Page 7 - Cyber Security
Cyberfraud is an area which requires lot of attention: Rakesh Asthana
Former CBI chief Rakesh Asthana said on Saturday incidents of cyberfraud are increasing and this is a domain that now requires a lot of attention. He cited his own case in which he became a victim of cyberfraud when he was serving as the Border Security Force (BSF) director general, and some fraudsters withdrew Rs 40,000 from his account using his Aadhaar biometrics. "This is an area which requires a lot of attention not only from the police and the government law-enforcement bodies but also from private investigating agencies. You can assist the law enforcement agencies," Asthana said at an event, National Corporate Investigators Conclave-2023, organised by the Association of Professional Detectives & Investigators (APDI). Talking about his case, Asthana, who also served as the Delhi Police chief, said the crime was linked to several places in Bihar and Jharkhand from where 40 people were arrested. Multiple laptops and mobile phones were seized, he said One of the masterminds was
 "Cyberfraud is an area which requires lot of attention: Rakesh Asthana")
Parliamentary Panel recommends DGCA-like authority for cybersecurity
The committee also recommended the institution of a white-listing framework for digital lending agencies and other financial intermediaries
 "Parliamentary Panel recommends DGCA-like authority for cybersecurity")
14,007 cyber fraud cases were registered in 2021: Govt in Parliament
As many as 14,007 cyber fraud cases were registered in 2021, Parliament was informed on Monday. Quoting National Crime Records Bureau (NCRB) data, Minister of State for Finance Bhagwat Karad said "total number of cyber fraud cases which includes...frauds committed through online apps is 14,007 in 2021 (latest published data pertains to the year 2021)." RBI issued regulatory guidelines on digital lending on September 2, 2022 aimed at firming up the regulatory framework for digital lending while enhancing customer protection and making the digital lending ecosystem safe and sound, he said in a written reply in Lok Sabha. As many as 1,062 complaints related to digital lending apps' received by the Offices of the RBI Ombudsman (ORBIOs) against REs under Reserve Bank Integrated Ombudsman Scheme, 2021 (RB-IOS) were received between April 1, 2022 and March 31, 2023, he said. This regulatory framework is based on the principle that lending business can be carried out only by entities that
 "14,007 cyber fraud cases were registered in 2021: Govt in Parliament")
Cyber security start-up PingSafe announces raising $3.3 mn in seed funding
Company aims to serve cloud security-related organisational needs for customers
 "Cyber security start-up PingSafe announces raising $3.3 mn in seed funding")
Vaishnaw calls for joint global, national efforts for cybersecurity
IT Minister Ashwini Vaishnaw on Friday called for coordinated cybersecurity efforts and strategies at global, national and organisational levels to protect cyberspace and societies, as he emphasised the need for shared solutions to tackle the challenges, being compounded by new technologies like AI. The minister exhorted G20 member countries to come together and think through these challenges, share solutions and tools, and "co-operate across boundaries". Citing platforms like UPI, ONDC and CoWIN, the minister said that India with its robust digital public infrastructure has ensured true democratisation of technology for the benefit of its people. "We have seen in many parts of the world, technology has been cornered by a few big-tech companies...is that the right model for a country, democracy or society which is evolving so fast?" Vaishnaw said asserting that India has been clear in its approach on democratising technology to ensure it is inclusive, accessible to all, and not ...
 "Vaishnaw calls for joint global, national efforts for cybersecurity")
Sebi issues consultation paper on cyber security, resilience framework
Sebi on Tuesday came out with a consultation paper on boosting cyber security framework for entities regulated by it. The consultation paper on 'Consolidated Cyber security and Cyber Resilience Framework (CSCRF) for Sebi Regulated Entities' looks at providing a common structure for multiple approaches to cyber security to prevent any cyber-risks/incidents. Sebi said the framework is based on five concurrent and continuous functions of cyber security as defined by NIST -- Identify, Protect, Detect, Respond, and Recover. NIST refers to the National Institute of Standards and Technology. "All REs shall formulate an up-to-date Cyber Crisis Management Plan (CCMP)," the consultation paper said, adding that they would also have to put in place comprehensive incident response management plan and respective Standard Operating Procedures (SOPs). "Alerts generated from monitoring and detection systems shall be suitably investigated for Root Cause Analysis (RCA)," it noted. Comments on the
 "Sebi issues consultation paper on cyber security, resilience framework")
Market regulator Sebi mulls consolidated framework for cyber security
Regulator's consultation paper proposes to supersede 15 circulars issued earlier
 "Market regulator Sebi mulls consolidated framework for cyber security")
CERT-In cyber security norms bar use of Anydesk, Teamviewer by govt dept
Cyber security watchdog CERTin has barred the use of remote desktop softwares like Anydesk and Teamviewer in the government department under new security guidelines released on Friday. The guidelines prescribe government departments use virtual private networks (VPN) for accessing network resources from remote locations and enable multi-factor authentication (MFA) for VPN accounts. "Ensure to block access to any remote desktop applications, such as Anydesk, Teamviewer, Ammyy admin etc," Guidelines on Information Security Practices for Government Entities said. CERT-In (Indian Computer Emergency Response Team ) said the purpose of these guidelines is to establish a prioritised baseline for cyber security measures and controls within government organisations and their associated organisations. Minister of State for Electronics and IT Rajeev Chandrasekhar in an official statement said the government has taken several initiatives to ensure an open, safe and trusted and accountable digi
 "CERT-In cyber security norms bar use of Anydesk, Teamviewer by govt dept")
Paracetamol maker Granules India flags operations hit from cyber attack
Due to significant changes in its IT systems, the IT security incident caused a major disruption in its business operations, the Paracetamol maker said in an exchange filing
 "Paracetamol maker Granules India flags operations hit from cyber attack")
IT Ministry, Google announce collaboration to boost online cyber safety
Google will raise awareness on the fundamentals of online safety through the 'Be Internet Awesome' programme, sharing helpful content covering a wide range of online safety topics
 "IT Ministry, Google announce collaboration to boost online cyber safety")
India needs better defences to be a digital superpower after data breach
I suspect the government is right and CoWIN is not currently being accessed by hackers. Even so, it seems likely that outsiders have penetrated some aspect of India's digital public infrastructure
 "India needs better defences to be a digital superpower after data breach")
G20: Experts deliberate on cyber security exercise for banking sector
The Deputy Governor in his address stressed that managing cyber risks has become a key driver for ensuring financial stability
 "G20: Experts deliberate on cyber security exercise for banking sector")
RBI announces draft cyber security norms for payment system operators
Seeks feedback on draft norms from payment system operators by June 30
 "RBI announces draft cyber security norms for payment system operators")
RBI releases draft on cyber resilience, digital payment security controls
According to the RBI's release, the central bank has invited feedback from the shareholders on the same
 "RBI releases draft on cyber resilience, digital payment security controls")
WhatsApp launches global security centre to further safeguard users
The security centre will be available in English and 10 languages -- Hindi, Punjabi, Tamil, Telugu, Malayalam, Kannada, Bengali, Marathi, Urdu and Gujarati
 "WhatsApp launches global security centre to further safeguard users")
Cyber attack in Greece disrupts high school exams, causes political spat
Greece's Education Ministry says it has been targeted in a cyberattack described as the most extensive in the country's history, aimed at disabling a centralised high school examination platform. It said the distributed denial of service, or DDoS, attacks aimed at overwhelming the platform occurred for a second consecutive day Tuesday. The attack involved computers from 114 countries, causing outages and delays in high school exams but failing to cripple the system, the ministry said. The cyberattacks prompted a judicial investigation ordered by a Supreme Court prosecutor, to be assisted by the police's cybercrime division. It is the most significant attack ever carried out against a Greek public or government organisation, the Education Ministry said, describing the incidents on Monday and Tuesday as large scale and of sustained duration. End-of year high school exams in Greece are administered using an online platform known as the Subject Bank, designed to to set a uniform stand
 "Cyber attack in Greece disrupts high school exams, causes political spat")
Bots now make up nearly half of all internet traffic, study reveals
With the introduction of Google's Bard and OpenAI's ChatGPT, the researchers fear that bot activity will rise even more this year
 "Bots now make up nearly half of all internet traffic, study reveals")
47% of Indian CSPs now prioritise upgrading firewalls as hacking rises
The report found that 100 per cent of the Indian service providers expect to see traffic volumes rise in the next 2-3 years
50% of firms fell victim to ransomware attacks in 2022, shows report
The survey was conducted among 569 cybersecurity leaders from 31 different locations around the world, including the US, UK, France, India, and Japan, among others
 "50% of firms fell victim to ransomware attacks in 2022, shows report")
UPSRTC ticketing website hacked, may take up to 10 days to restore it
Cyber thugs hacked the ticket booking website of Uttar Pradesh State Road Transport Corporation (UPSRTC) early Wednesday and it will take up to 10 days to completely restore it, the government said. The website was hacked by foreign hackers around 2 am due to which the ticketing system was affected and efforts are underway to restore it, the government said in a statement. M/s Orion Pro, the company managing the website, has deployed a team of experts to recover data from the website and has sought a week's time to set up a new server to restore the online ticketing services, it said. The company has also filed a case in this matter at its headquarters in Navi Mumbai. The online ticketing system will be restored in all 20 areas and 115 depots of UPSRTC in a phased manner over the next 7-10 days, the statement said. "The transport corporation's buses are being operated through manual ticketing, so that the operation of the buses is not affected. Regional officers have been asked to
 "UPSRTC ticketing website hacked, may take up to 10 days to restore it")