UNVEILING THE INVISIBLE THREAT: A DEEP DIVE INTO CYBER ATTACKS AND CYBERSECURITY

This blog basically deals with online threats that occurs in our day to day life which are increasing in number.

Sakshi Soni (School of law NMIMS Indore)

11/15/20239 min read

Introduction

For over two decades, the Internet has played a pivotal role in worldwide communication and has increasingly become an integral part of people's lives across the globe. Today, cyberspace is experiencing rapid expansion at an unprecedented rate, offering opportunities to individuals with malicious intentions. The Internet has established an extensive global network that contributes billions of dollars annually to the global economy. Currently, the majority of economic, commercial, cultural, social, and governmental activities and interactions, spanning from individuals and non-governmental organizations to government institutions, take place in the digital realm. Critical and sensitive infrastructures and systems either exist within cyberspace or are under its control, management, and utilization. Furthermore, a substantial portion of vital and sensitive information is either transmitted through this digital domain or originates within it.

Cyber Attacks: Digital Assaults Unveiled

In the digital age, where technology drives almost every facet of our lives, the threat of cyber-attacks has become an ever-looming specter. A cyber-attack is a deliberate and malicious attempt to compromise the integrity, confidentiality, or availability of computer systems, networks, or data. These attacks are typically carried out by individuals, groups, or even nation-states with the intent to disrupt, damage, or gain unauthorized access to digital resources. Cyber-attacks encompass a wide range of activities, including but not limited to malware infections, data breaches, denial-of-service attacks, phishing, ransomware, and other tactics aimed at exploiting vulnerabilities in technology and human behavior for various purposes, such as financial gain, espionage, political motives, or simply causing chaos. Major forms of cyber-attacks include:

  • Phishing- Phishing attacks are designed to collect user information such as usernames, passwords, credit card numbers, and PINs in order to get access to the victim's bank account or seize control of social media data.

  • Identity Theft- A type of cybercrime in which hackers attempt to access crucial personal data such as social security numbers, Aadhar numbers, credit card numbers, and other associated information in order to mimic someone and profit off their identity. For the goal of ransom, a phone was used to acquire access to private personal data from the general public.

  • Viruses and Trojans- Viruses are nothing more than malicious instructions that multiply themselves in the same way that human viruses do without the assistance of humans. The Trojan virus is a disruptive program that, unlike viruses, does not replicate itself but spreads quickly.

  • Fishing- This is the use of social engineering over the phone to get access to private personal data from the general public in order to extract a ransom. Cross-site scripting (CSS) is a type of scripting that is commonly utilized in web applications. This allows attackers to insert client-side scripts into user-facing web pages. Assailants utilize this to get around access constraints.

  • Botnet- A botnet is a sort of cyber-attack in which malicious code infects a network of private computers, which are then controlled by a group without the owners' knowledge.

  • ATM/Debit/Credit Card Frauds- In these types of frauds, the fraudster attaches a skimming device to the ATM or POS machine's keypad so that it is not visible to the naked eye. When a customer inputs his card number and PIN, the information is sent to a skimmer that has been placed and can be used to steal money.

  • Ransomware- Ransomware is one of the most well-known cyber threats. This is a sort of malicious software that prevents a computer or a group of computers from accessing the Internet unless a certain amount of money is paid. They threaten to reveal critical information unless the attackers are given a certain amount of money. A typical sort of ransomware assault is Maze.

  • Email/SMS Spoofing – Email spoofing is an email sent by an address that is not valid or is forged under the pretext of someone else (is fake), this email is then used to mislead the recipient or make false statements and dig out info.

  • Cross-site Scripting – In cross-site scripting, the attacker executes malicious scripts on the website / the web browser so that when anyone visits that site, the actual attack occurs, and this allows the malicious script to reach the visitor's browser.

  • Cyber Squatting- It is the attempt to use an internet domain name or the name of a brand and use it to the advantage of personal gain. It is an attempt to represent a brand online without due permission or consent.

  • Child Pornography– Child Sexually Abusive Material (CSAM) is the reference to images or videos that contain sexually explicit content of a child being abused or exploited. Section 67 (B) of the IT Act states that “it is punishable for publishing or transmitting of material depicting children in sexually explicit act, etc. in electronic form.

  • Online Sextortion – It is threatening someone with the context of distributing or sharing private information using an electronic medium in case the victim does not provide sexual favors.

  • Sexting – Sexting is the act in which a cell phone is used to send sexual images, videos texts.

  • Invasion of Privacy – All the activities that an individual does in cyberspace if they come under surveillance by anyone is a threat to anyone the information of the individual.

  • Cyber Vandalism – Cyber vandalism is the destruction and damage taking place in cyberspace, it can be done by creating malware that stops the functioning of a computer system or defacing any website online.

  • Cyber Trespass – Cyber trespassing is accessing unauthorized computer infrastructures and obtaining information from protected computers.

Major Cyber Attacks Impacting India

India, as one of the world's fastest-growing digital economies, has not been immune to this menace. According to the latest report by Microsoft, India accounts for 13% of cyber-attacks in the Asia-Pacific (APAC) region, making it one of the top three most attacked countries by nation-state actors.

§ Ransomware Attack in Oct 2022 - Tata Power: India’s largest integrated power company – Tata Power, faced ransomware attacks on 14th Oct. These attacks impacted their IT infrastructure and system. They have immediately taken steps to restore or retrieve the systems.

§ Ransomware Attack in Nov 2022 - All India Institute of Medical Service or AIIMS: India’s leading public medical institute -- All India Institute of Medical Service or AIIMS, experienced a cyber-attack on 23rd November. This attack affects hundreds of patients and doctors accessing primary healthcare services, including discharge, billing, and patient admission system.

§ Petya/NotPetya Ransomware Attack (2017): India was also affected by the Petya/NotPetya ransomware attack, which targeted organizations worldwide. It disrupted the operations of some Indian businesses and led to data loss.

§ NIC Email Phishing Attack (2020): The National Informatics Centre (NIC), a government organization, faced a phishing attack in 2020. Attackers sent malicious emails to NIC employees, aiming to steal sensitive information.

§ Power Grid Corporation Phishing Attack (2020): In the same year, the Power Grid Corporation of India, a critical infrastructure provider, reported a phishing attack that targeted its employees.

Shielding the Digital Realm: A Comprehensive Guide to Cybersecurity

Cyber security is primarily about people, processes, and technologies working together to encompass the full range of threat reduction, vulnerability reduction, deterrence, international engagement, incident response, resiliency, and recovery policies and activities, including computer network operations, information assurance, law enforcement, etc.

Cyber security means maintaining the Integrity, Confidentiality, and Availability (ICA) of computing assets belonging to an organization or connecting to another organization’s network. Cyber security is a technique developed to safeguard information and information systems that are stored on computers.

  • Cyber Security Model

Cyber Security's main objective is to ensure data protection. The security community provides a triangle of three related principles to protect the data from cyber-attacks. This principle is called the CIA triad. The CIA model is designed to guide policies for an organization's information security infrastructure. When any security breaches are found, one or more of these principles have been violated. The CIA model consists of three parts: Confidentiality, Integrity, and Availability.

  • Confidentiality: Confidentiality is equivalent to privacy which avoids unauthorized access to information. It involves ensuring the data is accessible by those who are allowed to use it and blocking access to others. It prevents essential information from reaching the wrong people. Data encryption is an excellent example of ensuring confidentiality.

  • Integrity: This principle ensures that the data is authentic, accurate, and safeguarded from unauthorized modification by threat actors or accidental user modification. If any modifications occur, certain measures should be taken to protect the sensitive data from corruption or loss and speedily recover from such an event. In addition, it indicates to make the source of information is genuine.

  • Availability: This principle makes the information available and useful for its authorized people always. It ensures that these accesses are not hindered by system malfunction or cyber-attacks.

    Types of Cyber Security
  • Network Security: It involves implementing the hardware and software to secure a computer network from unauthorized access, intruders, attacks, disruption, and misuse. This security helps an organization to protect its assets against external and internal threats.

  • Application Security: It involves protecting the software and devices from unwanted threats. This protection can be done by constantly updating the apps to ensure they are secure from attacks. Successful security begins in the design stage, writing source code, validation, threat modeling, etc., before a program or device is deployed.

  • Information or Data Security: It involves implementing a strong data storage mechanism to maintain the integrity and privacy of data, both in storage and in transit.

  • Identity management: It deals with the procedure for determining the level of access that each individual has within an organization.

  • Operational Security: It involves processing and making decisions on handling and securing data assets.

  • Mobile Security: It involves securing the organizational and personal data stored on mobile devices such as cell phones, computers, tablets, and other similar devices against various malicious threats. These threats are unauthorized access, device loss or theft, malware, etc.

  • Cloud Security: It involves in protecting the information stored in the digital environment or cloud architectures for the organization. It uses various cloud service providers such as AWS, Azure, Google, etc., to ensure security against multiple threats.

  • Disaster Recovery and Business Continuity Planning: It deals with the processes, monitoring, alerts, and plans to how an organization responds when any malicious activity is causing the loss of operations or data. Its policies dictate resuming the lost operations after any disaster happens to the same operating capacity as before the event.

  • User Education: It deals with the processes, monitoring, alerts, and plans to how an organization responds when any malicious activity is causing the loss of operations or data. Its policies dictate resuming the lost operations after any disaster happens to the same operating capacity as before the event.

    India’s Combating Strategies against Cyber Attacks:
  • National Cyber Security Strategy 2020: It seeks to improve cyber awareness and cybersecurity through more stringent audits. Empanelled cyber auditors will look more carefully at the security features of organizations that are legally necessary now.

  • National Critical Information Infrastructure Protection Centre (NCIIPC): The NCIIPC, created under Information Technology Act, 2000, operates as the nodal agency for the protection and resilience of critical information infrastructure

  • Indian Cyber Crime Coordination Centre (I4C): It was set up in 2020 to deal with all types of cybercrimes in a comprehensive and coordinated manner.

  • Cyber Surakshit Bharat Initiative: It was launched in 2018 with an aim to spread awareness about cybercrime and build capacity for safety measures for Chief Information Security Officers (CISOs) and frontline IT staff across all government departments.

  • Cyber Swachhta Kendra: In 2017, this platform was introduced for internet users to clean their computers and devices by wiping out viruses and malware.

  • Information Technology Act, 2000: The Act regulates the use of computers, computer systems, computer networks, and data and information in electronic format.

  • National Cyber Crime Reporting Portal: It is a citizen-centric initiative which will enable citizens to report cybercrimes online and all the complaints will be accessed by the concerned law enforcement agencies for taking action as per law.

  • Computer Emergency Response Team - India (CERT-In): It is an organization of the Ministry of Electronics and Information Technology which collects, analyses and disseminates information on cyber incidents, and also issues alert on cybersecurity incidents.

  • Cybersecurity Treaties: India has already signed cybersecurity treaties with countries such as the US, Russia, the UK, South Korea, and the European Union.

  • Multilateral Frameworks: Efforts are being made in multinational frameworks such as the Quad and the I2U2 to enhance cooperation in cyber incident responses, technology collaboration, capacity building, and in the improvement of cyber resilience.

  • India’s Digital Personal Data Protection Act 2023: It seeks to ensure usage of personal data for lawful purposes only and proposes a penalty of up to ₹500 crore for data breaches.

  • Defence Cyber Agency (DCA): It is created by Indian armed forces and is capable of offensive and defensive maneuvres

Conclusion

Cybersecurity is not merely a technological concern; it is a multifaceted challenge that encompasses people, processes, and technologies working in unison to protect our interconnected world. As we move forward, international collaboration, incident response readiness, and continuous innovation in cybersecurity will be paramount in safeguarding our digital future. This deep dive into the world of cyber-attacks underscores the complex interplay between malicious actors, technological vulnerabilities, and the efforts to safeguard our digital environments. It is a realm where individuals, organizations, and nations must remain vigilant, adaptive, and cooperative in the face of persistent and emerging threats.

In a world where the invisible threat of cyber-attacks looms large, knowledge, preparedness, and collective action stand as our most potent.

(Edited and Posted by Iswari Legality LLP team)

BY- SAKSHI SONI

(SCHOOL OF LAW, NMIMS INDORE)