VIF Cyber Review: September 2022

NATIONAL

Pegatron Mobile Manufacturing facility in Tamil Nadu: another milestone added to PM’s vision of making India a global electronics manufacturing hub.

On 30 September 2022, the Minister of State for Electronics & Information Technology and Skill Development & Entrepreneurship— Rajeev Chandrasekhar, inaugurated the Pegatron mobile manufacturing facility in Chenglapattu near Chennai, Tamil Nadu and said that the facility is another milestone in Prime Minister Narendra Modi’s vision of making India a global electronics manufacturing hub. “It is a symbol of the partnership between the Central and State government to help India achieve the target of USD 300 billion in electronics manufacturing, from the current USD 75 billion,” said Minister Chandrasekhar during the inaugural of the facility. The facility was established by Taiwan’s electronics giant— Pegatron Technology India, under the Indian government’s Production Linked Incentive (PLI) scheme, in an industrial park in Chenglapattu, near Chennai.

The PLI scheme has played a significant role in ushering the investments and employment in electronics manufacturing and has catalysed an investment of ₹ 6,500 crores in a short period, generating employment of over 40,000 in Tamil Nadu alone. “It has been an extraordinary journey for Pegatron to be in India. We are overwhelmed by the support extended by the Government of India and Tamil Nadu,” said Cheng Jian Jong, Chairman of Pegatron Technology India.[1]

Ministry of Communications initiated the ‘Public Consultative’ process on the draft of the Indian Telecommunication Bill, 2022.

The Ministry of Communications, Government of India (GoI), had initiated a public consultative process to draft a contemporary and futuristic legal framework in telecommunications. As per the process, in July 2022, the ministry published a consultation paper on ‘Need for a new legal framework governing Telecommunications in India’ and invited comments/suggestions from various stakeholders, including industry associations.

Based on the consultations and suggestions, the ministry has prepared the draft Indian Telecommunication Bill, 2022. The draft Bill and explanatory note can be accessed at: https://dot.gov.in/relatedlinks/indian-telecommunication-bill-2022. The deliberations can be shared with the ministry by 20 October 2022.[2]

“Pervasive digital infrastructure and ensured access to digital services to all is key for a better digital future,” said MoS for Communications.

On 25 September 2022, the Minister of State (MoS) for Communications— Devusinh Chauhan, addressed the Ministerial Roundtable, part of the International Telecommunication Union (ITU) in Bucharest, Romania. The Minister said that a better digital future could only be built on pervasive digital infrastructure, developing digital platforms to deliver government services to all citizens and ensuring access to digital services to all.

The MoS also cited stories about the Government of India’s (GoI) commitment to building telecom infrastructure, such as the plan to extend mobile services to all 6,40,000 villages in India by 2023 and Optical Fibre by 2025. It is the result of citizen-centric and industry-friendly public initiatives and policies that point to a bright future for India’s digital economy. The MoS also highlighted the success of the Digital India Initiative, mainly the Aadhaar and Aadhaar Enabled Payment System (AEPS), under the leadership of Prime Minister Narendra Modi. As per the data, around 400 million transactions were carried out on AEPS, which is the best example of financial inclusion affected by the development of digital infrastructure. “India has been contributing to the goals of the ITU and will take all necessary steps to fulfil Sustainable Development Goals (SDGs) 2030,” said MoS Chauhan.[3]

Indian banking users targeted by SOVA Android Trojan.

On 10 September 2022, the Indian Computer Emergency Response Team (CERT-In) issued an advisory about Indian banking customers being targeted by a new variant of mobile banking malware using SOVA Android Trojan. In July 2022, SOVA added India to its target list, where the US, Russia, and Spain were already enlisted. The latest version of this malware hides within fake Android applications that show up the logo of a few famous legitimate apps, such as Chrome and Amazon, to deceive users into installing them. The malware captures the credentials when users log into their net banking apps and access bank accounts. The new version of the malware— SOVA- seems to target over 200 mobile applications, including banking apps and crypto exchanges.

SOVA’s list of functions includes the ability to:

  • Collect keystrokes,
  • Steal cookies,
  • Intercept Multi-Factor Authentication (MFA) tokens,
  • take screenshots and record videos from a webcam,
  • copy/paste,
  • Mimic over 200 banking and payment applications.

Another feature of SOVA is its “protections module” refactoring, which aims to protect itself from different victims’ actions. For instance, if the user tries to uninstall the malware from the settings, SOVA can intercept these actions and prevent them (through the abuse of Accessibilities) by returning to the home screen and showing a pop-up displaying “this app is secured”. The attack can effectively jeopardise the privacy and security of sensitive customer data and result in large-scale attacks and financial fraud. The advisory also includes detailed information about the malware and best practices to avoid being a victim of SOVA.[4]

Quad Foreign Ministers committed to an open, secure, stable, peaceful cyberspace.

The foreign ministers of India, Australia, Japan, and the United States (US) met on September 23, 2022, to discuss the Quad’s commitment to an open, secure, stable, and peaceful cyberspace, as well as regional initiatives to strengthen nations’ ability to put the United Nations’ (UN) Framework for Responsible State Behaviour in Cyberspace into practice. The security and resiliency of the cyber infrastructure in the region would be guaranteed through targeted actions to improve the cyber capabilities of Indo-Pacific nations.

The Foreign Ministers emphasised their commitment to addressing the global ransomware threat, which has hampered the security and economic growth of the Indo-Pacific region, and referred back to their previous meeting held on 11 February 2022. Ransomware’s global reach has the potential to harm the national security, the financial and commercial sectors, key infrastructure, and the privacy of individuals. The Quad nations value the strides the 36 nations supporting the Counter Ransomware Initiative (CRI) under US leadership and the ongoing, pragmatic consultations against cybercrime in the Indo-Pacific region.a href=”#_edn5″ name=”_ednref5″>[5]

In 2021, the Indian healthcare sector faced a 7.7 per cent share of cyber-attacks on the global healthcare sector.

According to a report prepared by CloudSEK on “Increased cyber-attacks on the global healthcare sector”, India recorded the second highest number of cyber-attacks, with a total of 7.7 per cent of total cyber-attacks on the healthcare industry in 2021. The United States (US) healthcare sector witnessed 28 per cent of global attacks. According to the same report, the cyber-attack incidence on the Indian healthcare industry translates into over 71 lakh records, whereas Australia has been the most-hit country with around 70 crore records in the first four months of 2022.[6]

In India, 2021 saw the highest cyber-attacks/breaches in the last four years.

According to the data presented in Lok Sabha (the Lower House of the Indian Parliament), India witnessed the highest number of cyber-attacks or breaches compared to the last four years. A total of 160,560 Indian websites were hacked between 2016 and 2021, translating to around 73 websites per day. The year 2021 reported the highest number of cyber-attacks, with a total of 28,897 cyber-attacks, including on 186 government websites.

Some of the significant cyber-attacks involved the State Bank of India (the year 2019), COVID-19 test results (the year 2021), Air India (2021), and Domino’s (2021).[7]

INTERNATIONAL

Denmark banned Hikvision camera purchases based on a security assessment.

One of the most populous regions of Denmark, which includes Copenhagen, banned the purchases of China-made Hikvision cameras, followed by a security assessment that highlighted Hikvision as a ‘critical’ threat to security. In January 2022, Denmark’s intelligence agency warned against PRC (People’s Republic of China)-made cameras, calling out Hikvision’s vulnerabilities and PRC data laws.

On 26 September 2022, Region Hovedstaden, Denmark’s Capital Region, declassified a June 2022 briefing stating that the Capital Region’s Steering Group for IT and Information Security “has decided to purchase video cameras from the manufacturer Hikvision must be discontinued.” On 15 February 2022, the Danish Security and Intelligence Service (PET/ Politiets Efterretningstjeneste) and the Centre for Cyber Security sent a “Security recommendation regarding the use of surveillance cameras.” The threat consists of a backdoor that “makes it possible for an attacker to access the camera without the use of authentication.” However, the recommendation did not recommend bans but urged patches, and those video cameras are connected to their own (domestic) network.”[8]

Huawei Technologies staged its ‘Huawei Connect’ in Thailand.

In efforts to avoid a crackdown from the West, mainly the United States (US), China’s Huawei Technologies showcased its ‘Huawei Connect’ annual technology showcase in Thailand, where Digital and Economic ministers from Thailand, Indonesia, the Philippines, and Bangladesh had gathered to attend the event. All four countries have already allowed their respective mobile network operators to source 5G telecom equipment from Huawei, despite security concerns, warnings and sanctions/bans issued by the US and European governments.

In South-East Asia, Vietnam has become an alternative destination for electronics manufacturers leaving China, while Indonesia and Thailand are vying to be the centre of a regional electric vehicle supply chain. After Thailand, Huawei Connect will be held in Dubai and Paris. France has discouraged telecom operators from using Huawei 5G equipment but has allowed Huawei to build a factory. Despite US concerns, Gulf countries, including the United Arab Emirates (UAE), have continued to use Huawei in their networks.[9]

Optus data breach: hacker released 10,000 records from the Australian Prime Minister’s and Defence Minister’s office.

On 26 September 2022, a purported hacker released a text file of 10,000 customer records and ‘promised’ to leak around 10,000 per day for the next four days unless Optus paid them USD 1 million. “Federal Police investigated a post on an online forum purported to release the records from the recent data breach and threatened to release more until a USD 1 million ransom is paid,” said CEO of Optus— Kelly Bayer Rosmarin. The customer records included e-mail addresses from the Department of Defence and the Office of the Prime Minister and Cabinet. The Optus attack has affected up to 10 million customer records. On 27 September 2022, the hacker deleted the original post with links to the data and apologised for attempting to sell data.[10]

US Senators aimed to amend the Cyber Security bill to include Crypto.

The US Senators Marsha Blackburn (Tennessee) and Cynthia Lummis (Wyoming) attempted to provide frameworks for the digital asset industry. Both Senators urged the Cybersecurity Information Sharing Act, 2015 amendment to include cryptocurrency. The Electronic Transactions Association endorses the bill.

According to Senator Blackburn, Some criminals have utilised cryptocurrencies to conceal their unlawful activities and escape punishment. The revised “Cryptocurrency Cybersecurity Information Sharing Act” will review and revise current laws to directly address this misuse. It will give bitcoin companies a voluntary way to report rogue actors and safeguard cryptocurrency from risky practices. The bill also aims to mitigate losses from several cyber-related incidents, including data breaches, ransomware attacks, and network damages.[11]

Endnotes :

[1]Press Information Bureau. “Pegatron plant roll out another milestone in PM Shri Narendra Modi ji’s vision of making India a global electronics manufacturing hub: MoS Shri Chandrasekhar”, Ministry of Electronics and IT, 30 September 2022, accessed on 03 October 2022, available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1863721
[2]Press Information Bureau, “Inviting comments on the draft Indian Telecommunication Bill, 2022”, Ministry of Communications, 22 September 2022, accessed on 03 October 2022, available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1861399
[3]Press Information Bureau, “Better digital future can only be built on pervasive digital infrastructure, developing digital platforms and ensuring access to digital services to all – Shri Devusinh Chauhan”, Ministry of Communications, 25 September 2022, accessed on 03 October 2022, available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1862131
[4] “SOVA Android Trojan targeting Indian banking users”, Indian Computer Emergency Response Team, 10 September 2022, available from: https://www.cert-in.org.in/
[5]“Quad Foreign Ministers’ Statement on Ransomware”, Ministry of External Affairs- Government of India, 23 September 2022, accessed on 05 October 2022, available from: https://mea.gov.in/bilateral-documents.htm?dtl/35746/Quad_Foreign_Ministers_Statement_on_Ransomware
[6]PTI. “cyber-attacks on Indian healthcare industry second highest in the world: CloudSEK”, Outlook, 20 September 2022, accessed on 05 October 2022, available from: https://www.outlookindia.com/business/cyber-attacks-on-indian-healthcare-industry-second-highest-in-the-world-cloudsek-news-224600
[7]Basu, Orin and Suparna Shree. “73 websites hacked every day in India, 2021 saw highest cyber breaches in four years”, Zee News, 23 September 2022, accessed on 05 October 2022, available from: https://zeenews.india.com/india/73-websites-hacked-every-day-in-india-2021-saw-highest-cyber-breaches-in-four-years-2513355.html
[8]Rollet, Charles. “Danish Capital Region bans Hikvision purchases, calls ‘critical threat to security’”, IPVM, 28 September 2022, accessed on 05 October 2022, available from: https://ipvm.com/reports/danish-capital?code=1&utm_source=substack&utm_medium=email
[9]Regalado, Francesca. “Huawei courts Thailand, Indonesia with supply chain support”, Nikkei Asia, 19 September 2022, accessed on 05 October 2022, available from: https://asia.nikkei.com/Business/Technology/Huawei-courts-Thailand-Indonesia-with-supply-chain-support
[10]May, Natasha and Josh Taylor. “Purported Optus hacker releases 10,000 records including e-mail addresses from defence and prime minister.” The Guardian, 27 September 2022, accessed on 05 October 2022. available from: https://www.theguardian.com/business/2022/sep/27/police-all-over-dark-web-ransom-threat-to-release-10000-customer-records-a-day-optus-ceo-says
[11]Melinek, Jacquelyn. “US Senators aim to amend cybersecurity bill to include crypto”, Tech Crunch, 29 September 2022, accessed on 06 October 2022. available from: https://techcrunch.com/2022/09/28/us-senators-aim-to-amend-cybersecurity-bill-to-include-crypto/