Cyber Security Threats

Introduction:

This new digital workforce has pushed most employees to go online, including video conferencing, which has led to privacy issues and phishing attempts, including ransomware attacks.
We can’t stress enough how cyber threats will rise in the coming years. The recent COVID-19 pandemic has opened doors to many cybercriminals to target enterprises to acquire confidential data. Organizations have begun adapting to the recent changes and are allowing employees to work remotely from home. However, this adaptation has allowed cybercriminals to hack employees to reveal confidential information secretly. Many companies have reported that providing security to their remote workforce is becoming a challenge. So, is your company ready to face such a threat?

Types of Cyber Threats:

• Large scale anti-fraud bypass: With the increase in the online transition, criminals are looking for ways to defeat anti-fraud safeguards, they try to replicate real fingerprints with existing ones stolen from someone else’s PC.
• ATM malware: This is an interesting piece of malware, detected in financial institutions in India and is programmed to cash out ATMs.
• Account-centric frauds: This is one of the common types of fraud, these frauds mainly concentrate on stealing and hacking sensitive details such as Account Number, Password, OTP, etc.
• Phishing: Phishing is a method to trick the victim into opening malicious links, leading to an installation of malware which then freezes the system. Phishing is often used to steal user data, including login credentials, etc.
• Identity theft: When a data breach occurs, the data of the customers are sold by cybercriminals to use in order to get credit information without his or their consent to borrow money and conduct purchase violations.
• Threat from employees: Unhappy or dissatisfied employees contribute to the large scale of the risk, by breaching the companies policies and causing security threats to the organizations.
• Ransomware: These ransomware attacks will mainly hit small banks as they lack IT resources, outdated security tech, and protocols on cybersecurity. To protect from this ransomware, banks must adopt protection layers throughout their networks which helps in acting as an obstacle to block malicious software attacks.
• Attack on Unsecured Networks: Remote workers sometimes work over an unsecured network. This becomes another breeding ground for cybercriminals. if they log on to an unsecured network without the need for authentication, they are prone to having their data compromised which may include some very important company information. Cybercriminals can create a bogus network for them to access thus uploading malware, stealing their credentials. An unsecured network is also an invitation to Man-In-The-Middle, a cybercriminal with the ability to come between you and the network and manipulate information according to his/her whims.

Some of the Cyber-attacks in India:

UIDAI Aadhaar Software Hacked

Billion Indian Aadhaar card details were leaked and this is one of the massive data breaches that happened in 2018.UIDAI released the official notification about this data breach and mentioned that around 210 Indian Government websites were hacked. Aadhaar Software Hacked: This data breach included Aadhar, PAN, bank account IFSC codes, and other personal information of the users and anonymous sellers were selling Aadhaar information for Rs. 500 over Whatsapp. Also, one could get an Aadhaar card printout for just Rs.300.

Hacker delivers 180 million Domino’s India pizza orders to dark web

180 million Domino’s India pizza orders are up for sale on the dark web, according to Alon Gal, CTO of cyber intelligence firm Hudson Rock.

Gal found someone asking for 10 bitcoin (roughly $535,000 or ₹4 crore) for 13TB of data that they said included 1 million credit card records and details of 180 million Dominos India pizza orders, topped with customers’ names, phone numbers, and email addresses. Gal shared a screenshot showing that the hacker also claimed to have details of the Domino’s India’s 250 employees, including their Outlook mail archives dating back to 2015.

Jubilant Food Works, the parent company of Domino’s India, told IANS that it had experienced an information security incident, but denied that its customers’ financial information was compromised, as it does not store credit card details. The company website shows that it uses a third-party payment gateway, PayTM.

Cyber-attack on Union Bank of India

Another shocking cyberattack that made everyone alert was done in July 2017. The attack was on one of India’s biggest banks; Union Bank of India.

The attack was initiated when an employee opened an email attachment. This email attachment had a malware code. It allowed the hackers to get inside the bank’s system and steal the bank’s data. The email attachment forged a central bank email.

The employee overlooked the details and trusted the email, which initiated a malware attack and allowed the hackers to get inside the bank’s data and steal Union Bank’s access codes for the Society for Worldwide Interbank Financial Telecommunication (SWIFT). SWIFT is used for international transactions. The hacker used these codes and transferred $170 million to a Union Bank account at Citigroup Inc in New York.

SBI data breach leaks account details of millions of customers

Three million text messages sent to customers divulged, An anonymous security researcher revealed that the country’s largest bank, State Bank of India, left a server unprotected by failing to secure it with a password.

The vulnerability was revealed to originate from ‘SBI Quick’ – a free service that provided customers with their account balance and recent transactions over SMS. Close to three million text messages were sent out to customers.

Police exam database with information on 500,000 candidates goes up for sale

Personally identifiable information of 500,000 Indian police personnel was put up for sale on a database sharing forum. Threat intelligence firm CloudSEK traced the data back to a police exam conducted on 22 December, 2019.

The seller shared a sample of the data dump with the information of 10,000 exam candidates with CloudSEK. The information shared by the company shows that the leaked information contained full names, mobile numbers, email IDs, dates of birth, FIR records and criminal history of the exam candidates.

Further analysis revealed that a majority of the leaked data belonged to candidates from Bihar. The threat-intel firm was also able to confirm the authenticity of the breach by matching mobile numbers with candidates’ names.

This is the second instance of army or police workforce data being leaked online this year. In February, hackers isolated the information of army personnel in Jammu and Kashmir and posted that database on a public website.

COVID-19 test results of Indian patients leaked online

COVID-19 lab test results of thousands of Indian patients have been leaked online by government websites.

What’s particularly worrisome is that the leaked data hasn’t been put up for sale in dark web forums, but is publicly accessible owing to Google indexing COVID-19 lab test reports. First reported by Bleeping Computer, the leaked PDF reports that showed up on Google were hosted on government agencies’ websites that typically use *.gov.in and *.nic.in domains. The agencies in question were found to be located in New Delhi.

The leaked information included patients’ full names, dates of birth, testing dates and centres in which the tests were held. Furthermore, the URL structures indicated that the reports were hosted on the same CMS system that government entities typically use for posting publicly accessible documents.

References:

https://www.mygreatlearning.com/blog/biggest-cyber-security-threats-indian-banking-sector/