Banking trojan Cerberus, the new headache for cyber security officials

cybersecurityNew Delhi, May 20: The Central Bureau of Investigation has issued a nationwide alert on the banking trojan Cerberus. The CBI said that this tricks the smartphone users into downloading a malicious link relating to COVID-19.

The advisory was issued by the CBI, following an input from the Interpol. The trojan presents itself as an update related to COVID-19. The trojan primarily focuses on stealing financial data such as credit card numbers. It can use overlay attacks to trick victims into providing personal information and can capture two-factor authentication details, the agency also said.

Read more

India’s cyber security challenge: It is time to protect the great firewall

cybersecurityConsidering how large cyber security threat is, there is a dire need to show urgency and tackle the problem and counter such threats

The threats today are contemporary and new. The marriage between the internet and crime and terror has led to various security agencies stating that the future would be all about fighting cybercrime.

The latest WhatsApp breach is a clear indicator of how serious the threat is. Several persons were targeted for surveillance, using Israeli spyware Pegasus via WhatsApp. The government has demanded strict action and even sought an explanation from WhatsApp. Although WhatsApp stated that it had warned India about the same, the agencies said that it was vague.

Read more

How Chennai’s BOSS is protecting Indian Army against espionage

army-modernBOSS or Bharat Operating System Solutions will now guard the Indian Army’s communication and information networks. The new software was developed after Prime Minister Narendra Modi pushed for enhancing cyber security.

The Indian Army is currently testing the software which will guard against espionage. Currently the Northern Command has been evaluating BOSS at its headquarters. This would replace the foreign solutions and provide more security.

The software has been developed by the CDAC Chennai and the new software is extremely crucial for the Indian Army.

Read more

Cochin, Trivandrum airport websites hacked by Kashmir Cheetah, restored

hasck-28-1482894742Thiruvananthapuram, Dec 28: The websites of the Cochin and Thiruvananthapuram airports which were hacked on Wednesday morning have been restored.
Cyber security officials who were investigating the matter have managed to restore the sites briefly after they were hacked by a group called Kashmir Cheetah.
A message on the websites read, Mess with the Best read a message from a group called the Pakistan Cyber Attackers. The message on the websites read ‘website stamped by Kashmiri Cheetah’.

Read more

Internet terror: Here is what the NCCC will do

cybersecurityThe National Cyber Coordination Centre will finally start its operations by the end of this year. With an allocation of Rs 800 crore, the NCCC is expected to step up cyber security in India which has become a major threat over the past couple of years.
The project has been pending since 2013 and the fact that it has finally got the nod is a good step in ensuring that India’s cyber security is up to the mark.

Read more

Cyber policy- broad, lofty and no safeguards

Pic: www.livemint.com
Pic: http://www.livemint.com

The much awaited National Cyber Security Policy of 2013 was revealed yesterday and this according to the government of India was done with an intention of safeguarding the nation.
Before getting into the pros and cons of the policy here is a brief of what the policy aims at doing. A nodal agency to coordinate all matters related to cyber security would be set up.
A mechanism to share information, identify and respond to cyber security incidents would be in place. A cyber ecosystem would be created to provide fiscal benefits to businesses. A workforce comprising 5,00,000
professionals would be appointed. The policy aims at enhancing and also creating a national and sectoral level 24×7 mechanisms for obtaining
strategic information regarding threats. It plans to develop indigenous security technologies through research. Continue reading “Cyber policy- broad, lofty and no safeguards”

Private players in cyber security- Advantages only

Pic: http://www.cxotoday.com/

There was always a big question mark over India’s handling of Cyber Security. India was considered to be ill-equipped and slow when it came down to tracking cyber crimes and now with the world waking up to this threat, it was time that even India did something.

The Government of India in association with the private sector has decided to undertake a five year programme in which nearly 5 lakh personnel would be trained to help India fight a cyber war. Many experts feel that it was time that the private sector was roped in to fight this battle as the number of cases appear to be going up each day and the detection rate has been more than pathetic.

Continue reading “Private players in cyber security- Advantages only”

The importance of ethical hacking

Pic: Outlook

In the past 12 months at least 42 million Indians were hit by cyber crimes and the recorded loss of the same was a staggering 8 billion dollar loss. In such an event and while conducting an estimate, it becomes clear that in order to stem this rot, India needs at least 4 lakh more ethical hackers.
Mohan Gandhi, who passed out of IIM Ahmedabad provides anti piracy solutions through his company Entersoft Information Systems. In this interview with rediff.com, Gandhi speaks about the challenges while dealing with cyber security and also what it is to be an ethical hacker.

Continue reading “The importance of ethical hacking”

Social network- The IM is here now

Photo courtesy: news-linked.com

When the Indian Mujahideen orchestrated the recent spate of attacks across India, investigators took a while before they could figure out the modus operandi. Post 13/7 and the Delhi High Court blasts, what foxed investigators was the complete absence of telephone conversations that led up to the planning and the execution of these blasts.

Today the investigators are able to make some sense out of this and have realized that it was the social networking sites that were being used to communicate between the cadres. In addition to this, the police have also found that some cadres of the Indian Mujahideen were trying to conduct recruitment’s through their Facebook accounts through hidden messages.

The Indian Mujahideen has been quick in the use in the use of technology when it came to planning and executing their operations. They started out with the use of emails, then moved on to chats and later Skype through which they communicated. However when the police finally got wind of this, they improvised by using the drafts in a mail and also the cache to store their messages in accounts which was accessed through a common username and password.

Planning:Yasin Bhatkal who today is the big boy in the Indian Mujahideen had extensively used social networking sites to stay in touch with his fellow men in the outfit. Personalized messages were sent out and also status updates in coded forms were used to communicate his plans which eventually led to two very horrific blasts. According to the police the use of social networking commenced in the year 2008 itself, but then it was sparingly used at that time. They had a back up plan on hand and had decided on using social networking more extensively only if their other forms of communication failed.

However post 2008 there was very strict monitoring of the manner in which the IM cadres communicated amongst each other through emails and also phones which prompted them to use social networking sites extensively. The first use of social networking in a major way was visible during the Varanasi blasts. The accused who had fled India for Dubai orchestrated the Varanasi blasts through the use of social networking sites. The messages were simple and heavily coded language had been used to pass on information. It was at that time that the IM was looking to rebuild and they were content with smaller attacks just to keep the ball rolling and announce that they were not out of contention. Hence by intentionally maintaining a low profile and using very little man force they managed to carry out the Varanasi blasts.

The same was witnessed during the 13/7 and also the Delhi blasts. During the run up to these attacks, the IM cadres in India met directly and discussed their plans. They did realize that one on one meetings left very little trail. They then used these networking sites to communicate with their other counterparts who were in different locations. All this went unnoticed by the police which helped them execute their plans with a great deal of ease.

Shishir Gupta, the author of the book- Indian Mujahideen, Tracking the Enemy Within says. “ for an aspiring global power, India is very vulnerable to cyber attacks by terrorist groups. Since 2005 IM modules have been communicating through cyber space with the use of emails, Skype etc. Hence when we speak of the use of social networking sites, it is only natural that they would have upgraded their capabilities. With the option of mobile phones and also satellite phones out it was expected that they would use such sites to communicate. This in fact has proven to be a safe method of communication for them.

The Danger ahead: While now it is clear that the IM has been using social networking sites to communicate, there is also this danger where the recruitment’s are concerned. It is not necessary that they would continue to use very popular networking sites to communicate their plans amongst each other. The police are not ruling out a possibility of the use of lesser known sites for communication.

However the bigger worry ahead is the manner in which they would try and recruit and also communicate their agenda through such sites. The IM has been trying to fashion itself on the lines of the Lashkar-e-Tayiba and has been quoting some social causes before they carry out their attacks. They are constantly looking for sympathy amongst the younger lot and have been successful to a large extent.

During the past couple of months it has been witnessed that some members of the outfit who are present on popular social networking sites have been sending out friend requests to college students, persons in high positions and also journalists. While they would snoop on some profiles the requests sent out to college students is nothing but a bait. Once the friend request is sent out, there are messages that are posted regarding the kind of news that is appearing against their community and also discussions regarding the various issues such as Godhra or a Babri are discussed thus dishing out sentiments. The success rate has not been all that great according to the police, but even they manage to bait one out of 20 people, the IM would be content.

Cyber security experts say that there is no one point solution to this problem. The cyber police need to constantly watch popular sites and also the activity over the internet. There is no point in finding out things after the damage has been done and it is necessary that the police remain one up on the game.

Cyber war and the never ending threat

Photo courtesy: http://4.bp.blogspot.com/
Photo courtesy: http://4.bp.blogspot.com/

We are by now well aware of the kind of security risk that is posed by terrorists using the internet. Aditya Mishra who spoke recently at the International Conference on Mobile Law at New Delhi explained at length how the internet and internet telephony has become a cause for concern for security agencies.

The United States of America too addresses a similar concern and very recently Director, FBI, Robert Mueller also suggested that cyber security threats could very soon become bigger threats than terrorism.

When one looks back at the 26/11 attack we realise that India was lacking when it came to curbing the run up to the attack which was largely carried out through the internet. Right from the stage of planning to the financial transactions, everything was carried out on the internet and our agencies were clearly in the dark all through the operation. Mishra during the conference did explain how the VoIP was used during the 26/11 attack. He said that the terrorists used a VoIP based service in New Jersey, USA. Callphonex got an email from a mail id, kharak_telco@yahoo.com on 21st October 2008, from Kharak Singh from India, for starting a VoIP account. “To activate this Callphonex VoIP account, an initial payment of $250 was made by a Mohammaed Isfaq through a Lahore based agent, through Money Gram. A Virtual number 0012012531824 was allotted by Callphonex, and it is the property of a Voxbone, a Belgian company, and was leased out to Callphonex, and a request was changed for allottment for 5 DID numbers (Direct Inward Dialers).” The calls are supposed to be coming for the virual US number, but they go to the five Austrian DID numbers, which are all virtual numbers, albeit mobile numbers.

India has now become fully aware of the problem and does realise that it does need a full fledged agency to counter this menace. India feels that its problems in cyber space would be solved to a large extent once the National Cyber Coordination Centre is set up. The job of this centre would be to monitor all activity on cyber space and then report it to the investigating agencies.

India today finds itself to be a victim of both cyber attacks and also cyber terrorism. Police officials say that despite very stringent measures, the web would be the worst place for them to deal with since terrorists would continue using it and finding ways to beat the security system. The Indian agencies would look to adopt the FBI style of functioning where they would not only pick up intercepts but also identify patterns and also players indulging in cyber crime. This would go a long way and would help identify the trail so that cracking or even preventing the case would become easier. In addition to this the Indian agencies also expect a very strong legislation to support their case. The proposed National Cyber Coordination Centre threatens to invade into privacy as it is intended to monitor each and every mail, tweet or face book update remotely connected with India. Indian agencies hope that the government would be able to overcome certain privacy issues so that the all the time is not consumed fighting a legal battle.

While the 26/11 styled attacks and the use of the internet would gain top precedence for Indian agencies, they also have headaches posed by the home grown terrorist outfits as well. The Indian Mujahideen in particular has been notorious to use the web space and has very often managed to fox Indian agencies.

Cyber experts say that the internet has become the most preferred medium for terrorists. Not only have they been planning operations on the net but also use the information available on it to their advantage. In cases of terrorism, the internet has provided real time information which has helped these terrorists plan their next move and also change their location. The agencies are trying to find a way to regulate the flow of content on the web which could prove fatal to investigation. The net was often accessed on the cell phone by the Indian Mujahideen operatives and they had picked up information on the police investigation real time which helped them plan their next move. Some police officials say that most of the time the flow of news at such a fast pace helped these operatives give them the slip.

The Delhi police which has been investigating several crimes committed by the Indian Mujahideen found that it was the internet which helped these persons a great deal. The operatives are said to have confessed to using their cell phones to access the web. They were trained to use key search words regarding the case on hand and they moved around avoiding arrest based on the information which the police were feeding to the press.

The Delhi police officials said that the use of this tactic helped them evade arrests for quite some time. There is a need to regulate the information that is coming out of the various