Tag Archives: MeitY

VIF Cyber Review: October 2022


Tata Power’s IT infrastructure suffered a cyber-attack; critical systems were not disrupted

On 14 October 2022, Tata Power announced that their IT infrastructure dealt with a cyber-attack and some systems were impacted. The cyber-attack targeted its IT infrastructure, but the critical systems have not been disrupted. “The Company has taken steps to retrieve and restore the systems. All critical operational systems are functioning; however, as a measure of abundant precaution, restricted access and preventive checks have been put in place for employee and customer-facing portals and touchpoints,” said Tata Power’s spokesperson.

India’s Power Minister R K Singh informed the Press in April 2022 that Chinese hackers had twice failed to target electricity distribution centres near Ladakh. A Chinese state-sponsored hacking group targeted at least seven Indian State Load Despatch Centres (SLDCs) responsible for real-time grid control and electricity dispatch near the disputed India-China border in Ladakh.[1]

CERT-In and Power-CSIRT jointly organised a cyber security exercise— “PowerEX-2022”.

On 12 October 2022, the Indian Computer Emergency Response Team (CERT-In) and Power-CSIRT (Computer Security Incident Response Teams in the Power sector) jointly organised a cyber security exercise— PowerEX-2022 and invited 193 Power sector utilities. The objective of the exercise was to “Recognise, Analyse and Respond to cyber incidents in IT and OT (Operational Technology) Systems”.

CERT-In hosted PowerEX-2022 on its exercise simulation platform with the theme “Defending Cyber-Induced Disruption in IT & OT Infrastructure.” The cyber security exercise involved over 350 officials from various Power sectors.[2]

CBI-led ‘Operation Chakra’ dismantled cybercrime networks operating in India.

In a joint operation— ‘Operation Chakra’ launched in collaboration with State police, Interpol, and various agencies of other nations, the Central Bureau of Investigation (CBI) dismantled cyber-crime networks operating in India and arrested 16 cyber-criminals. Acting upon the inputs shared by the Interpol, the US’ Federal Bureau of Investigation (FBI), Canada’s Royal Canadian Mounted Police (RCMP), and Australian Federal Police (AFP), the CBI, in coordination with State police, carried out search operations at 115 locations across India.

Out of 115 locations, the CBI carried out searches at 87 locations, including 16 States, whereas 28 locations were searched by various State police, including 02 locations by Assam police, 04 locations by Andaman & Nicobar Police, 03 locations by Chandigarh police, 05 places by Delhi police, 12 locations by Karnataka police, and 02 locations by Punjab police. “The operation intends to dismantle the infrastructure of these international cyber-crime gangs in India and bring these perpetrators to justice. India’s fight against transnational organised cyber-crime has thus achieved a major milestone,” read the statement released by the CBI.

During the searches, the CBI unearthed 02 Call Centres in Pune & Ahmedabad and recovered cash worth ₹ 1.8 crores (approx.) and 1.5 kg gold (approx.).[3]

For a free, open, trustworthy, and accountable internet, the Government of India (GoI) announced amendments to the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules 2021.

While addressing the media members on 28 October 2022, the Minister of State for Electronics & Information Technology— Rajeev Chandrasekhar, said that protecting the Constitutional rights of Indian citizens is a must and that Indian Prime Minister Narendra Modi is a trustee of the rights of citizens and Digital Nagriks. The minister addressed the media members about the amendments to the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules 2021.

The Ministry of Electronics and Information Technology (MeitY) notified these amendments aimed at protecting the rights of Digital Nagriks as part of a significant push toward an Open, Safe, Trusted, and Accountable Internet. It also strengthens due diligence requirements while holding accountable social media and other intermediaries. They were notified in light of complaints about the intermediaries’ actions or inactions on user complaints about objectionable content or the suspension of their accounts. Intermediaries will now be expected to ensure that no content is uploaded that intentionally communicates misinformation or information that is patently false or untrue, entrusting intermediaries with significant responsibility. The rules also make it clear that the intermediary must respect the rights guaranteed to Indian citizens under Articles 14, 19, and 21 of the Indian Constitution. [4]

The amended rules are hosted on the Ministry’s website and are available at: Click here to read…

UNCTC adopted the Delhi Declaration on Countering the Use of New and Emerging Technologies for Terrorist Purposes.

On 29 October 2022, the Delhi Declaration on the use of the Internet and other technologies for terrorist objectives was unanimously endorsed by the UN Counter-Terrorism Committee (UNCTC). According to the proclamation, one of the biggest challenges to global peace and security is terrorism, in all of its expressions and forms. As one of the essential takeaways, India now intends to carry out the recommendations based on the three Counter-Terrorism Committee (CTC) special meeting themes. These include:

  • Threats and opportunities related to new payment technologies and fundraising methods,
  • Countering terrorist exploitation of ICT and emerging technologies, and
  • Threats posed by terrorist misuse of Unmanned Aerial Systems (UAS).

As a result of terror infiltration on its soil from neighbouring Pakistan, India reaffirmed its commitment to combat terrorism in collaboration with key global players at the summit. Terrorists have stepped up their use of the internet and other IC technologies, including social media platforms. India also recognised the risks and difficulties of financial technology developments, like crowdfunding platforms, being misused to fund terrorism.[5]


Cyber-attack on Chile’s astronomical observatory raised concerns about the security of space tech.

On 29 October 2022, the Atacama Large Millimetre Array (ALMA), a Chilean astronomical observatory, was the victim of a cyber-attack and had to halt operations. The attack had affected the observatory’s computer systems and targeted its public website. The attack did not affect ALMA’s scientific data or antennas, but it prevented space observations and limited access to its email servers. Around 66 Radio Telescopes (RTs) make up the ALMA observatory, which is estimated to be worth USD 1.4 billion. These RTs can record high-definition (HD) photos of the extremely faint radio waves generated by far-off celestial objects that are 13 billion light years away.

“Beating one of the world’s most powerful observatories offline demonstrates that cyber-attackers are dogged in their pursuit to disrupt, run reconnaissance efforts, or lift valuable data or IP addresses,” said Josh Lospinoso, the CEO of a cyber security firm— Shift5. Space is another frontier for cyber-attacks, with hackers targeting the space industry for geopolitical and militaristic reasons.[6]

A cyber-attack disrupted Bulgarian government websites over ‘betrayal to Russia’.

According to Bulgaria’s Prosecutor-General Ivan Geshev, on 15 October 2022, pro-Russian hackers carried out a ‘large-scale’ DDoS (Distributed Denial-of-Service) attack on Bulgarian government websites. The websites of the Presidential Administration, the Defense Ministry, the Interior Ministry, the Justice Ministry, and the Constitutional Court were all taken down by the DDoS attack.

Killnet, a pro-Russian hacking group, claimed responsibility for the attack and wrote on its official group on the Telegram app that “the government of Bulgaria is sentenced to network collapse and shame. It was a punishment for betrayal to Russia and the supply of weapons to Ukraine.” Since the beginning of the Russia-Ukraine conflict, the Killnet group has been active. Numerous government networks in Europe, including those in Romania, Italy, Lithuania, Norway, Poland, Finland, and Latvia, were among the dozens of targets the group previously targeted. Although the DDoS attack on the Bulgarian websites had no lasting effects and no private information was exposed, it still sparked a significant response from Bulgarian government officials. The Prosecutor-General Geshev described it as “a severe issue” and “an attack on the state of Bulgaria.”[7]

Chinese cyber-espionage group “WIP19” targeted telecoms and IT service providers in West Asia and Asia.

According to the reports of a cyber security firm— SentinelOne, a new Chinese cyber-espionage group identified as WIP19 has been targeting telecoms and IT service providers based in West Asia and Asia by using stolen certificates to sign several malicious components. To date, the APT (Advanced Persistent Threat) group WIP19 uses malware families such as ScreenCap, SQLMaggie, and a credential dumper. “The stolen certificate was used to sign all of the threat actor’s credential harvesting tools, including a password dumper that relied on open-source code to load an SSP to LSASS and dump the process.

WIP19 was also observed loading a keylogger and a screen recorder using DLL search order hijacking. The keylogger primarily targets the victim’s browser to collect credentials and other sensitive data,” read the statement released by SentinelOne. The backdoor was masked as a legitimate DLL registered to the MSSQL Server in SQLMaggie attacks to provide the attackers with control over the server machine and to perform network reconnaissance.[8]

Turkey’s new law against disinformation raised deep concerns over free speech.

On 13 October 2022, the Turkish parliament adopted a new law proposed by President Tayyip Erdogan, which would jail journalists and social media users for up to three years for spreading ‘disinformation’. In parliament, President Erdogan’s AK Party (AKP) and its allies MHP voted to approve the bill, whereas MPs in opposition and media rights activists opposed it.

Article 29 of the law state that “those who spread false information online about Turkey’s security to create fear and disturb public order will face a prison sentence of one to three years.”[9] However, the law did not define the nature of false or misleading information.

Turkey ‘secretly’ assisted Pakistan in establishing a cyber army against India and the US.

According to Nordic Monitor’s findings, Pakistan established a cyber army with the assistance of Turkey in order to influence public opinion and the views of Muslims living in South/South-East Asia, attack India and the United States (US), and undermine criticism levelled against Pakistan establishment. Further, the findings revealed that the proposal to form such an army was raised during private talks between visiting Turkish Interior Minister Suleyman Soylu and his Pakistani counterpart— former Minister of State for Interior— Shehryar Khan Afridi, on 17 December 2018. On the same day, Minister of State for Interior— Afridi met former Pakistan Prime Minister (PM) Imran Khan, who later green-lighted the project.

According to sources acquainted with the project, the covert activity was disguised under the bilateral agreement on cooperation against cyber-crime, whereas in reality, it was against perceived influence operations pursued by India, the US, and other foreign countries. Responding to Pakistan’s request to set up the cyber army, Turkey sent five police chiefs from various departments in the Security General Directorate (Emniyet). The five-member team spent months in Pakistan getting the project off the ground and eventually finishing it. The cooperation has since continued under successive governments, with Turkey training approximately 6,000 Pakistani police officers for this and other related projects.[10]

Japan and Australia strengthen their security pact in response to China’s threat.

On 22October 2022, Japan and Australia signed a new bilateral agreement covering military, intelligence, and cyber security cooperation. The agreement also referred to cooperation in resisting economic coercion and disinformation, which China is widely accused of. The bilateral agreement is the first of its kind where Japan signed with any country other than the United States (US). The agreement covers military interoperability, intelligence, cyber security, operations in space, law-enforcement, logistics and protecting telecommunications. “This new declaration…will chart the direction of our security and defence cooperation in the next 10 years,” said Japanese Prime Minister Fumio Kishida.[11]

Endnotes :

[1] Greig, Jonathan. “Indian energy company Tata Power announces cyberattack affecting IT infrastructure”, The Record, 14 October 2022, accessed on 02 November 2022, available from: https://therecord.media/indian-energy-company-tata-power-announces-cyberattack-affecting-it-infrastructure/
[2] “CERT-In and Power-CSIRTs jointly conduct Cyber Security Exercise ‘PowerEX-2022”, Press Information Bureau- Ministry of Electronics & IT, 13 October 2022, accessed on 01 November 2022, available from: https://pib.gov.in/Pressreleaseshare.aspx?PRID=1867348
[3] “Press Release”, Central Bureau of Investigation, 04 October 2022, accessed on 02 November 2022, available from: https://cbi.gov.in/press-detail/NTI3Ng==
[4] “Press Release”, Ministry of Electronics and IT, 29 October 2022, accessed on 01 November 2022, available from: https://www.pib.gov.in/PressReleasePage.aspx?PRID=1871840
[5] “Press Release”, Ministry of External Affairs, 29 October 2022, accessed on 01 November 2022, available from: https://mea.gov.in/bilateral-documents.htm?dtl/35840/Delhi_Declaration_on_countering_the_use_of_new_and_emerging_technologies_for_terrorist_purposes ; Majeed, Zaini. “UN Counter-Terrorism Committee Adopts Delhi Declaration; Key Takeaways Here”, Republic World, 29 October 2022, accessed on 01 November 2022, available from: https://www.republicworld.com/world-news/rest-of-the-world-news/united-nations-counter-terrorism-committee-adopts-delhi-declaration-articleshow.html
[6] Antoniuk, Daryna. “cyberattack on observatory in Chile raises concerns about security of space tech”, The Record, 07 November 2022, accessed on 10 November 2022, available from: https://therecord.media/cyberattack-on-observatory-in-chile-raises-concerns-about-security-of-space-tech/?utm_source=substack&utm_medium=email ; “Chilean astronomical observatory hit by cyberattack”, SC Media, 08 November 2022, accessed on 10 November 2022, available from: https://www.scmagazine.com/brief/breach/chilean-astronomical-observatory-hit-by-cyberattack
[7] Antoniuk, Daryna. “cyberattack disrupts Bulgarian government websites over ‘betrayel to Russia’”, The Record, 18 October 2022, accessed on 02 November 2022, available from: https://therecord.media/cyberattack-disrupts-bulgarian-government-websites-over-betrayal-to-russia/
[8] Arghire, Ionut. “New Chinese cyberespionage group WIP19 targets telecos, IT service providers”, SecurityWeek, 13 October 2022, accessed on 09 November 2022, available from: https://www.securityweek.com/new-chinese-cyberespionage-group-wip19-targets-telcos-it-service-providers
[9] “Turkey’s parliament adopts media law jailing those spreading ‘disinformation’”, Reuters, 14 October 2022, accessed on 08 November 2022, available from: https://www.reuters.com/world/middle-east/law-that-would-jail-those-spreading-disinformation-progresses-turkey-2022-10-13/
[10] Bozkurt, Abdullah. “Turkey helped Pakistan set up a secret cyber army for influence operation against US, India”, Nordic Monitor, 24 October 2022, accessed on 31 October 2022, available from: https://nordicmonitor.com/2022/10/turkey-helped-pakistan-set-up-a-secret-cyber-army-for-influence-operation-against-us-india/
[11] “Japan, Australia upgrade security pact against China threat”, CNBC, 23 October 2022, accessed on 16 November 2022, available from: https://www.cnbc.com/2022/10/23/japan-australia-upgrade-security-pact-against-china-threat.html

VIF Cyber Review: July 2022

Government of India issued a consultation paper on the “Need for a new legal framework governing Telecommunication in India”.

On 28 July 2022, the Ministry of Communications, Department of Telecommunications, Govt. of India, prepared a consultation paper on the requirement for a new legal framework governing the telecom sector in India. Various stakeholders have requested an evolution of the legal framework concerning the changing technology. The consultation paper can be accessed from: Click here to read…

The legal framework for telecommunications in India is governed by the laws enacted before the independence from colonial rule. In recent decades, technology has changed significantly. To keep pace with the dynamics of technology, many nations, including the United States (in 1996), Australia (1979), the United Kingdom (2003), Singapore (1999), South Africa (2000), and Brazil (1997) have advanced the telecommunication legislation.[1]

Indian Telecom Service Providers are likely to launch 5G mobile services during 2022-2023

In a notification dated 15 June 2022, the Department of Telecommunication (DoT), Ministry of Communication has initiated the process of auction of spectrum in 600 MHz, 700 MHz, 800 MHz, 900 MHz, 1800 MHz, 2100 MHz, 2300 MHz, 2500 MHz, 3300 MHz, and 26 GHz Bands which includes the spectrum required for the launch of 5G Services in India. It is expected that the Indian Telecom Service Providers (TSPs) will launch 5G mobile services in India during 2022-2023.

To enable design-led production of 5G-related products in India, the DoT has modified the rules for the Production Linked Initiative (PLI) plan for manufacturing telecom and networking products. One of the amendments included a 01 per cent higher incentive for products qualifying the design-led criteria. [2]

Indian Air Force launched an Artificial Intelligence Centre of Excellence

Under the aegis of UDAAN (Unit for Digitisation, Automation, Artificial Intelligence and Application Networking), the Indian Air Force (IAF) launched a Centre of Excellence (CoE) for AI. The CoE was inaugurated by Air Marshal Sandeep Singh, Vice Chief of the Air Staff (VCAS), on 10 July 2022 at Air Force Station Rajokri, New Delhi. A Big Data Analytics and AI platform for managing all aspects of Analytics, Machine Learning (ML), Natural Language Processing (NLP), Neural Networks, and Deep Learning algorithms has been commissioned in the IAF’s AI Centre. The newest servers powered by Graphical Processing Unit (GPU) would handle the high-end compute requirements.

“The IAF has taken proactive steps to embed Industry 4.0 and AI-based technologies in its war-fighting processes. The AI CoE with high-end compute and Big Data storage capabilities, coupled with full-spectrum AI Software suites, would substantially enhance operational capabilities of IAF,” said the VCAS while addressing the gathering.[3]

MeitY released the Draft “National Data Governance Framework” Policy for public consultation

On 27 July 2022, the Minister of State (MoS) for Electronics & Information Technology (E&IT)— Rajeev Chandrasekhar, informed the Lok Sabha (the Lower House of the Indian Parliament) that the Ministry of Electronics and Information Technology (MeitY) released the Draft “National Data Governance Framework” policy on 26 May 2022, for public consultation, and the draft policy is under finalisation. The policy aims to ensure that non-personal data and anonymised data from both government and private sector are safely accessible by Research and Innovation eco-system. It will also provide a framework for data/datasets/metadata rules, standards, guidelines, and protocols for sharing non-personal data sets while ensuring privacy, security, and integrity/trust.[4]

Government of India may introduce new law regarding IT and Data Protection

On 22 July 2022, the Minister of State (MoS) for Electronics and Information Technology (E&IT)— Rajeev Chandrasekhar, informed the Lok Sabha (the Lower House of the Indian Parliament) that government aims to ensure Open, Safe & Trusted, and Accountable Internet for all users. The Ministry continues to engage in discussions with various stakeholders, including industry, legal experts, and academicians, to achieve the objective of new legislation, amendments to the Rules, etcetera. The existing Information Technology (IT) Act was enacted in 2000, around 22 years ago. Since then, technology and the Internet have evolved at a fast pace.[5]

CERT-In issued an advisory about multiple vulnerabilities in Apple macOS

On 29 July 2022, the Indian Computer Emergency Response Team (CERT-In) issued an advisory highlighting the multiple vulnerabilities that have been reported in Apple macOS, which a remote attacker could further exploit to execute arbitrary code, bypass security restrictions, and cause a denial of service conditions on the targeted system.
The vulnerabilities exist in Apple macOS due to out-of-bounds read in Apple Script, SMB and Kernal; out-of-bounds write in audio, ICU, PS Normaliser, GPU drivers, SMB and WebKit; authorisation issue in AppleMobileFileIntegrity; information disclosure in Calendar and iCloud photo library; logic issue in File System Events, PluginKit, Windows Server and Automation. A remote attacker could exploit these vulnerabilities by persuading a victim to visit maliciously crafted web content. The advisory also suggested applying appropriate patches as mentioned in the Apple Security Updates. [6]

Chinese government’s PR entity approached TikTok to open a “Stealth” propaganda account

According to news reported by Bloomberg, the Chinese government’s entity responsible for Public Relations attempted to open a “stealth” TikTok account targeting western audiences with propaganda. In response, TikTok executives pushed-back the attempt for the stealth account. The push-back highlighted the internal tensions ongoing within TikTok, owned by Beijing-based ByteDance Inc., as it has constantly attempted to distance itself from Chinese state propaganda and influence.

“Chinese government entity that’s interested in joining TikTok but would not want to be openly seen as a government account as the main purpose is for promoting content that showcases the best side of China (some sort of propaganda),” said a TikTok employee and colleague of Elizabeth Kanter, TikTok’s Head of government relations in the UK, Ireland, Netherlands, and Israel, via a message in April7 2020.[7]

Russia fined WhatsApp, Snapchat and others for storing user data outside the nation

On 28 July 2022, Moscow’s Tagansky District Court imposed a fine on Meta Platforms Inc’s— Meta, WhatsApp messenger, Snapchat owner— Snap Inc., and other firms, including Match Group, Hotels.com, and Spotify, for their alleged refusal to store the data of Russian users within the country. Amid the Russia-Ukraine armed conflict, Russia has clashed with big tech firms over content, censorship, data and local representation in escalated disputes.

Following a 04 million rouble fine in August 2021, WhatsApp was penalised 18 million roubles (roughly USD 301,255) by the Tagansky District Court for a repeat offence. The fine imposed on WhatsApp was higher than the 15 million roubles fine imposed in July 2022 for a repeat infraction on Google, a subsidiary of Alphabet Inc. The Court also fined “Tinder” owner— Match Group around 02 million roubles, Snap and Hotels.com, owned by Expedia Group Inc., 01 million roubles, and Spotify— a music streaming service, 500,000 roubles. “The five companies had not provided documents ensuring the storage and processing of Russian users’ data was taking place in Russia in time,” said the Communications Regulator— Roskomnadzor.[8]

China may transform the “Global Internet Conference” into an “International Internet Organisation”, claimed the Chinese State news agency

Since 2014, China’s Cyberspace Administration has been organising a World Internet Conference, where technology companies and government representatives of other nations convene to discuss the Internet and where China propagates its vision of State Internet control. Recently, according to a Chinese State news agency— Xinhua, “Beijing plans to transform the global internet conference into International Internet Organisation.” The organisation’s founding members include institutions, organisations, businesses, and individuals from nearly 20 countries. Some other State news agencies indicated that Afghanistan, Cambodia, North Korea, and Syria are among the member countries. On its successful transformation, Chinese-led International Internet Organisation could threaten global technology standards and the global Internet itself. [9]

A network of 11,000 phoney investments sites targeted Europe

Researchers at a cyber security firm— Group-IB, discovered a network of more than 11,000 domains engaged in promoting numerous fake investment schemes to users in Europe. As a modus operandi, the platforms show fabricated evidence of enrichment and falsified celebrity endorsements to create an image of legitimacy and lure many victims. In the phoney process, the user gets tricked into an opportunity for high-return investments and is convinced to deposit a minimum amount of EUR 250 (₹ 20,410) to sign up for the fake services. At the time of reporting, the countries targeted included the United Kingdom, Belgium, Germany, the Netherlands, Portugal, Poland, Norway, Sweden, and the Czech Republic.[10]

Endnotes :

[1] “Need for a new legal framework governing Telecommunications in India”, Ministry of Communications- Press Information Bureau, 28 July 2022, accessed on 06 August 2022, available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1845920
[2] “5G Networks”, Ministry of Communications, 27 July 2022, accessed on 06 August 2022, available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1845325
[3] “Artificial Intelligence (AI) Centre of Excellence (CoE) launched by IAF”, Ministry of Defence, 10 July 2022, accessed on 05 August 2022, available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1840695
[4] “National Data Governance Framework Policy”, Ministry of Electronics and Information Technology, 27 July 2022, accessed on 05 August 2022, available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1845318
[5] “New law relating to information technology and data protection”, Ministry of Electronics and Information Technology, 22 July 2022, accessed on 05 August 2022, available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1843845
[6] “CERT-In Vulnerability Note CIVN-2022-0313: Multiple Vulnerabilities in Apple macOS”, Indian Computer Emergency Response Team, 29 July 2022, accessed on 07 August 2022, available from: https://www.cert-in.org.in/
[7]Olivia Solon, “Chinese government asked TikTok for Stealth propaganda account”, Bloomberg, 29 July 2022, accessed on 06 August 2022, available from: https://www.bloomberg.com/news/articles/2022-07-29/chinese-government-asked-tiktok-for-stealth-propaganda-account
[8] “Russia fines WhatsApp, Snap and others for storing user data abroad”, Reuters, 28 July 2022, accessed on 06 August 2022, available from: https://www.reuters.com/technology/russia-fines-snapchat-owner-data-law-violation-ifax-2022-07-28
[9]Justin Sherman, “China’s New Organisation Could Threaten the Global Internet”, Slate, 29 July 2022, accessed on 06 August 2022, available from: https://slate.com/technology/2022/07/china-world-internet-conference-organization-standards.html
[10]Bill Toulas, “Huge network of 11,000 fake investment sites targets Europe”, Bleeping Computer, 31 July 2022, accessed on 08 August 2022, available from: https://www.bleepingcomputer.com/news/security/huge-network-of-11-000-fake-investment-sites-targets-europe/

VIF Cyber Review: June 2022

“Cyber secure India is integral to national security and development”: Union Minister of Home Affairs

Addressing a national conference on cyber security and national security on 20 June 2022, the Union Minister of Home Affairs (MHA)— Amit Shah, emphasised the need for public awareness about cyber security being an integral part of national security and the government of India led by Prime Minister Modi is committed to making it robust.

“With the initiatives of PM Modi, India is going forward in all areas, and the usage of technology has been taken to all levels; but if cyber security is not ensured, this strength can become a huge challenge for us. It is important that every Indian understands the challenges of cyberspace so that a secure cyber-India can be created,” said the Minister of Home Affairs. The Government of India is already preparing a National Cyber Security Strategy, which focuses on the need for a legislative framework to address the emerging challenges in the technology space.[1]

Cabinet approved the auction of the IMT/5G spectrum

On 15 June 2022, the Union Cabinet, chaired by Prime Minister Modi, approved a proposal of the Department of Telecommunications to conduct a spectrum auction for providing 5G services to the public and enterprises. Digital connectivity is integral togovernment initiatives through Digital India, Start-up India, and Make in India. Through these flagship programmes, the government has promoted access to innovative banking/mobile banking, online education, telemedicine, and e-Ration, to “Antyoday” families.

India’s 4G ecosystem is now paving the way for 5G indigenous development. Establishing a 5G test bed in eight of India’s top technology institutes is accelerating the launch of domestic 5G technology in India. The Production-Linked Incentives (PLI) schemes for mobile handsets and telecom equipment, as well as the launch of the India Semiconductor Mission, are expected to help build a robust ecosystem for the launch of 5G services in India. The day is not far off when India will emerge as a leader in the field of 5G technology and the upcoming 6G technology.[2]

“India’s ICT strategy centres on inclusive growth for all sections of society”: Minister of State for Communications

On 01 June 2022, the Minister of State for Communications, Devusinh Chauhan, addressed a session organised by the World Summit of Information Society (WSIS) 2022 and said that ICT (Information and Communication Technology) is having a growing impact on our daily lives, as a powerful tool for more inclusive, resilient, and prosperous societies. For the development of reliable ICT infrastructure, around 600,000 villages in India are connected through optical fibre cable, whereas small and remote islands and other inaccessible areas are connected through satellite communication services and submarine cable networks.

During the high-level dialogue on Artificial Intelligence (AI), the minister apprised the audience of the Government of India’s policy initiatives to mobilise AI’s emerging sector. India’s National Strategy for Artificial Intelligence (AI) has formulated the way forward to harness the power of AI in various fields, especially in healthcare, agriculture, education, smart cities and infrastructure, and smart mobility and transportation. Emphasising the India-Japan collaborations in the telecom sector, the minister urged the Japanese companies to be part of India’s initiatives in telecom sectors. He also points out that India-Japan collaboration in the area of Open RAN, Massive MIMO, Quantum Communications, Connected Cars, 5G uses cases, and 6G innovation will bring forth the strengths of two ecosystems allowing the creation of leading global solutions.[3]

CERT-In issued an advisory on multiple vulnerabilities in Microsoft Product

On 16 June 2022, the Indian Computer Emergency Response Team (CERT-In) issued an advisory— CIAD-2022-0017, regarding multiple vulnerabilities that have been discovered in various Microsoft products which an attacker could exploit to access confidential information, bypass security restrictions, perform a Denial of Service (DoS) attack, escalating privileges, and perform spoofing attacks or executing arbitrary codes on the targeted system.[4]

Cabinet approved MoA by India to set up BIMSTEC Technology Transfer Centre in Sri Lanka

On 14 June 2022, the Union Cabinet chaired by Prime Minister Narendra Modi approved a Memorandum of Association (MoA) by India for establishing the Bay of Bengal Initiative for Multi-Sectoral Technical and Economic Cooperation (BIMSTEC) Technology Transfer Facility (TFF), which was signed by the BIMSTEC member countries at the 5th BIMSTEC Summit held at Colombo, Sri Lanka on 30 March 2022. As the primary objective, the BIMSTEC TFF are to coordinate, facilitate, and strengthen cooperation in technology transfer among BIMSTEC member nations by promoting the transfer of technologies, sharing of experiences and capacity building. The TFF shall have the Governing Board, and overall control of activities of the TFF shall be vested in the Governing Board[5].

Public Consultation on Draft National Data Governance Framework Policy held in Delhi

A Public Consultation/stakeholder interaction on Draft National Data Governance Framework Policy was organised on 14 June 2022 in New Delhi, India. Over 250 stakeholders from industry, start-ups, academics, think-tanks, international alliances and government officials from various ministries attended the event. Minister of State of Electronics & Information Technology and Skill Development & Entrepreneurship— Rajeev Chandrasekhar highlighted the rapid digitisation of the government and Nagriks within India, and the subsequent rise in data volumes necessitates a framework for harnessing the potential of this data. “PM Narendra Modi encourages public consultations as the most effective way to develop policies with wide inputs from a broad universe of stakeholders.

The Ministry of Electronics and Information Technology (MeitY) follows Public Consultation to ensure international standard laws for India’s globally competitive digital economy and startups,” said Minister Chandrasekhar. The draft policy and its solid foundation will focus on improving the institutional framework for government data sharing, promoting privacy and security by design principles, encouraging the use of anonymisation tools, and ensuring equitable access to non-personal data for both the public and private sectors.[6]

G7 agreed to counter cyber threats and disinformation from Russia

On 28 June 2022, the G7 leaders agreed to strengthen their respective countries’ cyber defences against foreign cyber-attacks and disinformation, including threats from Russia. “We commit to strengthen our internal security amidst transnational threats including those posed by Russia and other authoritarian regimes,” read the G7 communique at the end of the Summit held in Germany.[7]

Canadian national police force admitted the use of spyware to hack phones

The Royal Canadian Mounted Police (RCMP) disclosed the information on the usage of spyware to hack mobile devices and gather data, including by remotely turning on the camera and microphone of the suspect’s phone and laptop. However, the RCMP said it only uses such tools in the most serious cases, where less invasive techniques are unsuccessful. Between 2018 and 2020, the RCMP deployed this technique in 10 investigations.

According to the document introduced in the House of Commons (Canada), “the RCMP can use spyware programmes to collect a broad range of data, including text messages, e-mail, photos, videos, audio files, calendar entries, and financial records. The police can also collect “audio recordings of private communications and other sounds within the range of the targeted device, and photographic images of persons, places, and activities viewable by the camera(s) built into the targeted device.”[8]

NATO building cyber response force amid emerging Russian and Chinese threats

On 29 June 2022, the North Atlantic Treaty Organisation (NATO) heads of State and other governments participating in a high-level Summit in Madrid, Spain, announced the creation of the “virtual rapid response cyber capability” to quickly respond to cyber-attacks and other malign activity in cyberspace. According to the Madrid Summit Declaration, NATO plans to bolster its cyber defences through increased civil-military cooperation and expanded partnerships with industry.

“We [NATO] are confronted by cyber, space, hybrid, and other asymmetric threats, and by malicious use of emerging and disruptive technologies. We face systemic competition from those, including China, who challenge our interests, security, and values, and seek to undermine the rules-based international order,” read the document.[9]

Russian hacker group targeted Norway’s public service websites

On 29 June 2022, Norway’s National Security Authority (NSA)’s Director-General Sofie Nystrom informed reporters that the Russian hacker group— Killnet targeted a string of Norwegian public service websites in the latest cyber-attacks. Some websites experienced instability or disruption, but there are no indications that any sensitive or personal information has been compromised. In the Distributed Denial of Service (DDoS) attack, the Public Administration Portal, the corporate page of an online banking identification service, and the Norwegian Labour Inspection Authority (NLIA) were affected. The website of Norway’s largest newspaper was also down for 25 minutes.[10]

China lured jobseekers into cyber-espionage

At a mysterious tech firm, the graduates of Chinese universities have been bagged to pursue a job. It was discovered that the mysterious firm concealed the actual work, which aimed at analysing western objectives for snooping and interpreting hacked data concerning China’s commercial-scale findings system. The recruitment procedure comprised interpretation assessments on confidential papers accessed from the United States government offices and directions to examine people at Johns Hopkins University as a significant intelligence target. In 2021, a United States court accused the company of espionage for the APT40 hacking association of China.

Western intelligence agencies have made allegations against the Chinese association for invading ministry offices, firms, and universities across the United States, Canada, Europe, and the Middle East, following China’s Ministry of State Security (MSS)’s commands. The firm’s selection of recently graduated Chinese University students seems to have unknowingly drawn them into the world of spying. When posting job openings on the universities’ websites, the tech company only mentioned the position as a translator and withheld all other employment-related details.[11]

Endnotes :

[1]HT Correspondent. “Cyber-secure India Key for development: Amit Shah”, Hindustan Times, 21 June 2022, Available from: https://www.hindustantimes.com/india-news/amit-shah-calls-for-making-india-cyber-secure-nation-101655711986417.html
[2]Government of India. “Cabinet approves Auction of IMT/5G Spectrum”, Press Information Bureau-Cabinet, 15 June 2022, Available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1834126
[3]Government of India. “India’s ICT strategy hinges on inclusive growth for all sections of the society: Shri Devusinh Chauhan at WSIS 2022”, Press Information Bureau-Ministry of Communications, 02 June 2022, Available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1830362
[4]Government of India. “CIAD-2022-0017”, Indian Computer Emergency Response Team, 16 June 2022, Available from: https://www.cert-in.org.in/
[5] Government of India. “Cabinet approves MoA by India for establishment of BIMSTEC Technology Transfer Centre at Colombo, Sri Lanka”, Press Information Bureau-Cabinet, 15 June 2022, Available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1834126
[6]Government of India. “Public Consultation on Draft National Data Governance Framework Policy”, Press Information Bureau-Ministry of Electronics and IT, 16 June 2022, Available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1834520
[7] “G7 to tackle cyber threats and disinformation from Russia: communique”, Reuters, 28 June 2022, Available from: https://www.reuters.com/world/g7-tackle-cyber-threats-disinformation-russia-communique-2022-06-28/
[8]Forrest, Maura. “Canada’s national police force admits use of spyware to hack phones”, Politico, 29 June 2022, Available from: https://www.politico.com/news/2022/06/29/canada-national-police-spyware-phones-00043092
[9]Demarest, Colin. “NATO forging cyber response force amid growing Russian, Chinese threats”, 30 June 2022, Available from: https://www.c4isrnet.com/cyber/2022/06/30/nato-forging-cyber-response-force-amid-growing-russian-chinese-threats/
[10]Treloar, Stephen. “Russian hackers target Norway in latest volley of cyber attacks”, Bloomberg, 30 June 2022, Available from: https://www.bloomberg.com/news/articles/2022-06-30/russian-hackers-target-norway-in-latest-volley-of-cyber-attacks#xj4y7vzkg
[11]Ghosh, Riya. “China lured graduate jobseekers into digital espionage”, Tech Story, 02 July 2022, Available from: https://techstory.in/china-lured-graduate-jobseekers-into-digital-espionage/

VIF Cyber Review: May 2022


CERT-In issued advisory on Mobile-based Malware

On 30 May 2022, Indian Computer Emergency Response Team (CERT-In) issued advisory on mobile-based malware, along with methods and countermeasures. With the advent of smartphones and high-speed Internet connection, mobile accounts for more than 50 per cent of the Internet traffic worldwide, making it a worthwhile attack surface for cybercriminals.

The advisory included methods through which cybercriminals carried out activities, including fake applications, On-device fraud, Bypassing App store, fake calls, and where mobile-based malware are also using design practices like accessibility engines, infrastructure and C2 protocols that enable them to update their capabilities. Along with, the advisory also suggested countermeasures and best practices for users, including keeping OS (Operating System) and applications updated, use of strong authentication such as biometric and PIN, safe browsing practices, deleting data before discarding the device. [1]

Cisco Launched a tool of SMBs to assess Cyber Security Readiness

Cisco, on 26 May 2022, launched a cyber security tool for Small and Medium-sized Businesses (SMBs) based in Asia-Pacific region to assess their cyber security readiness amid of hybrid work environment. The tool’s concept is based on the premise that no attempt to access an organisation’s network architecture can succeed until trust is verified. As per Cisco’s cyber security for SMBs: Asia-Pacific businesses prepare for digital defense study, 62 per cent of Indian SMBs suffered cyber incidents in 2021 and cyber-attacks cost their business over ₹ 3.5 crore. Around 74 per cent SMBs also reported 85 per cent of customer information loss in cyber incidents.

“When a user accesses an application using a device, both the user and device are verified, with that trust continuously monitored. This helps secure the organisation’s applications and environments from any user, device, and location,” read the statement released by Cisco. The threat landscape for the SMBs becoming more sophisticated due to the digitisation at speed, therefore, securing their businesses is one of the top priorities for SMBs. “With new tool, the SMBs will ensure end-to-end protection across their workforce, and the workplace, with adoption of a zero-trust strategy to manage and strengthen their cyber security posture in a cloud-first world,” said Cisco India & SAARC’s Senior Director (System Engineering)— Anand Patil.[2]

The 7th Edition of India-Japan ICT Joint Working Group meeting recognised the importance of India-Japan Digital Partnership

On 13 May 2022, V L Kantha Rao (Additional Secretary, Department of Telecommunications, India) and Sasaki YUJI (Vice-Minister for Policy Coordination— International Affairs, Japan) virtually co-chaired the 7th edition of India-Japan ICT Joint Working Group (JWG) under the India-Japan ICT Comprehensive Cooperation Framework. Senior representatives from both governments and non-governmental stakeholders from industry, R&D, and Academia attended the meeting.

Recalling the India-Japan Summit held in March 2022, both sides recognised the need to strengthen the growing cooperation under India-Japan digital partnership, with a vision to enhance digital economy through promotion of joint projects for digital transformations. The JWG discussions were focused on enhancing further cooperation in various fields like 5G, Open RAN, Telecom Network Security, submarine cable systems, and Quantum Communications. [3]

Government of India proposed to set up India Data Management Office

Under the Digital India Corporation, India’s Ministry of Electronics and Information Technology (MeitY) will set up an India Data Management Office (IDMO), which will be responsible for framing, managing, reviewing, and revising the National Data Governance Framework Policy. The draft of the National Data Governance Framework Policy was released by the MeitY, seeking public comments on the draft till 11 June 2022.

The earlier version of the policy— India Data Accessebility and Use Policy had faced many criticism from experts, who believed that there was a lack of security safguards for anonymization, privacy infringement, and economic incentivisation. As per the draft of the data governance framework, the IDMO will design and manage the India Datasets platform which will in turn handle the requests of Indian researchers and start-ups which require access to non-personal or anonymised datasets. [4]

CERT-In issued discovery of Remote Code Execution (RCE) vulnerability in Apple products

On 20 May 2022, the Indian Computer Emergency Response Team (CERT-In) highlighted a Remote Code Execution (RCE) vulnerability in Apple watchOS, tvOS, and macOS, affecting Apple Watch, Apple TV, and Apple Mac systems. The vulnerability existed due to an out-of-bounds write issue in the AppleAVD component. Successful exploitation of this vulnerability may allow a remote attacker to execute arbitrary code with kernel privileges on the targeted system.[5]


Canada to ban China’s Huawei and ZTE from its 5G/4G networks

Following to the review by Canada’s independent security agencies and consultation with ‘closest’ allies, the Government of Canada decided to ban China’s Huawei and ZTE products and services from Canada’s 5G/4G communication networks. In a statement released on 19 May 2022, the Minister of Innovation, Science and Industry— Francois-Philippe Champagne has stated that “the Government of Canada is ensuring a long term safety of telecommunication infrastructure. As a part of that, the government intends to prohibit the inclusion of Huawei and ZTE products and services in Canada’s telecommunication systems.” [6]

As per the decision, the companies that already using the Huawei and ZTE equipment installed in their networks would be required to cease its use and remove it. The implementation of these measures are part of a broader agenda to promote security of Canada’s telecommunications networks, in consultation with industry.

Mastercard strengthen cyber security consulting practice with new Cyber Front threat simulation platform

In recent years, Mastercard invested in risk quantification, Always-On security monitoring and fraud prevention, to help its customers strengthen their cyber resilience. On 24 May 2022, Mastercard made an announcement of launching a new attack simulation and assessment platform— Cyber Front. The platform will assist businesses and governments enhance their cyber security operational resilience. Cyber Front is enabled by a strategic minority investment in Picus Security.

By leveraging a continuously updated library of more than 3,500 real-world threat scenarios, the Cyber Front highlights security gaps and provides mitigation insights in real-time so that organisations can improve upon security investments with continuous validation. The goal of Cyber Front is for organisations to understand if their current systems are effective and identify areas of exposure to ensure greater protection in both— immediate and long term.[7]

Spanish Prime Minister’s phone hacked with Pegasus tool

On 02 May 2022, the Spanish government informed that Prime Minister (PM) Pedro Sanchez’s phone was hacked with Pegasus software. Earlier, in May-June 2021, Spanish Defence Minister— Margarita Robles’ phone was also hacked using the same software. Pegasus software is an Israel-made digital hacking tool to snoop on phone communication.

Researchers investigate and revealed that in April 2022, several political figures in Catalonia were victims of digital espionage. [8] It is assumed that top European Union (EU), the United Kingdom (UK), Poland and Hungary officials may also been targeted with Pegasus software. The use of digital hacking tools such as Pegasus has helped security officials around the world fight crime and ward off national security concerns, therefore, European governments have been wary of delving into the intricacies of spyware programs.[9]

Amid foreign hacking threats, Pentagon contractors looking for software flaws through VDP

Considering Russia and China’s efforts to steal sensitive data from the United States (US) defence industrial base, Pentagon’s pilot program discovered an array of software vulnerabilities with dozens of defence contractors. The objective of pilot program— “Vulnerability Disclosure Program” (VDP) is to identify and fix flaws in the e-mail programs, mobile devices and industrial software used by the Pentagon’s defence contractors before hackers can take advantage of these vulnerabilities.

“We really wanted to focus on those smaller defence contractors that may not have the budget and resources,” said Melissa Vice, interim director of the Department of Defense (DoD) Cyber Crime Centre’s DoD VDP. In the business sector, VDPs are widespread practise, in which vetted cyber professionals scan systems for defects and report them internally. The Pentagon has been running a VDP since 2016, but after the pilot, the intention is to permanently expand the programme to include defence contractors.[10]

Cybercriminals used call forwarding technique to obtain WhatsApp accounts

Cybercriminals used call forwarding as a technique, allowing them to hijack a targeted WhatsApp account and gain control to messages and contact list. The method relied on the mobile carriers’ automated service to forward calls to a different phone number, and WhatsApp’s option to send a OTP (One-Time Password) verification code via voice call.

According to the founder and CEO of ‘CloudSEK’— a digital risk protection company— Rahul Sasi, after knowing the targeted WhatsApp account number and some social engineering, the attacker convinced the victim to make a call to a number that starts with Man Machine Interface (MMI) code that mobile carrier set up to enable call forwarding. A separate MMI code can send all calls to a terminal to a different number or merely when the line is busy or there is no reception, depending on the carrier. “First, you receive a call from the attacker who will convince you to make a call to the following number **67* or *405* (subject to be vary as per the mobile carrier). Within a few minutes, your WhatsApp would be logged out, and the attackers would get complete control of your account”, said Rahul Sasi.

As a protection against such attack, turning on Two-Factor Authentication (TFA) protection in WhatsApp is an effective measure. By requiring a PIN (Personal Identification Number) whenever you register a phone with the messaging app, this feature prevents malicious actors from gaining control of the account.[11]

Endnotes :

[1]India. “CERT-In Advisory CIAD-2022-0014”, Indian Computer Emergency Response Team, 30 May 2022, Available from: https://cert-in.org.in/
[2]“Cisco launches new tool for SMBs to assess their cyber security readiness”, Financial Express, 26 May 2022, Available from: https://www.financialexpress.com/industry/sme/msme-tech-cisco-launches-new-tool-for-smbs-to-assess-their-cybersecurity-readiness/2538348/
[3]India. “7th India-Japan ICT Joint Working Group meeting held under India-Japan ICT Comprehensive Cooperation Framework”, Press Information Bureau- Ministry of Communication, 13 May 2022, Available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1825159
[4]ET Tech. “Government proposes to set up India Data Management Office”, ET Telecom, 28 May 2022, Available from: https://telecom.economictimes.indiatimes.com/news/government-proposes-to-set-up-india-data-management-office/91846155?utm_source=Mailer&utm_medium=ET_batch&utm_campaign=ettelecom_news_2022-05-28&dt=2022-05-28&em=YW51cmFnQHZpZmluZGlhLm9yZw==
[5]India. “Remote Code Execution vulnerability in Apple products”, Indian Computer Emergency Response Team , 20 May 2022, Available from: https://cert-in.org.in/
[6]Canada. “Statement from Minister Champagne on telecommunications security”, Ministry of Innovation, Science and Industry, 19 May 2022, Available from: https://www.canada.ca/en/innovation-science-economic-development/news/2022/05/statement-from-minister-champagne-on-telecommunications-security.html
[7] “Another arrow in the quiver: Mastercard strengthens cybersecurity consulting practice with new cyber front threat simulation platform”, Mastercard, 24 May 2022, Available from: https://www.mastercard.com/news/press/2022/may/another-arrow-in-the-quiver-mastercard-strengthens-cybersecurity-consulting-practice-with-new-cyber-front-threat-simulation-platform/
[8]Aarup, Sarah Anne. “Pegasus spyware targets top Catalan politicians and activists”, Politico, 18 April 2022, Available from: https://www.politico.eu/article/pegasus-spyware-targets-top-catalan-politicians-and-activists/
[9]Manancourt, Vincent. “Hack of Spanish PM’s phone deepens Europe’s spyware crisis”, Politico, 02 May 2022, Available from: https://www.politico.eu/article/pegasus-hacking-spyware-spain-government-prime-minister-pedro-sanchez-margarita-robles-digital-espionage-crisis/
[10]Lyngaas, Sean. “Pentagon contractors go looking for software flaws as foreign hacking threats loom”, CNN, 02 May 2022, Available from: https://edition.cnn.com/2022/05/02/politics/pentagon-defense-contractors-software-flaws/index.html
[11]Ilascu, Ionut. “Hackers steal WhatsApp accounts using call forwarding trick”, Bleeping Computer, 31 May 2022, Available from: https://www.bleepingcomputer.com/news/security/hackers-steal-whatsapp-accounts-using-call-forwarding-trick/

VIF Cyber Review: April 2022


Cabinet approves upgradation of mobile sites in LWE-affected areas

On 27 April 2022, the Union Cabinet chaired by Prime Minister Narendra Modi, has approved a ‘Universal Service Obligation Fund (USOF)’ project for upgrading 2G mobile services to 4G at security sites in the Left-Wing Extremism (LWE) areas. The Cabinet also authorised Bharat Sanchar Nigam Limited (BSNL) payment of LWE Phase-I 2G site operations and maintenance costs for an additional five years beyond the contractual period of five years at a cost of ₹541.80 crore. The extension will last up to 12 months from the date of Cabinet approval or the commissioning of 4G sites, whichever comes first.

The upgrade will improve internet and data services in certain LWE locations. It satisfies the standards of the Ministry of Home Affairs (MHA) as well as the state governments. It will also meet the communication requirements of the security forces stationed in these regions. The suggestion is consistent with the goal of increasing rural mobile connectivity. Furthermore, delivery of various e-governance, banking, tele-medicine, tele-education, and other services via mobile broadband will be possible in these locations. [1]

CERT-In issued advisory on multiple vulnerabilities in Oracle products

On 22 April 2022, the Indian Computer Emergency Response Team (CERT-In) issued an advisory on multiple vulnerabilities in Oracle products which could be exploited by an attacker to bypass security restrictions, execute arbitrary code, disclose sensitive information, and cause Denial of Service (DoS) attack on the targeted system. Such vulnerabilities are remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials. [2] As a solution, CERT-In provided link to apply appropriate patches available at: Click here to read…

India Post issued warning against fraudulent URLs/Websites claiming to give prizes through certain surveys

On 23 April 2022, the India Post issued a warning against various URLs/Websites getting circulated in social media and communication platforms, such as WhatsApp, Telegram, Instagram, and through e-mail/SMS containing tiny URLs, claiming to provide government subsidies as prize money through certain surveys. “We wish to inform the citizens of the Country that India Post is not involved in any such activities like announcing Subsidies, Bonus or Prizes based on Surveys etc. Public receiving such notifications/messages /emails are requested not to believe or respond to such fake and spurious messages or share any personal details.

It is also requested not share any personally identifiable information such as date of birth, Account numbers, mobile numbers, place of Birth & OTP etc”, read the advisory issued by the India Post. The India Post and Fact Check Unit of Press Information Bureau (PIB) have declared these URLs/Websites as fake through social media. [3]

CERT-In issued advisory on Malware targeting ICS/SCADA systems

On 16 April 2022, the Indian Computer Emergency Response Team (CERT-In) issued an advisory about the Advanced Persistent Threat (APT) actors targeting Industrial Control Systems (ICS)/Supervisory Control and Data Acquisition (SCADA) systems through custom made tools. The tools enabled cyber threat actors to scan for, compromise, and control affected systems after gaining access to the operational technology (OT) network.

The APTs are targeting ICS/SCADA and have capabilities to gain complete access control of certain ICS/SCADA devices including:

– Schneider Electric programmable logic controllers (PLCs).

– OMRON Sysmac NEX PLCs, and,

– Open platform communications Unified Architecture (OPC UA) Servers.
According to the advisory, the APT actors could also exploit a known-vulnerable ASRock-signed Motherboard driver— “AsrDrv103.sys”, exploiting CVE-2020-15368, to execute malicious code in the Windows kernel to move laterally within an IT or OT environment and disrupt critical devices or functions. [4]

Qualcomm and MeitY’s C-DAC partner to support Indian Semiconductor start-ups

For 2022, Qualcomm India announced a collaboration with the Centre for Development of Advanced Computing (C-DAC), an autonomous scientific society of the Ministry of Electronics and Information Technology (MeitY), to initiate and conduct Qualcomm® Semiconductor Mentorship Program (QSMP) 2022 for select start-ups from the semiconductor space in India, with further programme to provide and facilitate mentorship, technical training, and industry outreach. Under the collaboration, the C-DAC and Qualcomm India intend to work towards following broad objectives:

– Nurture technical advancements and intellectual-property-driven innovation and product development required for semiconductor design in the Indian ecosystem.

– Help reduce risks in innovation; accelerate the pace of business development; and develop soft skills and knowledge base of Indian start-ups engaged in semiconductor design.

– Facilitate access for the selected start-ups with domain experts, VCs, accelerators, incubators, industry associations and large companies that could help them scale up their business.

– Create platforms and forums that provide opportunities to work with high-growth-potential small businesses and start-ups who have potentially disruptive technologies that could develop or reshape semiconductor supply chains in the future.

Up to ten Indian semiconductor start-ups will be shortlisted for QSMP 2022 by Qualcomm India. Each nominated firm will be connected with a Qualcomm India executive for product development and planning mentoring. Through meetings, webinars, seminars, and tradeshows, C-DAC and Qualcomm India will help these entrepreneurs gain exposure to government stakeholders. [5]

CERT-In issued advisory for safe and trusted Internet

On 28 April 2022, The Indian Computer Emergency Response Team (CERT-In) issued directions related to the best information security practices, procedure, prevention, response, and reporting of cyber-crimes under the provisions of sub-Section (6) of the Section 70B of the Information Technology (IT) Act, 2000. The directions will become effective after 60 days.

The directives included aspects relating to synchronisation of Information and Communication Technology (ICT) system clocks; mandatory reporting of cyber incidents to CERT-In; maintenance of logs of ICT systems; subscriber/customer registrations details by Data centres, Virtual Private Server (VPS) providers, Virtual Private Network (VPN) Service providers, Cloud service providers; KYC norms and practices by virtual asset service providers, virtual asset exchange providers and custodian wallet providers. These directions shall enhance overall cyber security posture and ensure safe & trusted Internet in the country. [6] The directions are available at: Click here to read…


Eurojust and Europol cracked an online investment fraud scheme responsible for losses of at least Euro 20 million

On 21 April 2022, Authorities in Finland, the Netherlands, Lativa, France, Germany, and Ukraine, supported the operation during which more than 50 servers and services were seized in six countries. “At the request of the Estonian authorities, Eurojust and Europol assisted in taking down an online investment fraud scheme, which defrauded victim 21 April 2022.

As modus operandi, the perpetrator— belong to an international Organised Crime Group (OCG) contacted victims by telephone via Internet. They project themselves as brokers of online trading platforms, dealing with Cryptocurrencies, to convince victims to make investments. It is believed that more than 30,000 people from at least 71 countries, at least 522 victims are registered in Estonia alone. [7]

Japan proposed first domestic quantum computer use by March 2023

The Japanese government proposed its intentions to enter the global Quantum Computing campaign by placing its first indigenous quantum computer into service within current fiscal year ending March 2023. As per the new strategy, Japan plans to establish four quantum research centres across the country, which could be finalised this month, after the ruling party— Liberal Democratic Party proposed expanded investment in quantum computing and artificial intelligence (AI). [8] Also, the Japanese government expects 10 million users by the end of decade too.

As for the research centres, one of the two will be established at Tohoku University in Sendai, Miyagi Prefecture, on the north-eastern coast of Japan. The centres will train personnel and support research and development. The other new site, at Okinawa Institute of Science and Technology Graduate University, will serve as a hub for advancing joint research by global scientists,” read a report by Nikkei. [9]

Russian hacktivists launched DDoS attacks against Romania’s govt. websites

On 29 April 2022, the Romanian National Cyber Security and Incident Response Team— DNSC, issued a statement informing a series of Distributed Denial of Service (DDoS) attacks targeting several public websites management by the State authorities. The attacks had been claimed by pro-Russia hacktivist group— ‘Killnet’. According to the statement released by the DNSC, the hacktivist group targeted the following Romania-based servers:

– gov.ro (official website of Romania’s Government),

– mapn.ro (official website of Romania’s Ministry of Defense),

– politiadefrontiera.ro (official of Romanian Border Police),

– cfrcalatori.ro (official website of Romania’s National Railway Transport Company), and

– otpbank.ro (site of a commercial bank operating in Romanian).

According to the Romania’s primary domestic intelligence services— SRI (Serviciul Roman de Informatii), the DDoS attack began at 0400 hrs local time, and it originated from a compromised network equipment outside Romania, and that had been compromised by exploiting security vulnerabilities. [10]

China-backed hackers are targeting Russian State officials

Security researchers discovered a phishing campaign led by China-based threat actors, Mustang Panda aka HoneyMyte, and Bronze President) targeting Russian State officials. Earlier, the threat group— Mustang Panda, was spotted orchestrating intelligence gathering campaigns against the European targets, employing phishing lures inspired by the Russian invasion of Ukraine. Despite, two countries— Russia and China, maintains good geopolitical relationships, Russia has always remained in the Mustang Panda’s cross hair.

Although the files sent are Windows executables (.exe), they are made to appear as PDFs and are named after Blagoveshchensk— Russian city closer to the border with China. This suggests that the targets of this campaign are Russian personnel in the region, which further supports the theory that China may be shifting to new intelligence gathering objectives. Upon launching the executable, a host of additional files are fetched, including the previously mentioned decoy EU document, a malicious DLL loader, an encrypted PlugX variant, and a digitally signed .EXE file. [11]

Endnotes :

[1] Government of India. “Cabinet approves upgradation of 2G mobile sites to 4G at security sites in Left-Wing Extremism (LWE) areas”, Press Information Bureau, 27 April 2022, Available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1820512
[2] Government of India. “Multiple Vulnerabilities in Oracle Products— CERT-In Advisory CIAD-2022-0011”, Indian Computer Emergency Response Team (CERT-In), 22 April 2022, Available from: https://www.cert-in.org.in/
[3] Government of India. “India Post warns public against fraudulent URLs/Websites claiming to provide subsidies/prizes through certain surveys”, Press Information Bureau, 23 April 2022, Available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1819189
[4] Government of India. “Malware targeting ICS/SCADA systems— CIAD-2022-0010”, Indian Computer Emergency Response Team (CERT-In), 16 April 2022, Available from: https://www.cert-in.org.in/
[5] Government of India. “Qualcomm and MeitY’s Centre for Development of Advanced Computing (C-DAC) partner to support Indian semiconductor start-ups”, Press Information Bureau, 29 April 2022, Available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1821268
[6] Government of India. “CERT-In issues directions relating to information security practices, procedure, prevention, response and reporting of cyber incidents for Safe & Trusted Internet”, Press Information Bureau, 28 April 2022, Available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1820904
[7] “Takedown of Infrastructures of call centre involved in online investment fraud responsible for losses of at least EURO 20 million”, European Union Agency for Criminal Justice Cooperation, 21 April 2022, Available from: https://www.eurojust.europa.eu/news/take-down-infrastructure-call-centres-involved-online-investment-fraud-responsible-losses
[8] “Tokyo sets Quantum Computing Deadline— Japan Times”, Asia Financial, 08 April 2022, Available from: https://www.asiafinancial.com/48334-2
[9] Kaur, Dashveenjit. “Japan’s first domestic quantum computer targets 10m users by 2030”, Techwire Asia, 18 April 2022, Available from: https://techwireasia.com/2022/04/japans-first-domestic-quantum-computer-targets-10m-users-by-2030/
[10] Toulas, Bill. “Russian hacktivists launch DDoS attacks on Romanian govt sites”, Bleeping Computer, 29 April 2022, Available from: https://www.bleepingcomputer.com/news/security/russian-hacktivists-launch-ddos-attacks-on-romanian-govt-sites/ ; Government of Romania. “Atacuriciberneticeasupra site-urilorunorinstituțiipubliceșifinanciar-bancare”, SRI, 29 April 2022, Available from: https://www.sri.ro/articole/atacuri-cibernetice-asupra-site-urilor-unor-institutii-publice-si-financiar-bancare.html
[11] Toulas, Bill. “Chinese state-backed hackers now target Russian state officers”, Bleeping Computer, 27 April 2022, Available from:https://www.bleepingcomputer.com/news/security/chinese-state-backed-hackers-now-target-russian-state-officers/