Page 7 - Cyber Security
Vaishnaw calls for joint global, national efforts for cybersecurity
IT Minister Ashwini Vaishnaw on Friday called for coordinated cybersecurity efforts and strategies at global, national and organisational levels to protect cyberspace and societies, as he emphasised the need for shared solutions to tackle the challenges, being compounded by new technologies like AI. The minister exhorted G20 member countries to come together and think through these challenges, share solutions and tools, and "co-operate across boundaries". Citing platforms like UPI, ONDC and CoWIN, the minister said that India with its robust digital public infrastructure has ensured true democratisation of technology for the benefit of its people. "We have seen in many parts of the world, technology has been cornered by a few big-tech companies...is that the right model for a country, democracy or society which is evolving so fast?" Vaishnaw said asserting that India has been clear in its approach on democratising technology to ensure it is inclusive, accessible to all, and not ...
 "Vaishnaw calls for joint global, national efforts for cybersecurity")
Sebi issues consultation paper on cyber security, resilience framework
Sebi on Tuesday came out with a consultation paper on boosting cyber security framework for entities regulated by it. The consultation paper on 'Consolidated Cyber security and Cyber Resilience Framework (CSCRF) for Sebi Regulated Entities' looks at providing a common structure for multiple approaches to cyber security to prevent any cyber-risks/incidents. Sebi said the framework is based on five concurrent and continuous functions of cyber security as defined by NIST -- Identify, Protect, Detect, Respond, and Recover. NIST refers to the National Institute of Standards and Technology. "All REs shall formulate an up-to-date Cyber Crisis Management Plan (CCMP)," the consultation paper said, adding that they would also have to put in place comprehensive incident response management plan and respective Standard Operating Procedures (SOPs). "Alerts generated from monitoring and detection systems shall be suitably investigated for Root Cause Analysis (RCA)," it noted. Comments on the
 "Sebi issues consultation paper on cyber security, resilience framework")
Market regulator Sebi mulls consolidated framework for cyber security
Regulator's consultation paper proposes to supersede 15 circulars issued earlier
 "Market regulator Sebi mulls consolidated framework for cyber security")
CERT-In cyber security norms bar use of Anydesk, Teamviewer by govt dept
Cyber security watchdog CERTin has barred the use of remote desktop softwares like Anydesk and Teamviewer in the government department under new security guidelines released on Friday. The guidelines prescribe government departments use virtual private networks (VPN) for accessing network resources from remote locations and enable multi-factor authentication (MFA) for VPN accounts. "Ensure to block access to any remote desktop applications, such as Anydesk, Teamviewer, Ammyy admin etc," Guidelines on Information Security Practices for Government Entities said. CERT-In (Indian Computer Emergency Response Team ) said the purpose of these guidelines is to establish a prioritised baseline for cyber security measures and controls within government organisations and their associated organisations. Minister of State for Electronics and IT Rajeev Chandrasekhar in an official statement said the government has taken several initiatives to ensure an open, safe and trusted and accountable digi
 "CERT-In cyber security norms bar use of Anydesk, Teamviewer by govt dept")
Paracetamol maker Granules India flags operations hit from cyber attack
Due to significant changes in its IT systems, the IT security incident caused a major disruption in its business operations, the Paracetamol maker said in an exchange filing
 "Paracetamol maker Granules India flags operations hit from cyber attack")
IT Ministry, Google announce collaboration to boost online cyber safety
Google will raise awareness on the fundamentals of online safety through the 'Be Internet Awesome' programme, sharing helpful content covering a wide range of online safety topics
 "IT Ministry, Google announce collaboration to boost online cyber safety")
India needs better defences to be a digital superpower after data breach
I suspect the government is right and CoWIN is not currently being accessed by hackers. Even so, it seems likely that outsiders have penetrated some aspect of India's digital public infrastructure
 "India needs better defences to be a digital superpower after data breach")
G20: Experts deliberate on cyber security exercise for banking sector
The Deputy Governor in his address stressed that managing cyber risks has become a key driver for ensuring financial stability
 "G20: Experts deliberate on cyber security exercise for banking sector")
RBI announces draft cyber security norms for payment system operators
Seeks feedback on draft norms from payment system operators by June 30
 "RBI announces draft cyber security norms for payment system operators")
RBI releases draft on cyber resilience, digital payment security controls
According to the RBI's release, the central bank has invited feedback from the shareholders on the same
 "RBI releases draft on cyber resilience, digital payment security controls")
WhatsApp launches global security centre to further safeguard users
The security centre will be available in English and 10 languages -- Hindi, Punjabi, Tamil, Telugu, Malayalam, Kannada, Bengali, Marathi, Urdu and Gujarati
 "WhatsApp launches global security centre to further safeguard users")
Cyber attack in Greece disrupts high school exams, causes political spat
Greece's Education Ministry says it has been targeted in a cyberattack described as the most extensive in the country's history, aimed at disabling a centralised high school examination platform. It said the distributed denial of service, or DDoS, attacks aimed at overwhelming the platform occurred for a second consecutive day Tuesday. The attack involved computers from 114 countries, causing outages and delays in high school exams but failing to cripple the system, the ministry said. The cyberattacks prompted a judicial investigation ordered by a Supreme Court prosecutor, to be assisted by the police's cybercrime division. It is the most significant attack ever carried out against a Greek public or government organisation, the Education Ministry said, describing the incidents on Monday and Tuesday as large scale and of sustained duration. End-of year high school exams in Greece are administered using an online platform known as the Subject Bank, designed to to set a uniform stand
 "Cyber attack in Greece disrupts high school exams, causes political spat")
Bots now make up nearly half of all internet traffic, study reveals
With the introduction of Google's Bard and OpenAI's ChatGPT, the researchers fear that bot activity will rise even more this year
 "Bots now make up nearly half of all internet traffic, study reveals")
47% of Indian CSPs now prioritise upgrading firewalls as hacking rises
The report found that 100 per cent of the Indian service providers expect to see traffic volumes rise in the next 2-3 years
 "47% of Indian CSPs now prioritise upgrading firewalls as hacking rises")
50% of firms fell victim to ransomware attacks in 2022, shows report
The survey was conducted among 569 cybersecurity leaders from 31 different locations around the world, including the US, UK, France, India, and Japan, among others
 "50% of firms fell victim to ransomware attacks in 2022, shows report")
UPSRTC ticketing website hacked, may take up to 10 days to restore it
Cyber thugs hacked the ticket booking website of Uttar Pradesh State Road Transport Corporation (UPSRTC) early Wednesday and it will take up to 10 days to completely restore it, the government said. The website was hacked by foreign hackers around 2 am due to which the ticketing system was affected and efforts are underway to restore it, the government said in a statement. M/s Orion Pro, the company managing the website, has deployed a team of experts to recover data from the website and has sought a week's time to set up a new server to restore the online ticketing services, it said. The company has also filed a case in this matter at its headquarters in Navi Mumbai. The online ticketing system will be restored in all 20 areas and 115 depots of UPSRTC in a phased manner over the next 7-10 days, the statement said. "The transport corporation's buses are being operated through manual ticketing, so that the operation of the buses is not affected. Regional officers have been asked to
 "UPSRTC ticketing website hacked, may take up to 10 days to restore it")
Indian CISOs face challenges in securing support to combat cyber attacks
Indian CISOs (Chief Information Security Officers) said they struggle at some level to get support from the executive board for the resources needed to maintain cybersecurity strength, new report said
 "Indian CISOs face challenges in securing support to combat cyber attacks")
Twitter account of crypto exchange KuCoin hacked, over $22.6K stolen
Singapore-based cryptocurrency exchange KuCoin has said that its Twitter account was hacked, allowing threat actors to promote a fraudulent giveaway scam
 "Twitter account of crypto exchange KuCoin hacked, over $22.6K stolen")
US keen on alliance in connectivity, solid waste management with Mizoram
The Minister also asserted the prevalence of HIV/AIDS, Cancer, Malaria, TB in the state and called for better cooperation to eradicate such diseases from the state
 "US keen on alliance in connectivity, solid waste management with Mizoram")
About 52% of organisations suffered data breach in past 2 years globally
Nearly 48 per cent of Indian organisations say their security stack is too complex, compared to 28 per cent in the rest of the world