Tag: #cybercrime

Cybersecurity & Information Security: A comparative look

Posted on by Anteelo Master
Generally, when it comes to computer security, people often misunderstand terms of cybersecurity and information security for the same meaning. But do both of these terms mean the same though? Well, let’s proceed further to find out!
Cybersecurity vs. Information Security | Blog | Elmhurst University

What is Cybersecurity?

Greater vigilance needed against cybersecurity attacks on Australia - CSU News

While cybersecurity and information security may seem synonymous to users, both terms are theoretically different in the concept of security. Cybersecurity is the amalgamation of processes, technologies, and practices, chiefly designed to protect data, systems, networks, and programs from unauthorized access and cyber-attacks.

Organizations transmit sensitive and confidential data across networks and to other devices for business purposes on a daily basis. This is where cybersecurity plays the role of securing information and systems used for process or storage from various types of attacks in cybersecurity.

As ever-evolving cyber-attacks are rapidly on the rise, implementing cybersecurity solutions helps in safeguarding the data related to confidential and financial records of the company. Employee security awareness, training tools, incident response tools, email authentication protocols, brand monitoring tools, etc. are some types of cybersecurity solutions.

What is Information Security?

Information Security: Context and Introduction | Coursera

Cybersecurity explained above states the focus on the security of process and technology. However, information security is entirely a different concept. Information security plays a role in ensuring that both digital and physical data is being protected from unauthorized access, exploitation, recording, disclosure or modification.

The abbreviated term of information security is “infosec” and is also referred to as “data security”. It aims to keep data secure regardless of digital or physical form. Moreover, information security is a set of practices to keep data secure during scenarios where it is being stored or transmitted from one device or place to another.

While information security remains to be a primary focus in protecting the confidentiality, integrity, and availability of data, maintaining organizational productivity is equally an important concern. This is why information security offers guidance, security policies, industry standards in passwords, antivirus software and information security awareness to provide best practices.

So, if cybersecurity and information security work on the same goal of safeguarding an organization’s data, then what differentiates both terms? Let’s find out with the difference stated below!

Cybersecurity Vs. Information Security: 5 Key Differences

Before continuing to learn what differs both terms, it is important to understand that cybersecurity is basically a subset of information security. You can consider information security as an umbrella with cybersecurity coming underneath it along with other security standards.

Now let’s read further to figure out the differences between these two terms:

Cybersecurity  Information Security
  • Security of data and information in digital or electronic form.
  • Protection of data from cyber frauds, cybercrimes, cyber-attacks, and law enforcement.
  • This focuses on securing the cyber resilience of an organization including personal data present on the digital and electronic platform.
  • The advanced step to combat persistent cyber threats that are imminent.
  • Deals with cyber threats like phishing, ransomware, risk of removable media, cyber scams, vishing, and smishing.
  • Security of information assets, existing in both physical and digital form.
  • Protection of information from unauthorized access, disclosure, modification, misuse or destruction.
  • This focuses on securing information assets of an organization like integrity, confidentiality, and availability.
  • The foremost step in the foundation of data security.
  • This deals with all sorts of security threats to ensure that proper security protocols are set in place.

 

From the above-given table, now we can easily differentiate between both the terms. While information security mainly concerns protecting data of organization from any sort of unauthorized access, cybersecurity ensures that an organization’s electronic data is secure from cyber threat actors. Cybersecurity is a broad practice of ensuring that servers, networks, and email channels remain protected and accessible to only authorized users that fall under the realm of information security.

Although, the information is not the only area of concern for cyber threat attackers. Some hackers are keener about uncovering the user’s login credentials and gaining unauthorized access to closed networks. Their purpose to do so is to manipulate the data and website or hamper the essential functions.

To prevent hackers from attempting such malicious activities, patching up existing vulnerabilities in networks and devices is a must. Doing so leaves no room for hackers or cyber threat actors to make any possible interaction between the computer device and network or server.

This is why we have certain types of cybersecurity solutions that hold a wide scope right now.  Moreover, the experts in this field will have high demand over the next decade too due to the introduction of new technology trends.

The Parallel-ground Between Cybersecurity & Information Security

After all these differences, you might wonder if there is any parallel-ground between cybersecurity and information security or not. Well, the answer is yes! Both cybersecurity and information security are the foundation to information risk management.

While cybersecurity professionals are mainly concerned with safeguarding electronic data from cyber risks and data breaches, they still perform physical security practices. Just like information security professionals keep a cabinet full of confidential information locked, cybersecurity experts require physical security measures to keep adequate data protected. It is impossible to physically lock a computer device, but having security protocols in place, one can easily prevent unauthorized access.

Both cybersecurity and information security are crucial aspects of technology in this evolving 21st century. Organizations looking forward to data security must understand the importance of these two aspects of technology. Every security administration of an organization must stay one step ahead of the ever-evolving security threats.

They are needed to provide and implement the best security awareness training practices and as well as analytical tools to monitor phishing and fraud activities taking place on the online platform. With constantly developing technology and the IT world, security professionals must stay updated to tackle down the evolving security risks and prevent future cyber threats.

 

Security Awareness Training: Key Advantages

Posted on by Anteelo Master
The year 2020 has been the most unpredictable and tough year for each one of us. The first quarter itself included lots of mishappenings and unforeseen scenarios, leaving every country across the globe on alert mode! The pandemic not only affected many lives but also flipped day-to-day routines, bringing everything to a halt at a certain point where none of us were sure of how to bring things on track.Although, eventually, everything started to change rapidly, including how we work, communicate, or even interact with one another remotely. The major impact of the COVID-19 pandemic was almost on every industry and its verticals, including private and public organizations. Every working individual was mandated to work from home, ensuring to prioritize their health security, but unfortunately, it resulted in leaving cyber security highly vulnerable.

After the coronavirus, cyber security became one of the significant topics of concern in the first quarter of 2020. With organizations adopting the ‘work from home’ policy, cybercriminals found the situation as a golden opportunity to deploy cyber attacks more aggressively. Lately, many organizations have fallen victim to massive cyber attacks and high-end data breaches, resulting in the exploitation of confidential data and online theft of millions of users’ credentials.

In fact, hackers have been taking control of several networks, locking away the data of the organization, and demanding an excessive ransom to return back their data. On seeing the criticality of the situation, it is impossible to set up a secure IT infrastructure like that of an office at home. But it is possible to stay proactive and cyber secure by taking preventive measures to mitigate future cyber risks.

Organizations must consider providing security awareness training to their employees in order to help them have knowledge of all possible cyber threats while working from home and how to combat them. Let us proceed further to learn more about security awareness training and how it is beneficial for employees.

What is Security Awareness Training?

Security awareness training is formal training to educate employees about computer security. This practice of training employees includes educating them about corporate policies and working procedures with information technology. The main purpose of this training is to help employees become familiar with cyber attacks, data breaches, and all types of social engineering practices.

But the ultimate purpose of this security awareness training for employees is to teach them about the value of data as a corporate asset in the organization. A proper and effective security awareness training keeps employees engaged and interested in following the directives. The motive is to ensure that employees do not get indulged in handing over confidential information to any unauthorized person or do not commit mistakes that might help hackers to get unauthorized access into an organization’s restricted network.

More importantly, security awareness training helps in influencing the behavior of employees, reducing cyber risks, and ensuring compliance within the organization. This corporate security awareness training program is currently the best method to encourage cyber security awareness among employees while they are working from home.

According to a study by a security research lab, human error is the most common cause of 95% of cyber security breaches. It also stated that if somehow this human error is eliminated completely, 19 out of 20 cyber breaches might not happen at all in the first place. The Information Security Awareness Officers of every organization must consider planning and implementing proper security awareness training for employees.

 

How is Security Awareness Training Important for Employees?

While corporates are seeking digitals assets to mitigate cyber threats, it is important to understand that the biggest threat lies within the organization itself. Humans are the most vulnerable resource and the weakest link in the cyber security chain. They are easy targets of hackers as they can be easily manipulated due to psychological flaws. Recently, 60% of UK businesses fell victim to cyber attacks and data breaches because of human error, resulting in bringing their business to a halt for days.

This is why implementing cyber security awareness training among employees is highly important for every organization. Just by strengthening the weakest link in the cyber security chain, an organization can mitigate up to 90% of cyber risks. Moreover, the following benefits of security awareness training will definitely make you understand the importance of the purpose:

  • Cyber Resilient Working Environment

The security awareness training program develops a sense of responsibility within employees to work in a security-focused environment. When you offer training to employees, they automatically understand the importance of the topic being taught and learn how it has to be practiced in the future. Regular training helps in instilling better habits of staying cyber aware and secure.

  • Prevent Breaches and Cyber attacks

Without this security awareness training, employees wouldn’t have stayed updated on cyber attacks and malicious activities of hackers. So when employees learn how to recognize and avoid these attacks, they start using preventive measures in order to keep the organization’s network secure and maintain the workflow.

  • Robust Technical Defenses

Technological security defenses play a valuable role in safeguarding organizations from the reach of cybercriminals. But these defenses require manual labor to operate, update and upgrade security software which is only possible with proper security awareness training. These technological defenses become useless if they are being operated or updated without full knowledge.

  • Proactive Employees

One of the biggest benefits of corporate security awareness training is to help employees become proactive and confident about working around data, without causing any incident. After all, human error is the leading cause of cyber attacks and data breaches. With effective training, employees become empowered to work in a cyber-resilient environment, reducing the chance of human error.

  • Gets Everyone in Sync

Every security practice must be followed in sync, keeping every employee on the same page in the organization. Without official training on cyber security, all different departments in the organization might be practicing different principles, keeping data on the verge of risk.

This is why official security awareness training sessions are important to remove all guesswork when it comes to security and make every working individual follow the suit to mitigate security threat postures.

Let us not stay vulnerable by encouraging cybercriminals to take advantage of the pandemic and lockdown. Cyber security is a two-way street where we have to keep up with the advanced security tools to combat and mitigate cyber risks.

Workplace Threats of Password Sharing

Posted on by Anteelo Master

The Shocking Statistics About Password Sharing

According to the security survey, 78% of the security professionals around the world believe that the biggest risk to endpoint security is human error. Moreover, the lack of cybersecurity awareness among employees is one of the biggest exploitable vulnerabilities in any organization.

Nevertheless, an organization can have the most robust security software in the world, but human errors like password sharing can lead to massive data breaches for a lifetime.

The dangers of password sharing at work | TechRadar

Some of these following statics show the criticality of password security in today’s date:

  • Approximately by the end of 2020, password usage across the globe will grow by 300 billion. 
  • 81% of the data breaches have been reported because of poor password security.
  • About 61% of companies use more than 500 accounts with non-expiring passwords.
  • A research article by ITProPortal stated that only 38%of companies update their admin passwords once a quarter while the rest do it very rarely.
  • About 54% of the small and medium-sized businesses don’t check up on their employee password practices.
  • 25% of employees use the same password in all login credentials.

What are the Risks of Sharing Passwords at Work?

Putting a Stop to Password Sharing

One of the most challenging things in the digital world is managing online accounts by securing passwords from the reach of untrusted sources. Whenever a new data breach or compromised information of a company makes headlines in the news, the most common reason shines out to be the poor password security.

Habits like password sharing, providing login credentials on unsecured websites, weak passwords, etc., put companies at expensive risks. In a study by a renowned password manager company, it was stated that around 61% of users more likely share their work passwords than personal passwords.

There are various organizations that still take the matter of password security lightly. It is important for them to understand the consequences of password sharing at the workplace. Here are the top five security risks of password sharing at work:

  1. Single sign-on (SSO)

SSO is an authentication scheme that allows users to use a single ID and password to access multiple corporate software and applications. An employee can use one password to access dozens of enterprise login accounts at the same time.

Even though this practice seems to be beneficial in easing the burden of memorizing and entering passwords, it has disadvantages too. In the common practice of password sharing, it will give rise to major password security vulnerabilities and issues in the organization.

    2. Credential sharing

In several organizations, password sharing at work is a common practice for various reasons, but this practice can lead to dangerous results. According to cybersecurity research, it was found that 42% of people share their work login credentials to work together with their teammates.

While 34% of stated that this practice reduces cost on user-limited software. Whereas the rest of the respondents said that it is their company’s policy to share passwords for accessing specific accounts. In the end, no matter how effective these practices sound, sectors like Banking, Financial Services, and Insurance (BFSI) might fall under the risk of the massive data breach.

     3. Password reuse

Almost every user has the habit of reusing the same password to log in to more than one account. But reusing the same old passwords only empowers workers to increase the threat of a single stolen password for the company.

Also, reusing a password across multiple websites might result in a data breach because if attackers get the hold of one site then they will try using the same information to target other corporate accounts as well.

     4. Cloud computing

Today many businesses are flocking to the cloud as it offers enterprise advantages like cost savings and fast development. However, there are many applications and software that are based on cloud computing that are poorly secured. In fact, it was surveyed that out of 12000 cloud services, 80% allow weak passwords, which is a major password security flaw. A stolen shared password can easily provide hackers with access to valuable and confidential information of the organization.

    5. Emailed passwords

How Windows Active Directory is failing User Logon Security

In order to collaborate with colleagues in a project or some other requirement, employees generally share passwords over emails. This practice of password sharing on emails becomes habitual due to the lack of security awareness training.

A security service providing firm also once reported that less than 20% of employees telecommute are actually aware of the employee password sharing policy of the organization.

It is essential to make employees understand the significant risks of password sharing on telecommunication. Such practices empower hackers to take advantage of sent messages while they go through the hacked email account of the employee.

How the Importance of Not Sharing Passwords Can Secure Organization? 

No matter where you are or who you find the most trustworthy, habits like password sharing should not be encouraged. Even relying on shared passwords, best practices like password reminding or saving tools are not 100% secure! It is just like handing over your valuables to some stranger over an application or software.

Risks of sharing passwords at work would not only make the professional data vulnerable but personal data too to cybersecurity threats. Organizations must consider implementing an employee password sharing policy to protect the confidentiality of data.

The purpose of using a password is to safeguard data or sensitive information from unauthorized access. Employees working in an organization must understand the value and risks associated with password security. The security administrator of an organization should encourage higher authorities to have GDPR compliance implemented in place for password security.

Apart from that, every organization must provide security awareness training to its employees in order to understand the basic cybersecurity practices and how they must be followed in their day-to-day life.

SQL Injection Attack and its Prevention

Posted on by Anteelo Master

What is SQL Injection (SQLi) and SQL Injection Attack?

Web Security : SQL Injections and how to prevent it in Java application | by Anna Jimenez | Medium

If you are quite familiar with the cyber world then you must have probably heard of “SQL” or “SQL Injections” terms floating around. In simple words, SQL is a database language that stands for Structured Query Language. It was designed for operating database systems like MySQL, Oracle, Microsoft SQL Server or SQLite. On the other hand, SQL injection is a cyber-attack that targets the database with the help of specific SQL statements that are crafted to trick the system into performing uncalled and undesired tasks. The SQL injection attack changes the code to modify the command.

A successful SQL injection attack is capable of:

  • Modifying, altering or deleting data from the database
  • Reading sensitive and confidential data from the database
  • Retrieving the content of a specific file present on the database management system (DBMS)
  • Enforcing administrative operations like shutting down the DBMS

Without proper mitigation controls and security measures, the SQL injection attack can leave an application at a huge risk of data compromise. It can impact the data’s confidentiality and integrity as well as the authentication and authorization with respect to the application. It can also empower an adversary to steal confidential information like user credentials, financial information, or trade secrets by misusing the vulnerability existing in an application or program.

Types of SQL Injection Attacks

What Is SQL Injection? Tips to Prevent SQL Attacks - DNSstuff

An SQL injection can be exploited in many ways and all of these ways require different levels of knowledge ranging from amateur to expert. Here are some common SQL injection types:

  • In-band SQL Injection

It is the most common type of SQL injection attack in which the attacker uses the same communication channel for launching attacks and gathering their results. In-band SQL Injection is infamous among SQL injection attacks for its simplicity and efficiency. It has two sub-variant methods:

    • Error-based SQL Injection: A technique in which the attacker determines the vulnerabilities of the system by deliberately causing the database to produce error messages. Later these error messages are used for returning full query results and revealing all the confidential information from the database. This technique can also be used for identifying vulnerabilities present in a website or web application and in obtaining additional information to redevelop malicious queries.
    • Union-based SQL Injection: In this technique, the attacker gets the benefit of extracting information from the database by expanding results that are returned by the original query. But the Union operator is only useful in case the original or new queries have the same number and data type of columns.
  • Inferential (Blind) SQL Injection

Blind SQL injections mainly rely on the server’s behavior and response patterns where the attacker closely observes the indirect clues. For this observation, the attacker sends the server data payloads. This type of technique is called Blind SQL injection because the attacker doesn’t get the data from the website database, thus making it impossible to see the information about the attack in-band. The Blind SQL injection is classified into two methods:

    • Boolean: Here the attacker sends an SQL query to the database that prompts the application to return a result. However, depending on the query, true or false, the result varies, and based on the result, the information modifies or stays the same, that is there in the HTTP response. With the help of it, the attacker finds out whether the result is true or false in the message generated.
    • Time-based: When an SQL query is sent to the database by the attacker, the database waits for some seconds to respond. By observing that period of time taken by the database to respond, the attacker gets to analyze whether the query is true or false. And based on that result, an HTTP response is generated either instantly or after some waiting period. Thus, without relying on the data from the database, the attacker can determine if the message used has returned true or false.
  • Out-of-band SQL Injection

The most uncommon approach to attack an SQL server, this technique relies on particular features of the SQL-enabled database.  It involves the submission of a DNS or HTTP query to the SQL server that has an SQL statement.  If successful, the Out-of-band attack can transmit the contents of the database, escalate user privileges, and perform the same actions that other types of SQL injection attacks perform.

 

The Recent SQL Injection Attack Examples

Many SQL injection attacks have taken place in the past decade and it can be concluded that SQL injections are one of the most evolving types of cyber attacks. Between the years 2017 and 2019, the SQL injection attacks accounted for 65.1 % of all the attacks on software applications. Here is the list of top SQL injection attack examples of all time that every user must be well aware of!

  1. In one incident of an SQL injection attack, personal details of 156,959 customers were stolen from a British telecommunications’ company’s servers, exploiting a vulnerability present in the legacy web portal. (source: Wikipedia)
  2. According to Help Net Security, 60+ government agencies and universities were successfully targeted using SQL injection attack by a hacker who was involved in penetration of the US Election Assistance Commission and subsequent database sale in November 2016.
  3. The officials at Johns Hopkins University on March 7, 2014, publicly announced that their Biomedical Engineering Servers became victims of an SQL injection attack. The hackers compromised the personal information of 878 students and University staff. They posted a press release and the leaked data on the internet. (source: Wikipedia)
  4. In May 2020, a New Yorker was charged for hacking into e-commerce websites with the motive to steal credit card information. It was reported that the hacker along with its gang used SQL injection techniques for hacking into vulnerable e-commerce websites to steal payment card data.

How To Prevent SQL Injection Attacks?

SQL Injection Prevention - How It Works & How to Prevent It | Parasoft

In order to secure your organization and mitigate SQL injection attacks, the developers, system administrators, and database administrators in the organization must follow these below-mentioned steps:

  1. Ensure to keep all web application software components up to date with the latest security patches and leaving no place for vulnerabilities.
  2. Avoid using shared database accounts between different applications or websites.
  3. Regularly monitor SQL statements from database-connected applications.
  4. Limit the attack surface by getting rid of any database functionality that is no longer needed in order to prevent it from being misused by hackers.
  5. Error messages are key for attackers to learn a great deal about your database architecture, so make sure to display only minimal information.
  6. Always keep the database credentials encrypted and separate safely.
  7. Most importantly, these inculcate the practice of periodic VAPT, i.e. vulnerability assessment and penetration testing. A regular VAPT provides a detailed picture of exploitable vulnerabilities existing within an application and all the risks that are associated with these vulnerabilities. It allows IT, security teams, to focus on the process of mitigating critical vulnerabilities.

Do you think that the SQL injection attack can be another big threat to the next-generation-based software applications in the near future?

Vulnerabilities in Critical Infrastructure and its mitigation

Posted on by Anteelo Master

With geopolitical tension rising in certain parts of the world along with the ambitions of cyber attackers, coming up with a holistic strategy to protect the nation’s critical infrastructure has become a priority for the enterprises handling them. Imagine what would happen if the nuclear plants or the space agencies of a country were hit by a cyber attack. The disruption caused due to a successful cyber attack on a nation’s critical agencies can be far-reaching. It has the potential of causing a major loss of money, time, and even lives. This can be illustrated by a recent incident.

After the release of the largest-ever compilation of breached usernames and passwords, COMB, a cyber attacker wrongfully entered the Oldsmar (Florida) water plant’s computer systems to poison the city’s water supply by changing its pH to dangerously acidic levels. Even though the attack was thwarted before completion, this incident has opened our eyes to the dangerous reality of such an attack being successfully executed in the future.

Tomorrow, this attack can take place in the form of manipulation of boiler pressure in a thermal power plant or a ransomware attack on the country’s top-tier healthcare institutions. All of such attacks are not only potentially life-threatening but also pose a huge risk of material damage.

Key tips for cybersecurity protection at your critical site - Secure Insights

Other Cyber Incidents Around the World Involving Critical Infrastructure

In February 2020, Saudi authorities reported that their public petroleum and natural gas company Saudi Aramco has seen an increase in cyber attack attempts. This public enterprise suffered a huge cyber attack back in the year 2012 when Shamoon Virus hit the facility and damaged around 30,000 computers.

A few months back, New Zealand’s central bank suffered a huge data breach, where commercially and individually sensitive information was stolen by cyber attackers.

In another event, an electricity grid in the state of Maharashtra (India) was hit by a cyber attack that resulted in a power outage. This incident took place in the month of October 2020 and the authorities suspect Chinese involvement in it.

Discussing the Deterrent

In today’s world, there is cut-throat competition between countries for production and use of resources. Therefore, it is all the more important for enterprises handling and managing the critical infrastructure to adopt a multipronged approach while planning a defense against cyber attacks.

At the organizational level, some of the following measures can help in stopping cyber attacks from affecting the enterprise-

  1. Access Management – Access management is the first basic measure that organizations should take to protect their control systems. Identity Access Management (IAM) in databases and other important IT infrastructure is necessary to limit access and prevent the misuse or leak of information.
  2. Awareness as Defense – One very effective way of preventing cyber attacks on an enterprise is to train the employees in the basics of cyber security. Cyber aware employees form a major defense against attempted cyber attacks on the enterprise.

ThreatCop Lifetime Deal | Security Attack and Awareness Simulator

  1. Email Domain Security – To ensure the security of an organization, it is imperative to address the cyber threats originating from its email domain. Using email domain security tools like KDMARC can be very effective in stopping spoofing of the email domain to protect the enterprise against spear-phishing and BEC attacks.
  2. Data Backup –  Frequent data backup in offline locations in a segmented manner is the best approach to defend against ransomware attacks.
  3. Incident Response – Use of incident response tools can facilitate quick detection of and response to a cyber attack. A phishing incident response tool like Threat Alert Button (TAB) can be quite helpful in identifying and removing phishing emails from the employees’ inboxes.
  4. Strong Password Policy – Employees should be encouraged to use strong passwords. This applies to both their work emails and other credentials used for accessing information and operations of critical systems in the enterprise.

 

India: A witness of massive Cyber Attack

Posted on by Anteelo Master

Cyber Threat Report of 2019: 69% of Firms Face Serious Cyber Attacks in India!

69% Indian firms face serious cyber attack risk: Study

Do you know that India is in has been ranked the second position amongst the countries affected by cyber attacks between 2016-2018? According to a source, there was a 22% rise in cyber attack in India on IoT deployments. India has faced the most number of attacks in the IoT department this year. In fact, India has been consecutively facing cyber attacks, the second time in a row!

In a recent study, it was revealed that out of 15 Indian cities, Mumbai, New Delhi, and Bengaluru have faced the maximum number of cyber attacks. In the Annual Cyber Security Report by CISCO, 53% of cyber attacks caused more than $500K of financial loss to organizations in 2018.

cyber attack – The Siasat Daily

India has faced a rise of 7.9% in data breaches since 2017. Also, the average cost per data breach record is mounting to INR 4,552 ($64). Cyber attacks in India have risen up to such an extent that our country ranks fourth out of the top 10 targeted countries in the world. In a report by India Today, Chennai experienced the highest percentile of cyber attacks with a stat of 48% in the first quarter of 2019.

No survey or warning has brought any change in the cyber security policies of companies across the nation. In spite of witnessing several cyber attacks in India, people are still not aware of lucrative cyber security solutions to prevent their organization from any other attack. Here are some recent series of cyber attacks that massively brought loss to renowned companies in India.

The 2019’s Biggest Cyber Attacks  in India

Cyber criminals have adapted advanced cyber attack techniques for their targeted end-users. Various business sectors and geographical locations have faced recent cyber attacks in India.

Cosmos Bank Cyber Attack in Pune 

Cyber Attack at Cosmos Bank

A recent cyber attack in India in 2018 was deployed on Cosmos Bank in Pune. This daring attack shook the whole banking sector of India when hackers siphoned off Rs. 94.42 crores from Cosmos Cooperative Bank Ltd. in Pune.

Hackers hacked into the bank’s ATM server and took details of many visas and rupee debit cardholders. Money was wiped off while hacker gangs from around 28 countries immediately withdrew the amount as soon as they were informed.

ATM System Hacked 

4 ways to hack an ATM — video | Kaspersky official blog

Around mid-2018, Canara bank ATM servers were targeted in a cyber attack. Almost 20 lakh rupees were wiped off from various bank accounts. A count of 50 victims was estimated and according to the sources, cyber attackers held ATM details of more than 300 users. Hackers used skimming devices to steal information from debit cardholders. Transactions made from stolen details amounted from Rs. 10,000 to Rs. 40,000.

UIDAI Aadhaar Software Hacked

UIDAIs Aadhaar Software Hacked To Generate Unlimited IDs Experts Confirm

2018 started with a massive data breach of personal records of 1.1 Billion Indian Aadhaar cardholders. UIDAI revealed that around 210 Indian Government websites had leaked  Aadhaar details of people online.

Data leaked included Aadhaar, PAN and mobile numbers, bank account numbers, IFSC codes and mostly every personal information of all individual cardholders. If it wasn’t enough shocking, anonymous sellers were selling Aadhaar information of any person for Rs. 500 over Whatsapp. Also, one could get any person’s Aadhaar car printout by paying an extra amount of Rs.300.

Hack Attack on Indian Healthcare Websites 

Hackers Attack Indian Healthcare Website, Steal 68 Lakh Records: Report

Indian-based healthcare websites became a victim of cyber attack recently in 2019. As stated by US-based cyber security firms, hackers broke in and invaded a leading India-based healthcare website. The hacker stole 68 lakh records of patients as well as doctors.

SIM Swap Scam

Scam protection: How to prevent sim swap scam 2019? | Cryptopolitan

Two hackers from Navi Mumbai were arrested for transferring 4 crore rupees from numerous bank accounts in August 2018. They illegally transferred money from the bank accounts of many individuals. By fraudulently gaining SIM card information, both attackers blocked individuals’ SIM cards and with the help of fake document posts, they carried out transactions via online banking. They also tried to hack accounts of various targeted companies.

Aforesaid stats and events of the latest cyber attacks in India are the wake-up call for all those individuals and companies who are still vulnerable to cyber threats. It is very essential for organizations to implement cyber security measures and follow the below-mentioned security guidelines.

Cyber Security Measures for Organizations to Prevent Cyber Attacks

Bird Protect Stock Illustrations – 1,476 Bird Protect Stock Illustrations, Vectors & Clipart - Dreamstime

  1. Educate employees on the emerging cyber attacks with security awareness training.
  2. Keep all software and systems updated from time to time with the latest security patches.
  3. Implement email authentication protocols such as DMARC, DKIM and SPF to secure your email domain from email-based cyber attacks.
  4. Get regular Vulnerability Assessment and Penetration Testing to patch and remove the existing vulnerabilities in the network and web application.
  5. Limit employee access to sensitive data or confidential information and limit their authority to install the software.
  6. Use highly strong passwords for accounts and make sure to update them at long intervals.
  7. Avoid the practice of openly password sharing at work.

Significance of Vulnerability Assessment

Posted on by Anteelo Master

What is Vulnerability Assessment? | Vulnerability Analysis Definition

Vulnerabilities are the anomalies such as programming errors or configuration issues of the system. Attackers exploit the weaknesses in the system and can, in turn, disrupt the system. If these vulnerabilities are exploited, then it can result in the compromise of confidentiality, integrity as well as the availability of resources that belong to the organization.

How Can We Detect and Prevent These Vulnerabilities?

Premium Vector | Virus design locked up in bird cages

Vulnerability assessment is the risk management process that defines, identifies, classifies, and prioritizes vulnerabilities within computer systems, applications as well as network infrastructures. This helps the organization in conducting the assessment with the required knowledge, awareness, and risk posture for understanding the cyber threats. Vulnerability assessment is conducted in two ways.

Types of Vulnerability Assessment

Automated Testing

Why Automated Testing | Advantages of Automated Testing

Automated tools such as Vulnerability scanning tools scan applications to discover cyber security vulnerabilities. These include SQL injection, Command Injection, Path Traversal, and Cross-Site scripting. It is a part of Dynamic Application Security Testing that helps in finding malicious code, application backdoors as well as other threats present in the software and applications.

Manual Testing

What Is Manual Testing? How To Do Manual Testing - TestLodge

Manual testing is based on the expertise of a pen-tester. They are the experts that dive deep into the infrastructure that will help them in finding out the vulnerabilities that cyber attackers can exploit.

Following are the types of vulnerability assessment and penetration testing:

Different Types of Manual Testing

  1. Application Security Testing 

Web Application Penetration Testing Using Burp Suite Udemy Download Free - Freetutorials.us

It is the process of testing and analyzing a mobile or web application. This methodology helps pen-testers in understanding the security posture of websites and applications.

The  application security testing process includes:

    •       Password quality rules
    •       Brute force attack testing
    •       User authorization processes
    •       Session cookies
    •       SQL injection
  1. Server Security Testing

What is DevSecOps and how is it relevant for your company?

Servers contain information including the source code of the application, configuration files, cryptographic keys as well as other important data. Pen-testers perform an in-depth analysis of the server in the server security testing. Based on this analysis, testers perform an approach to mimic real-time cyber attacks.

  1. Infrastructure Penetration Testing

Penetration Testing in the AWS Cloud: What You Need to Know - Rhino Security Labs

Infrastructure penetration testing is a proven method to evaluate the security of computing networks, infrastructure as well as the weakness in applications by simulating a malicious cyber attack.

  1. Cloud Security Testing

Application Security | Venkon

Every organization that keeps its platforms, customer data, applications, operating systems as well as networks over the cloud; must perform cloud security testing. Cloud security is essential for assessing the security of the operating systems and applications that run on the cloud. This requires equipping cloud instances with defensive security controls and regular assessment of the ability to withstand cyber threats.

  1. IoT Security Testing

The Challenges of Ensuring IoT Security | Netsparker

With our increasing engagement with technology, we are becoming more advanced in incorporating technology with things that we use on a daily basis. Pen-testers are aware of the complexities and how cyber criminals exploit them.

IoT penetration and system analysis testing considers the entire ecosystem of IoT technology. It covers each segment and analyses the security of the IoT devices. The testing services include IoT mobile applications, communication, protocols, cloud APIs as well as the embedded hardware and firmware.

Which is the Better Method of Vulnerability Assessment?

A Better Method to Reading Textbooks | by Alaric Linen | Age of Awareness | Mar, 2021 | Medium

Manual vulnerability assessment is better than vulnerability scanning tools since automated tools often give false results. This can seriously hamper the process of vulnerability assessment. Although automated tools make the assessment process faster and less labor-intensive, the tools are not capable of identifying vulnerabilities.

This can be far better done by observant pen testers who use systematic technology with years of experience. Manual vulnerability assessment requires time but, it is far more effective and accurate than vulnerability scanning tools. The reason behind preferring manual assessment is the lack of an in-depth understanding of the system to discover vulnerabilities. Therefore, it is always better to consult a leading cyber security company for investing in VAPT services that can help you strengthen your organization’s security infrastructure.

Worst Ransomware Attacks of India

Posted on by Anteelo Master

State of Affairs of Ransomware Attacks in India: 2019

Did you know more than 230,000 ransomware attack submissions were discovered in 2019 between April 1st and September 30th? Last year, the resurging ransomware attack in India became a headache for the corporate sectors targeting and affecting various organizations across the nation. In fact, the three most notorious members of the ransomware family- Ryuk, Purga, and Stop made major headlines in the nation.

How to Beat Hackers Targeting Backups with Ransomware Attacks | IT Pro

The Stop ransomware caused about 10.10% of the ransomware attacks followed by Ryuk making about 5.84% attacks along with Purga for deploying 0.80% of ransomware attacks! (source: TSG Sunday  Guardian Live)

Ryuk seemed to have been the most active threat landscape in the Indian public as well as private sectors. On the other hand, brute-force attacks on RDP and SMBs seemed to have steadily increased in 2019.

According to the Business Standard, last year was entirely the year of ransomware attacks on municipalities. It was observed that not less than 174 municipal institutions were targeted with more than 3000 subset organizations! In comparison, 60% of the increase from 2018 was experienced in 2019!

Reportedly, organizations have faced double extortion in Q1 2020 across the globe. Moreover, security research has anticipated that a business is attacked every 11 seconds by cybercriminals. The cost of damage is predicted to hit around $20 billion by 2021.

Although, this figure may vary later depending upon the cost of attacks and its devastating consequences. To know how brutal ransomware attacks can get, here are the top devastating ransomware attacks that took place in India.

Top 6 Ransomware Attacks in India

  • Telangana and AP Power Utilities Hacked

A malicious software attacked the power utility systems of  Telangana and Andhra Pradesh last year where all the servers went down until the glitch was rectified. Since the computer systems of Telangana and Andhra Pradesh power utilities were interlinked, the virus attack quickly spread, taking down all the systems.

Ransomware hits Telangana and Andhra Pradesh power department websites | Hyderabad News - Times of India
  • UHBVN Ransomware Attack

Uttar Haryana Bijli Vitran Nigam was hit by a ransomware attack where the hackers gained access to the computer systems of the power company and stole the billing data of customers. The attackers demanded Rs.1 crore or $10 million in return for giving back the data.

UHBVN Billing Data Hacked and Hackers Demanding one Crore in Bitcoins

  • WannaCry

India was the third worst-hit nation by WannaCry ransomware, affecting more than 2 lakh computer systems. During the first wave of attack, this ransomware attack had hit banks in India including few enterprises in Tamil Nadu and Gujarat. The ransomware majorly affected the US healthcare system and a well-known French car manufacturing firm.

WannaCry Attack: Why Proper Backup Solution Is A Must

  • Mirai Botnet Malware Attack 

This botnet malware took over the internet, targeting home routers and IoT devices. This malware affected 2.5 million IoT devices including a large number of computer systems in India. This self-propagating malware was capable of using exploitable unpatched vulnerabilities to access networks and systems.

Mirai DDoS Attack Explained

  • Petya

India was one of the top 10 countries to be hit by Petya ransomware. This ransomware attack halted work at one of the terminals of India’s largest seaport causing computer lockdown and serious consequences for the country’s exports.

Petya Ransomware Spreading Rapidly Worldwide, Just Like WannaCry

  • BSNL Malware Attack

The state-owned telecom operator BSNL was hit by a major malware attack, impacting nearly 2000 broadband modems! 60,000 modems became dysfunctional after the malware attack hit the Telecom Circle.

Malware Attacks on BSNL, MTNL Broadband Modems – Steps To Restore | DataReign

Proactive Measures to Prevent Ransomware Attacks

As we continue to develop smart cities and smart grid technologies in 2020, the risk of ransomware attacks will stay put as a big challenge for all the organizations. Apart from focusing on development and advancement, every industry vertical must understand the crucial role of cyber security.

With the help of these below listed proactive measure, organizations can reduce or prevent the constantly evolving ransomware attacks in the future:

Employee Awareness Training

Cyber threat actors majorly use emails as bait in attempting cyber attacks on an organization and humans being the weakest link tend to easily fall for it. So to avoid and overcome this problem, organizations must educate their employees by making them aware of the prevailing cyber threats.

7 Tips for an Effective Employee Security Awareness ...

A right security attack simulator and awareness training tool can help in reducing the threat of employee error. Such tools help in mitigating existing cyber risks within the organization and enhance the cyber security posture.

Backup Your Data Separately

The best way to stay proactive is by backing up your data in a separate external storage device but it should not be connected to your computer. Backing up your data will help in securing it from being encrypted and misused by cyber attackers.

Regular Vulnerability Assessment 

Basic cyber security hygiene like vulnerability assessment and penetration testing can help in preventing malware like ransomware. With the help of continuous vulnerability assessment, one can find out the exploitable vulnerabilities and fix them before any threat actor discovers it.

Never Click on Unverified Links

Avoid clicking links that are attached in spam emails or on an unfamiliar website. Such links are the bearers of malicious files that badly infect the user’s computer when clicked. Moreover, these links are the pathways for ransomware to access the user’s system and encrypt or lock confidential data for ransom.

6 Biggest Ransomware Attacks that Happened in India - Kratikal Blogs

Use Security Software 

With cybercrimes becoming more widespread and constantly evolving in nature, protection against them has never been more crucial. It is necessary for organizations to secure their entire IT infrastructure with comprehensive cyber security solutions and software to blocking and keep the cyber threat postures at bay.

Among all other cyber attacks, ransomware is one kind of criminal activity that can be easily prevented by these above-mentioned solutions. Companies must remain vigilant, watchful and prepared to stay protected against such prevailing cyber risks.

The best way to deal with ransomware attacks is to stay protected by following healthy security practices and avoiding suspicious emails in the first place!

Weapon against Phishing Attacks

Posted on by Anteelo Master

Microsoft Seizes Domains Used in COVID-19 Phishing Attacks - My TechDecisions

In the IT world, phishing is not a vague term. For those wondering “what is phishing?” it is an online identity theft. This cyber-attack is carried out by sending spoofed emails in the name of trusted sources like a bank or legitimate companies. Furthermore, the aim of this corrupt practice is to obtain credentials and financial information of the users. But with the rate of rapidly increasing phishing attacks, proper defense against phishing has to be taken.

In the cyber world, phishing attacks have risen up to 65% as compared to the past year. The level of phishing attacks has advanced so well that even top-notch companies have become phishing scam targets.

In order to secure data from any further exploitation, anti-phishing solutions have been introduced lately for defense against phishing. But before taking any step, you must know how to find a phishing email so that you are saved from phisher’s hook.

How Can You Identify A Phishing Email?

How To Recognize and Avoid Phishing Scams | FTC Consumer Information

Phishers aim user’s inbox for phishing attack by sending various forms of email that convinces a user to:

  • Click on a link
  • Enter credentials like username, passwords, etc. on a legitimate-looking website
  • Install application or software on your device
  • Open a doc file or many other tricks to lure users

The motive of sending such emails is to trick users to download malware on their devices. By doing this, the attacker would have the ease of remotely controlling the user’s device so as to steal all the important data.

To avoid such attacks, you can follow tips that will help you to protect against phishing attacks.

Guidelines for Best Defense Against Phishing

Updated software and OS:

What is an Update?

Always keep the version of your operating system up to date so as to avoid any sort of malware attack for the best phishing protection. Outdated software or operating system hold way too many bugs and hence become an easy target of phishing attacks.

Avoid Password Auto-Fill Service:

Autofill: What It Is & How To Use It On Your Android Device

Phishers are experts in using platforms to attempt a phishing attack, so it is better to skip a “save password” option if it pops up on any website. This step will help in keeping your information secure from hackers.

Two-Factor Authentication:

Is two-factor authentication (2FA) as secure as it seems? - Malwarebytes Labs | Malwarebytes Labs

It is better to adopt the latest technologies for security purposes if it comes from the right sources. Two-factor authentication is a widely used technique to secure data and financial information from unauthorized access.

Use Google Drive for Suspicious Documents:

Add Files Owned By Suspended Accounts To Shared Drives

In case you find any document sent from an unknown sender or receive a dubious-looking file, ensure to upload it on Google Drive. This would turn document into image or HTML, which in turn would avoid the installation of malware on your device.

 

Vitality of Cyber Security

Posted on by Anteelo Master

Familiarising With The Term Cyber Security 

Key cyber security trends to look out for in 2021 - Information Age

You must have heard of the word cyber security, making headlines in the news, internet, social media, IT forums, etc. However, has it ever occurred to you that what is cyber security or why does the security administrator of your organization keep on talking about the importance of cyber security?

Fundamentally, cyber security is the body of technology, process, and practice, designed to protect systems, networks, programs, and data from cyber risks like cyber attacks, damage, or unauthorized access. It is also referred to as information technology security. With cyber attacks evolving today as a danger to organizations, employees and customers, cyber security plays a very crucial role in prevention against such security threats.

As we have entered into this new decade, we can already see new challenges arising in cyber security since day one! It is no surprise to see that cyber security is constantly on a rise and there is a lot in store for the near future. Today, companies have become more technologically reliant than ever and the trend doesn’t seem to stop. Rather, it looks like this technological reliance will keep evolving in the long term.

Almost every organization nowadays, uses cloud storage services like Dropbox or Google Drive to store their confidential data and sensitive information. If not taken proper online security measures, this data present online can easily be exploited by cyber criminals.

Why is Cyber Security Important for Companies Today? 

The Importance and Scope of Cyber Security

Often some organizations take their data security lightly and as a result, they fall victim to cyber attacks. In fact, our companies are still not immune to these evolving cyber attacks. But thanks to these fast-developing technology standards today, cyber security has become a priority for every organization across the world.

Think you are secure online? Think again!

It is a serious matter of how cyber attacks are shaping in every form possible in order to stay one step ahead of the development in technology. Phishing, ransomware, cyber scams are some of the common yet highly dangerous cyber attacks that are designed with the motive to access and exploit the user’s sensitive data and extort money out of it.

Here are some more major reasons to understand why cyber security is important for companies:

  • Rise of Cyber Crimes

Be it a large scale or a small scale firm, hackers and cyber criminals spare no one. Rather, they lookout for opportunities to exploit data and get money out of these firms. Over the past year, the average cost of cyber crime for an organization has increased 23% more than last year—US$11.7 million, according to the report. Also, the average number of security breaches has risen significantly and it is now $3.86 million, as per the report. With the introduction of new technologies, the chances of cyber threats and risks are also rapidly increasing. Cyber criminals have advanced their attempts of deploying cyber attacks with the evolution of technology.

  • Growth of IoT Devices

With the mission to create smart cities with smart devices, our dependency to connect everything to the internet has increased too. The introduction of IoT technology i.e. Internet of Things, has not only simplified and speed up our tasks but has also created a pit of new vulnerabilities for hackers to exploit. No matter how advanced security measures we take,  cyber criminals will always stay one step ahead to attempt cyber crimes. If these internet-connected devices are not managed properly then they can provide a gateway to business to hackers or cyber criminals!

  • Bridge to Security Gap

Human resources and IT resources have always been one of the most important aspects of any organization. Regardless of their dependency on each other, there has always been a security gap between both aspects. In order to bridge this gap, it is important to provide individuals working in an organization with the right cyber security awareness training. Training for employees is necessary to bridge the gap of cyber security skills and to create a cyber-resilient working culture in the organization.

  • Cost of Cyber Risks 

Cyber attacks today are not only multiplying in numbers but are also multiplying in the cost of damage created. These cyber attacks can prove to be extremely expensive for any organization to endure if not taken proper security measures. With more business infrastructures connecting, it is predicted, cyber crime to cost the world $10.5 trillion annually by 2025, says the report. Besides, it is not just the financial damage that could cost but also the reputation of the firm along with loss of customer trust in the business.

  • Security of Data

When it comes to data security, it can be clearly seen how organizations are getting highly comfortable in keeping their information online. With the alarming number of data breaches and information leaks making news headlines almost every day, it can be seen how vulnerable the data left is online. Moreover, cyber attack vectors such as ransomware, phishing, cyber scams, risk of removable media, etc. leave no room for data exploitation and publicizing of any vulnerable data. Implementation of the right cyber security solutions is a must to avoid any future cyber risks related to the sensitive data of an organization.

How to Cyber Secure Your Organization in 2021?

The Importance of Cyber Security in Schools - Complete IT

Are you here to look for the best defensive system for your organization to combat cyber attacks? Well, the only thing that is important for your organization in 2021 is a strong cyber security system along with the best cyber defense practices to reduce the cyber threat posture of your organization.

Solely relying on anti-virus software will not stop cyber criminals from accessing your business. But educating employees in making smart cyber defensive choices can definitely reduce the chances of cyber risks!

Moreover, it doesn’t require a specialist to teach employees about cyber defense and cyber security awareness. There are advanced technology-based tools available today to help and guide employees in recognizing and combating cyber threats before they infiltrate networks and systems.

The web and network attackers are constantly striving to undermine the security system of the company’s IT infrastructure today with the intention of stealing the confidential data. Thus, making it more challenging for organizations to stay cyber secure.

Organizations are required to equip themselves to prepare for tight security measures and best cyber security solutions like security risk assessment tools, anti-phishing, and fraud monitoring tools to look for vulnerabilities and to track your brand online. Always remember that an ounce of prevention is worth a pound of cure!

Delivering excellence, collaborating across time zones.

Take a look at our global hideouts.​

DMCA.com Protection Status

Contact

contact@anteelo.com

Twitter Instagram Dribbble Linkedin Facebook

India (HQ)

C-2073A, Sushant Lok, Phase-1, Gurgaon,
Haryana 122002

Atlanta, USA

120 West Trinity Place Decatur, GA 30030

London, UK

33 St James’s Square, London
SW1Y 4JS

Dubai, UAE

704, Saheel Tower 1 Al Nahda 1,
Dubai, UAE

Melbourne, Australia

291 -Blackburn Road, Burwood East Vic 3151

Surabaya, Indonesia

Jl. Hang Tuah 14 Sidoarjo Jawa
Timur 61212

India (HQ)

C-2073A, Sushant Lok, Phase-1,
Gurgaon, Haryana 122002

Atlanta

Atlanta, USA – 120 West Trinity Place
Decatur, GA 30030

London

33 St James’s Square,
London SW1Y 4JS

Dubai

UAE – Office # 704, Saheel Tower
1 Al Nahda 1, Dubai, UAE

Australia

Level 33, Australia Square 264
George Street, Sydney, 2000

Indonesia

Jl. Hang Tuah 14 Sidoarjo
Jawa Timur 61212

© 2018-2022 Anteelo Design Private Limited
A Quantum Oakmen Partner Venture

error: Content is protected !!