced online. Despite the actor's explicit denial of any involvement in such promotions, the video circulated widely across social media platforms, fueling concerns over the spread of fabricated content. 

The government's stance underscores the growing threat posed by deepfakes, which are increasingly being used to spread false information and manipulate public opinion. With the rise of sophisticated digital manipulation techniques, authorities are urging social media companies to implement robust measures to combat the dissemination of deceptive content. 

Following the cases of deepfake technology, the Rajya Sabha, Minister of State for Electronics and Information Technology Rajeev Chandrasekhar, talked about how fake news and deepfake videos, which use fancy technology, are causing big problems. 

He reminded everyone about the rules that say social media companies have to quickly remove this fake stuff. If they do not, they can get in big trouble, even facing legal action. The government wants these companies to take responsibility and keep the internet safe and trustworthy. 

Further Minister added under the IT Rules, 2021, “they (intermediaries) lose their safe harbour protection under section 79 of the IT Act and shall be liable for consequential action or prosecution as provided under any law for the time being in force including the IT Act and the Indian Penal Code, including section 469 of the IPC”. 

Additionally, several months ago, deepfake videos featuring other famous Indian celebrities went viral on social media. In response, the Government of India issued an advisory to top social media platforms, stating that they must remove such content within 24 hours or face consequences under the provisions of the IT Rules. 

The advisory highlighted that Section 66D of the IT Act, 2000, prescribes punishment— including imprisonment for up to 3 years and a fine of up to Rs 1 lakh (1,205 US Dollars)—for individuals found guilty of cheating by impersonation through the use of computer resources. 

Let's Understand Deepfake AI Technolgy

Deepfake, a form of artificial intelligence (AI), has emerged as a potent tool capable of creating convincing hoax images, sounds, and videos. Combining the concepts of deep learning and fakery, the term "deepfake" embodies the manipulation of digital content with sophisticated algorithms. 

Utilizing machine learning algorithms, deepfake technology compiles fabricated images and sounds, seamlessly stitching them together to create realistic scenarios and individuals that never existed or events that never took place. 

However, the widespread use of deepfake technology is often associated with malicious intent. Nefarious actors harness this technology to propagate false information and propaganda, manipulating public perception with deceptive content. 

For instance, deepfake videos may depict world leaders or celebrities making statements they never uttered, a phenomenon commonly known as "fake news," which has the power to sway public opinion and disrupt societal trust. 

Recent Deepfake Incidents Shake Global Landscape 

In Pakistan, reports have surfaced of deepfake content being utilized to influence the outcome of the Prime Minister election. 

Meanwhile, in Hong Kong, a finance worker fell victim to a sophisticated deepfake scam, resulting in the fraudulent transfer of $25 million after fraudsters impersonated a company executive during a video conference call. 

Additionally, Iran-backed hackers disrupted streaming services in the UAE by disseminating deepfake news, underscoring the potential for such technology to be weaponized for cyber warfare.
Read more »
Threats of Technology
Data Breach Data Theft India Information Security Threats of Technology

Unprecedented Data Breach Exposes Personal Information of Millions in India

Described as the biggest data breach ever, a big security mistake has apparently leaked the personal info of millions of people around the world. CloudSEK, an Indian cybersecurity company, brought attention to the breach, exposing extensive sensitive data, including names, mobile numbers, addresses, and unique 12-digit Aadhaar card numbers. Surprisingly, two groups involved in cybercrime, including CYBO CREW-affiliated CyboDevil and UNIT8200, are selling the data for $3,000. 

CYBOCREW is a relatively new threat group that was initially identified in July 2023. This group has been focusing on organizations in various sectors like automobile, jewellery, insurance, and apparel, carrying out significant breaches. Among its most active affiliates are CyboDevil and UNIT8200. 

Reportedly in the recent attack 750 million Indians have been hit, constituting around 85% of the country's 1.4 billion population, this disclosure raises serious concerns regarding the security and privacy of personal information, marking a critical incident in the cybersecurity domain. 

The breach's severity is magnified by the revelation of Aadhaar card numbers, a crucial identification document in India. The leaked data encompasses details frequently used for identity verification and authentication, leaving affected individuals susceptible to various forms of exploitation, including identity theft and fraud. 

The repercussions of this breach extend to mobile network subscribers in multiple countries, amplifying concerns about privacy and data security. According to CloudSEK researchers, the compromised database contains sensitive security information and has been compressed from 1.8TB to 600GB. 
In their analysis of the extensive personally identifiable information (PII) within the database, CloudSEK identified the global impact on major telecom providers. 

Despite the widespread implications, users in India face heightened risks due to the exposure of their unique Aadhaar identification numbers. This increased vulnerability raises concerns about potential identity theft, financial fraud, and a greater susceptibility to cybercrime for those affected. 

The situation emphasizes the urgent need to address and mitigate risks associated with such breaches to protect personal information and thwart malicious activities. The database is up for sale on Telegram and Breach Forums, which are well-known places for hackers and cybercrime activities. 

Interestingly, this forum recently had another person threatening to release a database from Hathway, which had information from 4 million users. According to CloudSEK, the person selling the data denies being part of the data breach and says they got it through law enforcement channels and undisclosed asset work. However, the source of the data still needs to be clarified.
Read more »
Subscribe to: Posts (Atom)