#cyberattack Archives

Commonly Used Password Hacking Techniques By Hackers

Posted on 11/06/2021 by Tushar

We use passwords everywhere. We need them to log in to our websites, apps, online accounts and even the devices we access them on. Unfortunately, cybercriminals have discovered increasingly clever ways to find out what they are. To keep you up to date with their growing sophistication and to put you in a better position to defend your business and private accounts, here are seven of the most common ways hackers can crack your passwords.

1. Phishing attacks

Phishing attacks are the most common way that a hacker will attempt to get access to your passwords. They involve sending some form of electronic communication, typically email but also SMS or other forms of message, that contains a malicious link. Clicking on the link will result in malware being downloaded onto your device which will silently collect your usernames and passwords and send them to the hacker.

2. Social engineering attacks

Social engineering attacks are a specialised form of phishing that has been used heavily in recent years, particularly against businesses and their customers. The attack begins with the arrival of a seemingly legitimate email from a reputable company informing you that there’s an action you need to take. A link will be provided for you to carry out that action and when you click on it, you’ll be taken to a website and asked to sign in.

The website you are sent to is a scam site, often a clone of the genuine site with a URL that is not too dissimilar to the original. When you log in, that scam site records your username and password for the hacker’s use.

Another version of social engineering involves sending employees legitimate-looking emails that pretend to be from the company they work for. They often appear to come from people they know and trust within the organisation. These too will ask for an action to be carried out (e.g. your password is about to expire, please click here to update) and, once again, logging in will result in the login credentials being stolen.

3. Spidering

Spidering is a form of investigative hacking in which cybercriminals seek to build relationships with their victims as a way to steal passwords. In a way, it takes phishing and social engineering to a new level but the depth to which it goes to often provides better results. Hackers will often pretend to be potential clients or contractors and will ask for information about a company in the hope of gaining insights into its systems and networks. Any information it receives will then be analysed to help it find vulnerabilities to attack.

4. Password stealing malware

Our day to day use of the internet makes it possible that we can unwittingly click on malicious links or visit compromised websites. If you do, there’s the potential for malware to be downloaded to your device – especially if you do not have antivirus protection. There are specific types of malware which are designed to steal passwords, usernames and other personal information. The most common are keyloggers and screen scrapers, which record the keys you press on your keyboard or take screenshots of your activity.

5. Brute force attacks

A brute force attack is when a hacker will make multiple attempts to try and guess your password. This may look like an impossible feat, but it isn’t. Cybercriminals can cheaply purchase databases containing billions of stolen usernames and passwords from the dark web. These are then fed into password cracking tools that make use of AI and machine learning so that the guesses made, rather than being random, are algorithmically generated. The speed at which these tools make login attempts means that a password can often be cracked within minutes.

6. Rainbow table attacks

Systems generally encrypt stored passwords which means it’s impossible to discover them without having the right encryption key. Sophisticated hackers keep directories of stolen passwords and their associated encryption keys, helping them cut the time needed to break in. A rainbow table attack, meanwhile, uses an encryption algorithm to generate a list of every potential plain text password. These are then compared to the encrypted passwords on an organisations system to speed up the discovery of the right version.

The enormous number of possible passwords in a rainbow table means they can be terabytes in size. As a result, cybercriminals are making increased use of the cloud to help them process the data during an attack.

7. Network analysing tools

Network analysis tools enable cybercriminals to intercept data sent over a network and steal any unencrypted passwords they contain. To carry out an attack, hackers need physical access to the network or the use of malware.

SSL and other forms of encryption are the best defence against this type of hacking, together with VPNs. Companies can use network analysis tools themselves to discover if they have plain text passwords unwittingly being transmitted.

Conclusion

The growing number of sophisticated ways hackers can find passwords means organisations have to continually find better ways to protect themselves. Today, there are numerous defences you can use: encryption, SSL, email signing certificates, firewalls, antivirus, intrusion protection, email filters, logical access control, multi-factor authentication and biometric authentication, for example. Additionally, the training of staff and the implementation of rigorous security policies and procedures can also help.

Secure Code Review – A Prerequisite!

Posted on 20/05/202103/06/2021 by Anteelo Master

What is a Secure Code Review?

Secure Code Review is the process to check the code in the development phase so that there are no vulnerabilities left in the code. It involves manual and automatic testing of the code, which helps to review the loophole in the code that can later affect the organization. It is a process to identify and patch coding errors in the development phase before they turn into a high-level security risk. Reviewing security codes helps an organization to minimize the overall maintenance and development cost by enhancing the effectiveness of the code lines and eliminating any kind of early-stage risks.

Major Focus Pointers for Code Review

Injection:

The injection is a flaw that allows the application to accept the inputs to enter shell commands, enter the database, or operating system, which makes the application vulnerable for injection attacks.

Memory Flaws:

The flaws like Meltdown and Spectre are caused due to inconsistent and vulnerable code, which ends up compromising the information and data present in the primary memory.

Sensitive Data Exposure:

When due to the vulnerability in the program code, an attacker can gain sensitive information like the credit card details, private data, passwords, etc is known as the sensitive data exposure.

Cross-Site Scripting:

The cross-site scripting is similar to the injection attacks. In this, the malicious scripts are embedded in such a way that the user’s PC trusts the malicious site by using the cookies as a legit site. This involves the browser side scripting and compromising the user.

Principle of Secure Code Review

The principle of secure code review or the peer code review is that after this process, there should be no short-comings, security loose ends, code structure loopholes, and inconsistency in the code. It is done for the quality assurance of the code and thus, the code is read and rewritten mitigating all the possible vulnerabilities.

Purpose of Secure Code Review

Secure Code Review is an important step during the development process these days. It allows the code to be free from any kind of risk. It is important for the application to have consistency. It should be free from any security vulnerabilities and data discrepancies. The code should have a proper structure and ways to manage the data.

How is the Code Reviewed?

There are 6 steps to secure code review: –

Reconnaissance:

The reconnaissance is the process where we see the code and try to figure out the basic threats and risks in it.

Scope Assessment:

Threats and risks are categories and scope is decided for the same. This scope helps us to follow a path in the next processes. This is known as the scope assessment.

Automation:

Based on the scope the code is checked using various tools. These tools automate the process following the checklist. Thus, this makes the process automated.

Manual Review:

After using the tools in the automation step. The code is manually checked to find out the issues if any. The left vulnerabilities are removed manually.

Confirmation and POC:

After the code is reviewed by an automated and manual process, it is sent further for the confirmation and proof of concept (POC). Thus, this step checks that the code is good to go and can be sent for compilation.

Reporting:

Once all the processes are done and are confirmed, the report is made for all the steps taken. This report contains the vulnerabilities that were there in the code and suggestions to mitigate them. This final report covers all the information on the secure code review process.

Attacks Summary Due to Lack of Secure Code Review in 2019-2020

68% of a data breach of web applications
27% of personal data of the US stolen from websites
31% of credential data stolen from companies
82% of vulnerabilities were in application code
54% of cross-site scripting attacks were done because of loopholes in application codes
29% of injection attacks took place due to no secure code review

Era of AI in Cybersecurity

Posted on 01/05/202131/05/2021 by Anteelo Master

Artificial Intelligence to revolutionize cybersecurity

Cyber attacks are increasing rapidly these days and the trend for zero-day attacks is also not so unknown. To cope up with these evolving cyber threats, it is the need of the hour to be prepared with more advanced counter mechanisms. This is where AI in cybersecurity comes into play.

These days there are tools and security devices that use AI to make the attack detection and prevention process easy and automated. AI in cybersecurity helps to bring out the concepts of behavioral analysis, automation, and many more that help to create a new space in the field.

Role of AI in cybersecurity

AI has opened new horizons and opportunities to detect and mitigate cyberattacks. Every day multiple cyberthreats are born and increase the attack surfaces of the firm. AI in cybersecurity helps to delve deeper into the key areas to find the threats and adjust itself in a suitable way to mitigate them.

AI can identify and prevent cyberattacks

AI has lots of reference modules and predetermined attack engines that helps the user to detect the inbound cyber attacks easily. Some attackers use predefined scenarios, methodologies, and techniques to attack websites and applications. By using AI-based detection techniques, it will be easy for the user to identify the attacks. Once the ongoing attacks are identified, you can add some of the pre-requisites in the AI engine that will help you to mitigate the same.

The automation of cyberattacks

AI in cyberspace is rapidly growing and is both boon and bane for the industries. Whereas on one hand, the application of AI in cybersecurity helps to automate the process for mitigation of cyber threats, it also helps malicious actors to create automated cyberattacks. These attacks are pre-programmed based on the analysis of threat vectors of the organization and attack the same in various ways.

The latest research shows that the threat landscape is increasing these days due to the presence of the open-source AI-enabled hacking tools and software. Within the report, the cybersecurity firm documented three active threats in the wild which have been detected within the past 12 months. Analysis of these attacks — and a little imagination — has led small attackers like script kiddies and newbies to create scenarios using AI which could be more dangerous and threatening.

Impact of AI in cybersecurity space

The presence of AI in the cybersecurity space has opened new horizons for attackers and defenders. The landscape of cyberspace is changing its demographics due to the presence of AI, which proves to be uncertain and unbiased. Sooner or later it is going to be the key differentiator between both the veils.

The AI has helped the cybersecurity researchers and continues to do the same in all the way possible.

The presence of the AI has impacted the cyberspace on the following grounds:

Identification of the threat
Mitigation of the threat
Vulnerability assessment of the organization
Constant monitoring of the organization’s threat posture
Helps in reporting and accounting of cyber threat of the firm

Security Awareness Training: Key Advantages

Posted on 18/04/202131/05/2021 by Anteelo Master

The year 2020 has been the most unpredictable and tough year for each one of us. The first quarter itself included lots of mishappenings and unforeseen scenarios, leaving every country across the globe on alert mode! The pandemic not only affected many lives but also flipped day-to-day routines, bringing everything to a halt at a certain point where none of us were sure of how to bring things on track.Although, eventually, everything started to change rapidly, including how we work, communicate, or even interact with one another remotely. The major impact of the COVID-19 pandemic was almost on every industry and its verticals, including private and public organizations. Every working individual was mandated to work from home, ensuring to prioritize their health security, but unfortunately, it resulted in leaving cyber security highly vulnerable.

After the coronavirus, cyber security became one of the significant topics of concern in the first quarter of 2020. With organizations adopting the ‘work from home’ policy, cybercriminals found the situation as a golden opportunity to deploy cyber attacks more aggressively. Lately, many organizations have fallen victim to massive cyber attacks and high-end data breaches, resulting in the exploitation of confidential data and online theft of millions of users’ credentials.

In fact, hackers have been taking control of several networks, locking away the data of the organization, and demanding an excessive ransom to return back their data. On seeing the criticality of the situation, it is impossible to set up a secure IT infrastructure like that of an office at home. But it is possible to stay proactive and cyber secure by taking preventive measures to mitigate future cyber risks.

Organizations must consider providing security awareness training to their employees in order to help them have knowledge of all possible cyber threats while working from home and how to combat them. Let us proceed further to learn more about security awareness training and how it is beneficial for employees.

What is Security Awareness Training?

Security awareness training is formal training to educate employees about computer security. This practice of training employees includes educating them about corporate policies and working procedures with information technology. The main purpose of this training is to help employees become familiar with cyber attacks, data breaches, and all types of social engineering practices.

But the ultimate purpose of this security awareness training for employees is to teach them about the value of data as a corporate asset in the organization. A proper and effective security awareness training keeps employees engaged and interested in following the directives. The motive is to ensure that employees do not get indulged in handing over confidential information to any unauthorized person or do not commit mistakes that might help hackers to get unauthorized access into an organization’s restricted network.

More importantly, security awareness training helps in influencing the behavior of employees, reducing cyber risks, and ensuring compliance within the organization. This corporate security awareness training program is currently the best method to encourage cyber security awareness among employees while they are working from home.

According to a study by a security research lab, human error is the most common cause of 95% of cyber security breaches. It also stated that if somehow this human error is eliminated completely, 19 out of 20 cyber breaches might not happen at all in the first place. The Information Security Awareness Officers of every organization must consider planning and implementing proper security awareness training for employees.

How is Security Awareness Training Important for Employees?

While corporates are seeking digitals assets to mitigate cyber threats, it is important to understand that the biggest threat lies within the organization itself. Humans are the most vulnerable resource and the weakest link in the cyber security chain. They are easy targets of hackers as they can be easily manipulated due to psychological flaws. Recently, 60% of UK businesses fell victim to cyber attacks and data breaches because of human error, resulting in bringing their business to a halt for days.

This is why implementing cyber security awareness training among employees is highly important for every organization. Just by strengthening the weakest link in the cyber security chain, an organization can mitigate up to 90% of cyber risks. Moreover, the following benefits of security awareness training will definitely make you understand the importance of the purpose:

Cyber Resilient Working Environment

The security awareness training program develops a sense of responsibility within employees to work in a security-focused environment. When you offer training to employees, they automatically understand the importance of the topic being taught and learn how it has to be practiced in the future. Regular training helps in instilling better habits of staying cyber aware and secure.

Prevent Breaches and Cyber attacks

Without this security awareness training, employees wouldn’t have stayed updated on cyber attacks and malicious activities of hackers. So when employees learn how to recognize and avoid these attacks, they start using preventive measures in order to keep the organization’s network secure and maintain the workflow.

Robust Technical Defenses

Technological security defenses play a valuable role in safeguarding organizations from the reach of cybercriminals. But these defenses require manual labor to operate, update and upgrade security software which is only possible with proper security awareness training. These technological defenses become useless if they are being operated or updated without full knowledge.

Proactive Employees

One of the biggest benefits of corporate security awareness training is to help employees become proactive and confident about working around data, without causing any incident. After all, human error is the leading cause of cyber attacks and data breaches. With effective training, employees become empowered to work in a cyber-resilient environment, reducing the chance of human error.

Gets Everyone in Sync

Every security practice must be followed in sync, keeping every employee on the same page in the organization. Without official training on cyber security, all different departments in the organization might be practicing different principles, keeping data on the verge of risk.

This is why official security awareness training sessions are important to remove all guesswork when it comes to security and make every working individual follow the suit to mitigate security threat postures.

Let us not stay vulnerable by encouraging cybercriminals to take advantage of the pandemic and lockdown. Cyber security is a two-way street where we have to keep up with the advanced security tools to combat and mitigate cyber risks.

Best Preventive medicine to eliminate Ransomware Attack

Posted on 08/04/202129/05/2021 by Anteelo Master

A Brief on Ransomware Attack

Ransomware has become a huge potential to exploit and damage users’ crucial data. This malicious attack was the most significant malware threat of 2018 and it continues to be the most dangerous even in 2019. With its growing popularity, more people are being targeted to get the ransom.

In most cases, the ransom demanded from the victim comes with a deadline. If the victim fails to pay within the provided timeline, the data is lost forever. Ransomware attacks are very common these days.

Even paramount companies in North America and Europe have fallen victim to this . Cybercriminals spare no one and can attack any consumer or business, coming from all kinds of industries. Various government agencies advise people against paying the demanded ransom as this might stop the ongoing cycle of ransomware attacks.

As a matter of fact, a ransomware attack is designed to extort money from victims by blocking access to their data or systems. There are two most prevailing types of ransomware attacks through which the attacks are deployed; encryptors and screen lockers.

Under encryptors, the index of data on a system is encrypted into an absurd content and can only be restored with a decryption key. Whereas, screen lockers simply block the access to the system by locking screen, declaring that the system is encrypted. Apart from the two prevailing types, there are some infamous ransomware attacks as well.

Major Infamous Ransomware Attacks:

Wannacry Ransomware Attack

This ransomware attack came out as a powerful Microsoft exploit. It was leveraged to create a global ransomware worm to infect over 250,000 computer systems. More than 200,000 systems were locked down in 150 countries. Hackers demanded a ransom which was paid through Bitcoin. Wannacry ransomware attacks infected National Health Service (NHS) and many other organizations across the globe.

CryptoLocker

It is a part of a ransomware family whose job is to extort money from users by encrypting the user’s hard drive as well as the attached network drives. It was first among the current generation of ransomware which required cryptocurrency for a ransom payment. CryptoLocker was spread through an email attachment that claimed to have come from FedEx and UPS tracking notifications.

NotPetya

NotPetya is considered as one of the most destructive ransomware attacks. It was coded in such a way that even if the user pays up the ransom, the data would still be unrecoverable. Infamous as a close relative of Petya malware, it successfully infected a thousand number of computers across the globe in 2017.

How to Prevent Ransomware Attack?

Ignore Unverified Links

Never click on links that come in spam emails or on any unfamiliar websites. If an unexpected download starts when clicked on a malicious link then there are high chances of your computer getting infected.

Never Share Personal Data

If you receive an email, call or text from an untrusted source asking for your personal information, make sure you don’t give out the details. Cybercriminals trick users into getting their personal information in advance of an attack. They use your information to target you via a phishing email.

Backup your Data

If you ever experience a ransomware attack, you must already have a back-up of your data so that you don’t have to pay any kind of ransom to the attacker. Make sure of keeping a copy of every important data in an external hard drive that is not connected to your system.

Never Pay Ransom

Never pay any amount to cybercriminals who carry out the ransomware attack. This is because there is no guarantee of return of data; after all your trust has already been manipulated with data hacking. Paying ransom only encourages cybercriminals to carry out more attacks.

Security Awareness For Employees

The best way to prevent a ransomware attack is by becoming proactive towards the latest cyber attack vectors. An organization must be aware of the harmful attack vectors which can lead them on the verge of losing their data and customer trust. It’s better to opt for preventive measures in advance so that there are fewer chances of falling victim to any kind of cyber attack.

Major Cyber attacks evidenced globally in Q1 2021

Posted on 07/04/202129/05/2021 by Anteelo Master

Cyber crime has been on the rise for years now and it is not showing any signs of slowing down. To make it worse, the arrival of the COVID-19 pandemic in 2020 just fueled the situation. Those who were expecting relief from the increasing terror of cyber crimes in 2021 are to be disappointed as the number of attacks is only increasing day after day.

We have barely crossed the first quarter of 2021 and already several major cyber attacks have made the headlines. Here is a list of some of the major cyber attacks that took place in Q1 2021:

#1 Channel Nine

Australian broadcaster Channel Nine was hit by a cyber attack on 28th March 2021, which rendered the channel unable to air its Sunday news bulletin and several other shows. With the unavailability of internet access at its Sydney headquarters, the attack also interrupted operations at the network’s publishing business as some of the publishing tools were also down. Although the channel first claimed that the inconvenience was just due to “technical difficulties”, it later confirmed the cyber attack.

#2 Harris Federation

In March 2021, the London-based Harris Federation suffered a ransomware attack and was forced to “temporarily” disable the devices and email systems of all the 50 secondary and primary academies it manages. This resulted in over 37,000 students being unable to access their coursework and correspondence.

#3 CNA Financial

One of the biggest cyber insurance firms in the US CNA Financial suffered a ransomware attack on 21st March 2021. The cyber attack disrupted the organization’s customer and employee services for three days as CNA was forced to shut down to prevent further compromise. The cyber attack utilized a new version of the Phoenix CryptoLocker malware, which is a form of ransomware.

#4 Florida Water System

A cyber criminal attempted to poison the water supply in Florida and managed by increasing the amount of sodium hydroxide to a potentially dangerous level. The cyber criminal was able to breach Oldsmar’s computer system and briefly increased the amount of sodium hydroxide from 100 parts per million to 11,100 parts per million.

#5 Microsoft Exchange Mass Cyber Attack

A mass cyber attack affected millions of Microsoft clients around the globe, wherein threat actors actively exploited four zero-day vulnerabilities in Microsoft’s Exchange Server. It is believed that nine government agencies, as well as over 60,000 private companies in the US alone, were affected by the attack.

#6 Airplane Manufacturer Bombardier

A popular Canadian plane manufacturer, Bombardier, suffered a data breach in February 2021. The breach resulted in the compromise of the confidential data of suppliers, customers and around 130 employees located in Costa Rica. The investigation revealed that an unauthorized party had gained access to the data by exploiting a vulnerability in a third-party file-transfer application. Also, the stolen data was leaked on the site operated by the Clop ransomware gang.

#7 Computer Maker Acer

The globally renowned computer giant Acer suffered a ransomware attack and was asked to pay a ransom of $50 million, which made the record of the largest known ransom to date. It is believed that a cyber criminal group called REvil is responsible for the attack. The threat actors also announced the breach on their site and leaked some images of the stolen data.

#8 University of the Highlands and Islands

A cyber attack targeted the University of the Highlands and Islands (UHI), forcing the university to close all its 13 colleges and research institutions to students for a day. Security professionals uncovered that the attack was launched using Cobalt Strike, a penetration testing toolkit commonly used by security researchers for legitimate purposes. This incident is just another in a series of cyber attacks targeting the education sector.

#9 Sierra Wireless

On 20th March 2021, the multinational IoT device manufacturer Sierra Wireless was hit by a ransomware attack against its internal IT systems and had to halt production at its manufacturing sites. Its customer-facing products weren’t affected and the company was able to resume production in less than a week.

#10 Accellion Supply Chain Attack

Security software provider Accellion fell victim to a breach targeting its file transfer system FTA. Many of its clients were affected by the breach. Some high-profile organizations that got caught in the crossfire include grocery giant Kroger, telecom industry leader Singtel, the University of Colorado, cyber security firm Qualys and the Australian Securities and Investments Commission (ASIC). A lot of confidential and sensitive data stolen from various companies by exploiting the vulnerabilities in Accellion’s FTA tool was leaked online.

How to Protect Your Organization Against Cyber Attacks?

Witnessing the extent of damage cyber attacks can cause should be reason enough to take the necessary preventive measures right away. So, here are some steps you can take to reinforce your organization’s cyber security framework and keep it shielded from cyber attacks.

Generate Cyber Security Awareness: Unaware employees can prove to be an organization’s biggest weakness when it comes to cyber security. Generating awareness among your employees about the prevalent and emerging cyber threats is one of the most effective ways of protecting your business against cyber attacks.

Implement a Phishing Incident Response Tool: Educating your employees will only take you so far if you don’t equip them with the means of dealing with cyber threats. A phishing incident response tool like TAB can empower your employees to detect and report suspicious emails right away, significantly reducing cyber risks.

Carry Out VAPT: Conduct periodic Vulnerability Assessment and Penetration Testing (VAPT) to detect any exploitable vulnerabilities in your organization’s IT infrastructure including applications, servers and networks. Make sure to fix the detected weaknesses on priority.

Keep the Systems Updated: Keep all your hardware and software up-to-date with the latest security updates and patches. Failing to do so can create weaknesses in your security infrastructure and lead to cyber attacks.

Implement MFA: Enable Multi-Factor Authentication (MFA) across all the applicable endpoints of your organization’s networks. This will not only add an extra layer of security but also protect you in case your employees’ user credentials are stolen.

So, don’t wait for your company’s name to be on the list of cyber attack victims and take the necessary precautions immediately.

India: A witness of massive Cyber Attack

Posted on 01/04/202128/05/2021 by Anteelo Master

Cyber Threat Report of 2019: 69% of Firms Face Serious Cyber Attacks in India!

Do you know that India is in has been ranked the second position amongst the countries affected by cyber attacks between 2016-2018? According to a source, there was a 22% rise in cyber attack in India on IoT deployments. India has faced the most number of attacks in the IoT department this year. In fact, India has been consecutively facing cyber attacks, the second time in a row!

In a recent study, it was revealed that out of 15 Indian cities, Mumbai, New Delhi, and Bengaluru have faced the maximum number of cyber attacks. In the Annual Cyber Security Report by CISCO, 53% of cyber attacks caused more than $500K of financial loss to organizations in 2018.

India has faced a rise of 7.9% in data breaches since 2017. Also, the average cost per data breach record is mounting to INR 4,552 ($64). Cyber attacks in India have risen up to such an extent that our country ranks fourth out of the top 10 targeted countries in the world. In a report by India Today, Chennai experienced the highest percentile of cyber attacks with a stat of 48% in the first quarter of 2019.

No survey or warning has brought any change in the cyber security policies of companies across the nation. In spite of witnessing several cyber attacks in India, people are still not aware of lucrative cyber security solutions to prevent their organization from any other attack. Here are some recent series of cyber attacks that massively brought loss to renowned companies in India.

The 2019’s Biggest Cyber Attacks in India

Cyber criminals have adapted advanced cyber attack techniques for their targeted end-users. Various business sectors and geographical locations have faced recent cyber attacks in India.

Cosmos Bank Cyber Attack in Pune

A recent cyber attack in India in 2018 was deployed on Cosmos Bank in Pune. This daring attack shook the whole banking sector of India when hackers siphoned off Rs. 94.42 crores from Cosmos Cooperative Bank Ltd. in Pune.

Hackers hacked into the bank’s ATM server and took details of many visas and rupee debit cardholders. Money was wiped off while hacker gangs from around 28 countries immediately withdrew the amount as soon as they were informed.

ATM System Hacked

Around mid-2018, Canara bank ATM servers were targeted in a cyber attack. Almost 20 lakh rupees were wiped off from various bank accounts. A count of 50 victims was estimated and according to the sources, cyber attackers held ATM details of more than 300 users. Hackers used skimming devices to steal information from debit cardholders. Transactions made from stolen details amounted from Rs. 10,000 to Rs. 40,000.

UIDAI Aadhaar Software Hacked

2018 started with a massive data breach of personal records of 1.1 Billion Indian Aadhaar cardholders. UIDAI revealed that around 210 Indian Government websites had leaked Aadhaar details of people online.

Data leaked included Aadhaar, PAN and mobile numbers, bank account numbers, IFSC codes and mostly every personal information of all individual cardholders. If it wasn’t enough shocking, anonymous sellers were selling Aadhaar information of any person for Rs. 500 over Whatsapp. Also, one could get any person’s Aadhaar car printout by paying an extra amount of Rs.300.

Hack Attack on Indian Healthcare Websites

Indian-based healthcare websites became a victim of cyber attack recently in 2019. As stated by US-based cyber security firms, hackers broke in and invaded a leading India-based healthcare website. The hacker stole 68 lakh records of patients as well as doctors.

SIM Swap Scam

Two hackers from Navi Mumbai were arrested for transferring 4 crore rupees from numerous bank accounts in August 2018. They illegally transferred money from the bank accounts of many individuals. By fraudulently gaining SIM card information, both attackers blocked individuals’ SIM cards and with the help of fake document posts, they carried out transactions via online banking. They also tried to hack accounts of various targeted companies.

Aforesaid stats and events of the latest cyber attacks in India are the wake-up call for all those individuals and companies who are still vulnerable to cyber threats. It is very essential for organizations to implement cyber security measures and follow the below-mentioned security guidelines.

Cyber Security Measures for Organizations to Prevent Cyber Attacks

Educate employees on the emerging cyber attacks with security awareness training.
Keep all software and systems updated from time to time with the latest security patches.
Implement email authentication protocols such as DMARC, DKIM and SPF to secure your email domain from email-based cyber attacks.
Get regular Vulnerability Assessment and Penetration Testing to patch and remove the existing vulnerabilities in the network and web application.
Limit employee access to sensitive data or confidential information and limit their authority to install the software.
Use highly strong passwords for accounts and make sure to update them at long intervals.
Avoid the practice of openly password sharing at work.

The brutal Cyber Attacks that shook the world

Posted on 30/03/202129/05/2021 by Anteelo Master

Impacts of Cyberattacks on Businesses

Do you know a cyberattack can destroy your entire business overnight? In the survey report of 2019, 64% of companies faced web-based attacks, 62% experienced phishing as well as social engineering attacks. Around 59% of the companies experienced to have received malicious code and botnets. Whereas, 51% of businesses experienced the denial of service attacks. (Source: TradeReady)

According to Cybersecurity Ventures, cybercrime damages will cost the world $6 trillion by 2021. In fact, 63 cybercriminals who come under the most wanted list of FBI are known to have committed a chain of cybercrimes that had cost people and organizations, billions of dollars.

Cyber attacks have become common and more endangering nowadays, irrespective of the scale or size of the business. It is important to have proper security of defense locks but, it is more crucial to know what is the cause of offense. The offense could be the existing security loopholes in your enterprise, the unprotected IT infrastructure, and vulnerable employees. All these problems can lead to destructive consequences which can compromise your data and can give rise to cybercrimes.

Furthermore, every individual working in an organization is required to be aware of the major cyberattacks that are endangering and big cyber threat postures. Here is the list of 6 major types of cyberattacks:

Types of Cyber Attacks

1. Phishing

Phishing is a social engineering attack that is deployed over internet users with the intention to steal their data including credentials and credit card details. It is an identity theft to dupe victims into opening the email and lure them to click on the malicious attachment in the email message.

2. Ransomware

Ransomware is a type of malicious software, designed to bar access to a computer system or a data file until the user pays ransom to the attacker. While regular ransomware locks the system, a more advanced malware uses a technique named cryptoviral extortion attack that encrypts the files of users making them inaccessible until a ransom is paid to decrypt them.

3. Risk of Removable Media

Removable media like USB flash drives, external hard drives, optical discs, memory cards, digital cameras, etc. could be the bearer of cyber threats. These external portable storage devices are designed to be inserted and removed from a computer system. The usage of these devices could create a risk of data loss in case the media is lost or stolen. Further, it could lead to the compromise of a huge amount of data loss which would directly lead to damage to business reputation as well as financial penalties. Apart from that, removable media can be majorly used as an attack vector for malware.

4. Cyber Scam

Cyber thieves use the internet as a weapon to deploy cyber attacks on every scale of enterprises. These cyber scams come in various forms, including emails attempting to trick users into handing over their personal information over phishing sites or counterfeited web pages. It is a type of internet fraud where cyber attackers hide or provide incorrect information to trick victims out of money, property or confidential data.

5. Vishing

Voice phishing is a phone fraud that uses social engineering over the telephone to get access to user’s personal and financial information. The fraudsters use modern practices like caller ID spoofing or automated systems to sound like a legitimate authority overcall. Vishing is typically used for stealing credit card numbers or related information with the help of identity theft.

6. Smishing

SMS phishing is a fraudulent activity that is attempted to acquire personal information like passwords and user details by impersonating as a trustworthy identity. This social engineering technique involves cell phone text messages to deliver the bait to indulge victims to divulge their personal information on the attached link in the text message.

How to prevent Cyberattacks?

Cyberattacks seem to be constantly evolving every year and with major ransomware attacks like RobinHood, Snatch, Dharma, etc. in 2019, it is much clear that there is no slow down in the growth. But it’s never too late to secure your organizations by taking essential and efficient preventive steps to combat these attacks from any future loss.

With the help of cyber attack simulators, an organization can not only train but also make the individuals working, become proactive towards the prevailing cyber risks. Apart from that, it is necessary to make employees working in an organization, have the knowledge and are updated on the cyber threat postures existing.

Cyber attack simulators help not only help in identifying the level of vulnerabilities but also improve it so as to create a defensive system by strengthening the weakest link in the organization.

Along with cyber attack simulators, it is important to have a back up of critical data. By having critical backups of your data, you can allow only limited interruptions to the business workflow. It’s better to start securing your business by investing in the right cybersecurity solutions rather than paying for losses by becoming victim to cyber-attacks.

Worst Ransomware Attacks of India

Posted on 26/03/202128/05/2021 by Anteelo Master

State of Affairs of Ransomware Attacks in India: 2019

Did you know more than 230,000 ransomware attack submissions were discovered in 2019 between April 1st and September 30th? Last year, the resurging ransomware attack in India became a headache for the corporate sectors targeting and affecting various organizations across the nation. In fact, the three most notorious members of the ransomware family- Ryuk, Purga, and Stop made major headlines in the nation.

The Stop ransomware caused about 10.10% of the ransomware attacks followed by Ryuk making about 5.84% attacks along with Purga for deploying 0.80% of ransomware attacks! (source: TSG Sunday Guardian Live)

Ryuk seemed to have been the most active threat landscape in the Indian public as well as private sectors. On the other hand, brute-force attacks on RDP and SMBs seemed to have steadily increased in 2019.

According to the Business Standard, last year was entirely the year of ransomware attacks on municipalities. It was observed that not less than 174 municipal institutions were targeted with more than 3000 subset organizations! In comparison, 60% of the increase from 2018 was experienced in 2019!

Reportedly, organizations have faced double extortion in Q1 2020 across the globe. Moreover, security research has anticipated that a business is attacked every 11 seconds by cybercriminals. The cost of damage is predicted to hit around $20 billion by 2021.

Although, this figure may vary later depending upon the cost of attacks and its devastating consequences. To know how brutal ransomware attacks can get, here are the top devastating ransomware attacks that took place in India.

Top 6 Ransomware Attacks in India

Telangana and AP Power Utilities Hacked

A malicious software attacked the power utility systems of Telangana and Andhra Pradesh last year where all the servers went down until the glitch was rectified. Since the computer systems of Telangana and Andhra Pradesh power utilities were interlinked, the virus attack quickly spread, taking down all the systems.

UHBVN Ransomware Attack

Uttar Haryana Bijli Vitran Nigam was hit by a ransomware attack where the hackers gained access to the computer systems of the power company and stole the billing data of customers. The attackers demanded Rs.1 crore or $10 million in return for giving back the data.

WannaCry

India was the third worst-hit nation by WannaCry ransomware, affecting more than 2 lakh computer systems. During the first wave of attack, this ransomware attack had hit banks in India including few enterprises in Tamil Nadu and Gujarat. The ransomware majorly affected the US healthcare system and a well-known French car manufacturing firm.

Mirai Botnet Malware Attack

This botnet malware took over the internet, targeting home routers and IoT devices. This malware affected 2.5 million IoT devices including a large number of computer systems in India. This self-propagating malware was capable of using exploitable unpatched vulnerabilities to access networks and systems.

Petya

India was one of the top 10 countries to be hit by Petya ransomware. This ransomware attack halted work at one of the terminals of India’s largest seaport causing computer lockdown and serious consequences for the country’s exports.

BSNL Malware Attack

The state-owned telecom operator BSNL was hit by a major malware attack, impacting nearly 2000 broadband modems! 60,000 modems became dysfunctional after the malware attack hit the Telecom Circle.

Proactive Measures to Prevent Ransomware Attacks

As we continue to develop smart cities and smart grid technologies in 2020, the risk of ransomware attacks will stay put as a big challenge for all the organizations. Apart from focusing on development and advancement, every industry vertical must understand the crucial role of cyber security.

With the help of these below listed proactive measure, organizations can reduce or prevent the constantly evolving ransomware attacks in the future:

Employee Awareness Training

Cyber threat actors majorly use emails as bait in attempting cyber attacks on an organization and humans being the weakest link tend to easily fall for it. So to avoid and overcome this problem, organizations must educate their employees by making them aware of the prevailing cyber threats.

A right security attack simulator and awareness training tool can help in reducing the threat of employee error. Such tools help in mitigating existing cyber risks within the organization and enhance the cyber security posture.

Backup Your Data Separately

The best way to stay proactive is by backing up your data in a separate external storage device but it should not be connected to your computer. Backing up your data will help in securing it from being encrypted and misused by cyber attackers.

Regular Vulnerability Assessment

Basic cyber security hygiene like vulnerability assessment and penetration testing can help in preventing malware like ransomware. With the help of continuous vulnerability assessment, one can find out the exploitable vulnerabilities and fix them before any threat actor discovers it.

Never Click on Unverified Links

Avoid clicking links that are attached in spam emails or on an unfamiliar website. Such links are the bearers of malicious files that badly infect the user’s computer when clicked. Moreover, these links are the pathways for ransomware to access the user’s system and encrypt or lock confidential data for ransom.

Use Security Software

With cybercrimes becoming more widespread and constantly evolving in nature, protection against them has never been more crucial. It is necessary for organizations to secure their entire IT infrastructure with comprehensive cyber security solutions and software to blocking and keep the cyber threat postures at bay.

Among all other cyber attacks, ransomware is one kind of criminal activity that can be easily prevented by these above-mentioned solutions. Companies must remain vigilant, watchful and prepared to stay protected against such prevailing cyber risks.

The best way to deal with ransomware attacks is to stay protected by following healthy security practices and avoiding suspicious emails in the first place!

A guide to Email Security Practices

Posted on 25/03/202128/05/2021 by Anteelo Master

Why is Email Security Important?

Whether exchanging emails across networks or dumping them in your spam folder, a huge amount of data is sent, received and stored. You may not realize but there are high chances that an unsecured email might have landed in your inbox which can act as a source of data exploitation. Now you wouldn’t want that, would you? That’s why email security is very essential for our daily routine in order to keep a check if any malicious email is accessing our inbox or not. The cybersecurity professionals working in every industry vertical must stay updated with the prevailing attacks possible through emails.

According to ComputerWeekly.com, 82% of organizations claimed to have faced email-based cybersecurity threats in 2018. Whereas, ransomware seems to be the biggest cyber threat in the coming year. The reason being, ransomware attacks that encrypt critical business files and demand for ransom in return are often sent to individuals working in organizations by emails only!

These eye-opening facts call for proper email protection solutions that are needed to be implemented in every organization as a defensive system against invading cyber threats. As far as cybersecurity is concerned, the best solution is using email security tools that incorporate a wide range of security techniques that email accounts and services have. Proceed further for the top 5 email security practices that can benefit your organization from email-based cyber risks.

The 5 Types of Email Security Practices

Never click the “unsubscribe” link in spam emails:

At times, certain emails manage to surpass the spam filter and land in your inbox. For instance, you come across one such certain email and on opening it, you discover that it looks like a phishing email. What would be your first instinct? In any normal situation, users tend to unsubscribe suspicious-looking emails but that is not actually safe!

Hackers are good manipulators and they use such links to fool people into clicking attachment which redirects the targeted users to a phishing site. Apart from that, these links also provide hackers with a back door for access into your system.

Avoid Public WiFi:

Never access emails from a public WiFi because they are less secure and hackers choose public WiFi to steal information by passing through a weak network. Cybercriminals require nothing but a laptop and basic software to hack into public WiFi networks and monitor all the traffic. Accessing emails via unsecured public networks can lead to misuse of user’s credentials and a huge loss of sensitive data. This could also result in further intended targeted cyberattacks that are down the line.

Email Encryption:

Disguising and encrypting email content potentially protects the sensitive data that is sent and received, from being read by anyone except the intended recipient. With email encryption, you can secure your emails over untrusted networks from eavesdroppers or any third person trying to invade in between the email exchange. This security strategy reduces the chance of disclosure of information as well as alter of message content.

Incident Response Tool:

Every 1 in 131 emails contains malware that is sent to the targeted users. Moreover, 95% of the data breaches are deployed through these malware-laden emails. In order to reduce these cyber risks, incident response tools like Threat Alert Button (TAB), help employees in an organization to report any suspicious-looking email for analysis.

This innovative tool by Kratikal is an instant phishing incident response tool where the reported suspicious-looking email is analyzed by the SOC team and moves the reported email to the spam folder in real-time for future exposure prevention, and this all is managed by just one click.

Employee Education:

Limit the chances of cyber risks in your organization by providing employees with cybersecurity awareness training tools. Along with the implementation of policies and email security tools to prevent cyber threat postures, it is essential to encourage employees to become proactive in combating attack vectors like ransomware, phishing emails, and cyber scams. Security awareness tools like ThreatCop is an AI/ML-based security attack simulation tool that assesses the real-time threat posture of an organization. With the unlimited number of attack campaigns and automated training campaigns, this product builds cyber awareness among the employees in an organization and creates a resilient working environment.

Implementing and working on the above-mentioned email protection solutions will not only keep your data safe but will also be beneficial in the long term. In order to protect your business, it is important to make sure that all your employees are empowered to make email based decisions and are protected from data thefts.

Hackers are everywhere nowadays and they won’t stop holding back from discovering vulnerabilities and exploiting your data. Secure your organization now with a robust email security tool in order to reduce the chances of becoming a victim of the prevailing cyber threats.