Cyber Security Trends Of India 2017 By PTLB

Cyber Security Trends Of India 2017 By PTLBCyber security has attracted attention of various stakeholders in India. These include Indian government, companies, individuals, banks, etc. Perry4Law Organisation (P4LO) has already provided the Indian Cyber Security Trends 2017 and interested stakeholders may read the same for in-depth analysis of cyber security position that may emerge in India in 2017.

In this article, Perry4Law’s Techno Legal Base (PTLB)would provide a summary of cyber security trends of India 2017 that may emerge in the year 2017.

(1) Digital India Security: Security of digital India project is of utmost importance as many online services are based upon it. The year 2016 did not see much work in this regard and digital India remained an insecure project that lacked cyber security capabilities. It has now become indispensable for the Indian government to ensure cyber security for digital India in 2017 as without cyber security most of government’s projects would create more trouble than solution.

(2) Digital Payments: The thrust upon digital payments without adequate cyber security is a really troublesome notion. The entire digital payment and online banking system of India is vulnerable to cyber attacks and cyber thefts. Whether it is debit/credit cards, mobile wallets, online banking or any other proposed e-banking option; they are very much vulnerable to sophisticated cyber attacks. Indian banks and digital payment providers are clearly not equipped to deal with the cases of cyber attacks and cyber crimes that are going to increase in 2017.

(3) Ransomware: Ransomware emerged as one of the top nuisances in the year 2016. Ransomware attacks would further increase in 2017 in India. As India is moving towards a data nation, locking of the same would be catastrophic.  We have little defense against ransomware in India as on date and businesses may feel helpless and prone to litigations once they are hit by it.

(4) Smart Cities Security: Indian government is all set to establish smart cities in India. Many smart cities were approved in the year 2016 and work upon them may start in 2017. Indian government has considered all aspects of smart cities managements and PTLB hopes that cyber security of smart cities in India must also have been considered along with possible legal issues that may arise.

(5) IoT Security: Internet of things (IoT) received positive response in India in 2016. Many national and international stakeholders have shown interest in IoT driven services. Of course, at this stage most of them are just exploring as techno legal issues are still not clear. However, what is clear is that IoT services require strong cyber security and civil liberties protection that was missing in 2017. That may be natural as well as IoT is still evolving in India and PTLB hopes that IoT would be able to manage cyber security, civil liberties and data security aspects in the year 2017.

(6) Cloud Computing Security: Cloud computing is comparatively well received concept in India. In fact, companies and individuals have been investing in cloud computing ventures even before 2016. However, many of our clients were apprehensive in launching a full fledged cloud computing business. This is largely due to the fact regulatory and technological aspects are still not clear to them. In the absence of clarity about these aspects, cloud computing witnessed a limited growth in 2016. The year 2017 may see better growth for cloud computing businesses.

(7) Aadhaar: Aadhaar project was pushed very rigorously by Indian government in the year 2016 even by indulging in contempt of court. However, little efforts were undertaken by Indian government to protect civil liberties and cyber security issues of Aadhaar. For projects like digital India and Aadhaar, cyber security laws are urgently needed but they remained missing in 2016. The year 2017 may see some positive development in this regard.

(8) Critical Infrastructure Protection: Indian government has hinted towards launch of botnet and malware cleaning centers in the year 2017. This is a positive development as it would help in critical infrastructure protection (Pdf) in India. Indian government has also been formulating guidelines and regulations ensuring protection of protected systems and critical infrastructures from time to time. The National Critical Information Infrastructure Protection Centre (NCIIPC) has also been working in the direction of protecting Indian critical infrastructures. PTLB strongly recommend that NCIIPC must be formally launched by Indian government with clear cut functions and responsibilities. This did not happen in 2016 and 2017 may see some development in this regard.

(9) Healthcare Security: With increasing use of ICT for healthcare, India needs a robust healthcare cyber security. This must be supplemented with adequate privacy safeguards and effective data protection. In 2016 Indian government failed to ensure cyber security, data protection and privacy protection for healthcare industry. They year 2017 may also see little efforts in this direction from government’s side.

(10) Banking Security: Banking cyber security is an area where Indian government must work a lot. Financial transactions and digital payments in India are vulnerable to diverse cyber attacks and cyber crimes. Banks are ill equipped to deal with sophisticate cyber crimes and cyber attacks. Bank customers have little recourse against the guilty banks and digital payment service providers who have neglected in ensuring cyber security. This is happening even after a cyber security framework has been prescribed by Reserve Bank of India (RBI) that is mandatory to follow by Indian banks. However, despite the passing of the September 2016 deadline, banks have not made their systems cyber secure. Indian government may force banks to follow cyber breach disclosure norms and put in place adequate cyber security in 2017.

(11) Cyber Litigations: Cyber litigations are going to increase in the year 2017 in India. Increase in cyber crimes and cyber attacks in 2016 are a hint of the same. Till now cyber awareness among people is not high. Once they are aware of their cyber rights, they would enforce the same. However, law enforcement agencies of India must be modernised and they must develop good cyber crime investigation and cyber forensics capabilities.

(12) Cyber Insurance: Cyber insurance business would see a big growth in the year 2017 due to increased cyber crimes and cyber attacks. Already many businesses have opted for cyber liability insurance in the year 2016. However, there are certain techno legal issues of cyber liability insurance that must be kept in mind by both insurance companies and insured. The year 2017 may also see entry of new players, startups, entrepreneurs, etc in the field of cyber insurance.

(13) Blockchain: Many stakeholders explored use of blockchain and bitcoin in the year 2016. Indian government and Reserve Bank of India (RBI) are also analysing blockchain and bitcoin and its possible usages. However, no clear picture emerged in the year 2016 in this regard. Also issues of techno legal regulatory compliances and legality of bitcoin in India are still unresolved. The year 2017 may see some positive developments built around blockchain and bitcoin.

We hope our readers and various stakeholders would find the cyber security trends of India 2017 by PTLB useful.

Posted in Uncategorized | Comments Off

Cyber Espionage Policy Of India

The traditional methods of espionage are things of the past. Now most of the crucial and sensitive information and data are stored on computers and electronic devices. Naturally, computers and information and communication technology (ICT) associated with government and companies are the primary target of those seeking espionage in the modern era. This process of infiltration and breach of sensitive and top secret government and corporate computers is known as cyber espionage.

Cyber espionage in India is not a new concept but has been in existence since last decade. Further, cyber espionage may be done by an insider or an outsider by exploiting the vulnerabilities in the cyber security of an organisation. The real problem is that cyber espionage is inexpensive and relatively easy to commit and it is also very difficult to prove with absolute certainty. In short, without a conclusive “authorship attribution” cyber espionage is largely a lost battle. This is the reason why the Defense Advanced Research Projects Agency (DARPA) of United States is soliciting innovative research proposals in the area of cyber attribution.

If we analyse the cyber attacks trends against India for the past few years it would be apparent that the frequency and sophistication of various cyber attacks has significantly increased. This has been well analysed and documented by the cyber security developments of India 2015 and cyber security trends in India 2016 by Perry4Law Organisation (P4LO). Sophisticated cyber espionage malware like Uroburos/Snake, FinFisher, etc are easily defeating the cyber security safeguards. The global cyber espionage operation named SafeNet was discovered in the year 2013 that infected computers across the globe.

Recently it was reported in the media that a cyber espionage group named Danti could have breached the computer of top ranking bureaucrats in the government. Cyber espionage groups like Danti usually sends an e-mail carrying a malware or a malicious link, which seems to be originating from a government official mail or an e-mail from some government department. Once such malware is activated by either opening of the malicious downloaded file or by clicking at the malicious link, the malware is silently installed upon the victim’s system. It works in a stealth manner and keeps on stealing the sensitive information and sending it to the designated server in an encrypted and coded manner.

India has neither a dedicated cyber security law nor a mandatory cyber breach disclosure norms as on date. Even the cyber security infrastructure of India is grossly deficient as it cannot tackle sophisticated cyber attacks and malware. We do not have any cyber warfare policy of India (pdf), cyber terrorism policy of India, critical infrastructure protection policy of India (pdf) and cyber espionage policy of India. Even the important encryption policy of India (pdf) is missing till now. Constitution of the Tri Service Cyber Command for Armed Forces of India has skipped many deadlines and it is yet to be established. All we have is a defective and outdated cyber security policy formulated in the year 2013 that needs urgent reformulation.

As far as Indian cyber law is concerned, it has become almost redundant and it needs an urgent amendment, preferably a re-enactment. Even Indian Telegraph Act needs to be repealed as it carries many draconian e-surveillance and phone tapping related provisions that have no place in a modern democratic society like India. However, the worst blow came from Indian Supreme Court that has virtually killed the cyber law due diligence (pdf) instead of strengthening the same. Clearly, India lacks the required techno legal framework that alone can help it in fighting against cyber crimes and sophisticated national and international cyber attacks.

Another area of concern is the absence of adequate cyber security of e-governance services in India. Indian government is pushing its Digital India project without any civil liberties and cyber security safeguards. For instance, we have inadequate cyber security for smart grids, smart cities, critical infrastructures, nuclear facilities, satellites, governmental informatics infrastructures, defense networks, etc and Digital India cannot succeed in the absence of a robust and resilient cyber security for these critical infrastructures. We do not have an implementable cyber attacks crisis management plan of India that can be relied upon in case of a sophisticated cyber attack.

At a time when US law enforcement and intelligence agencies have acquired trans border hacking powers, it would be naive to assume that the same would not be used against Indian computers. The truth is that US is pushing other nations towards cyber warfare and cyber espionage race. In this background it is imperative that Indian government must not only enact dedicated and techno legal cyber security laws for India but also insulate Indian cyberspace and computers from foreign cyber attacks and cyber espionage attempts. We at Perry4Law Organisation (P4LO) strongly recommend that a dedicated cyber espionage policy of India must be urgently formulated by Indian government in these circumstances. P4LO would be happy to assist Indian government and other national and international stakeholders in formulation of cyber espionage policy in general and amended cyber law and cyber security laws in particular.

As per media reports, Indian government is contemplating to frame a comprehensive policy to deal with cyber espionage and other threats related to it. The policy that may enable setting up of a panel of experts who can work closely with the security establishment is being closely monitored by the Prime Minister’s Office. Indian government is also working in the direction of bringing suitable changes in the existing laws to make them more compatible and contemporary to the present time requirements. The cyber security manpower would also be strengthened along with upgrading the cyber security infrastructure to tackle cyber attacks. P4LO welcomes these positive developments and wishes all the best to Indian government in this regard.

Source: International Cyber Security.

Posted in Uncategorized | Comments Off

Are Present Day Malware Beyond The Reach Of Cyber Security Products And Services?

PRAVEEN DALAL MANAGING PARTNER OF PERRY4LAW CEO PTLBMalware are a big cyber security nuisance for long. Cyber security vendors have been trying to contain various sophisticated malware that come up from time to time. As the nations and state actors have become interested in these malware and some of them are even funding their development and exploitation, cyber security products and services are finding it difficult to match their capabilities.

Till the time a cyber security product or service is launched to contain a sophisticated malware, the havoc and damage is already done. In this article titled “Malware Are Defeating Cyber Security Safeguards With Ease“, this fight between malware and cyber security products has been aptly described.

Presently malware are clearly winning the fight between security and system infections as security products are inherently incapable of tackling zero day vulnerabilities and state sponsored cyber attacks.

In the research article titled “Prospective Cyber Security Trends In India 2015“, Perry4Law Organisation (P4LO) predicted that state sponsored cyber attacks would increase. This actually happened and even Twitter and Google issued warnings that state sponsored cyber attacks may be there for their products and services. The “Cyber Security Trends In India 2016” have also predicted the rise of botnet, malware and cyber attacks against critical infrastructures around the world.

It is a wake up call for the cyber security vendors to either improve their security products and services or become redundant and ready to be exiled. What is the purpose of an anti virus that cannot detect and remove a malware?

At the same time there is a need to change the attitude towards cyber security by individuals, companies and governments. At the organisation level, there must be a techno legal policy for cyber security that should be religiously followed. Any lapse in the policy may be lethal for the financial and brand value of the organisation.

As far as India is concerned, India is still struggling to establish the Chief Information Security Officer (CISO) culture. Even at the government level, CISO culture is still missing. For instance, recently the Prime Minister Office (PMO) of India appointed Dr. Gulshan Rai as the first CISO of India. Although this is a very good and pro active move yet we have seen little development in this regard so far. Similarly, appointing the Chief Information Officers (CIOs) was made mandatory for all banks in India in 2012 yet till 2016 banks have not done so. In fact, cyber security of banks in India is in a very poor condition.

Even the government projects like National Critical Information Infrastructure Protection Centre (NCIIPC), National Cyber Coordination Centre (NCCC), etc have failed to achieve for what they were contemplated. There are no cyber breach disclosure norms in India as well. As a result we have almost missing cyber security infrastructure in India that needs to be revamped and strengthened immediately. This is more so when India has introduced the “Digital India” project that would make Indian infrastructure vulnerable to sophisticated cyber attacks from around the world. When everybody is passing the buck who is going to bell the cat named malware.

Posted in Uncategorized | Comments Off

Blog On International Legal Issues Of Cyber Attacks

Blog On International Legal Issues Of Cyber AttacksAnybody who has dealt with international cyber law and cyber security related issues must be aware that it is really tough to solve such cases. Being transnational in nature, cyber law and cyber security issues require international cooperation among various nations and law enforcement agencies.

For instance, if a simple exercise of internet protocol tracking is undertaken, it takes months before any information is received from a foreign jurisdiction. Even in such cases, these are exceptional cases and not a general practice. In this process, the crucial digital evidence is lost forever and the cyber crimes investigation becomes a cold trail.

As there is a severe conflict of laws in cyberspace, it is very important to be aware of various technology related laws of various jurisdictions. However, it is not possible to be aware of all the laws of various jurisdictions. In order to spread public awareness in this regard, Perry4Law Organisation (P4LO) has been managing a dedicated blog on international legal issues of cyber attacks and cyber security. It is the exclusive techno legal blog on the topic not only in India but in entire world.

The blog has covered many techno legal aspects like use of cyber espionage malwares, need for the national security policy of India, legal immunity against cyber deterrent acts in India, open source intelligence through social media websites, protection of Indian cyberspace, national counter terrorism centre (NCTC) of India, cyber security challenges of India, cyber preparedness of India, the Wassenaar Arrangement and cyber security issues, intelligence agencies reforms in India, banking cyber security, techno legal analysis of Gameover Zeus, cyber crimes insurance in India, smart cities cyber security in India, etc.

As on date we have no dedicated cyber security laws in India. This is the reason why cyber security is more ignored than complied with in India. Even the blooming e-commerce industry of India is devoid of required cyber security practices and requirements. Cyber security of banks in India is also not upto the mark. This has forced the Reserve Bank of India to constitute a IT subsidiary that would consider, monitor and prescribe cyber security related rules, regulations and practices for banks in India. Even the Companies Act 2013 has prescribed cyber security obligations for the directors of companies. This is in addition to the cyber law obligations of banks and directors of Indian companies.

It is well understood that international legal issues of cyber attacks are not easy to handle. Nevertheless, Indian government cannot afford to ignore this situation and it must urgently work towards making Indian cyber security robust, resilient and effective. P4LO hopes that our readers would find our blog on international legal issues of cyber attacks, cyber law and cyber security useful.

Posted in Uncategorized | Comments Off

School Children In India Must Be Suitably Educated About Cyber Issues

School Children In India Must Be Suitably Educated About Cyber IssuesProtecting children in cyberspace is a collective responsibility of all stakeholders, including Indian government. At a time when Indian government is adopting Digital India project, our society at large is required to take care of our children while they use Internet and information and communication technology (ICT).

There is no second opinion that children dealing with cyberspace require special attention and safeguards. Indian government and various stakeholders are required to adopt and use both legal and technical measures to safeguard interests of children. On the legal side we must have strong cyber law to punish the offender. On the technical side we must have effective technology, including hardware and software, which can prevent potential abuse of children in cyberspace.

While dealing with cyberspace, children may be either perpetrator or victim of cyber crimes, cyber bullying, pornography, etc. They must be made suitably aware as well as protected from these cyber threats. After all, human rights protection in cyberspace also includes protection of children’s human rights.

Child pornography is an area that requires special attention of Indian government. As per the cyber law trends of India 2013 (PDF) by Perry4Law’s Techno Legal Base (PTLB), child pornography in India is becoming a big nuisance. An Advisory (PDF) by Home Ministry of India on Preventing and Combating Cyber Crime against Children in India has also been issued. Recently Interpol helped India in tracking child porn surfers. We also need such Techno Legal Framework so that child pornography can be curbed to the maximum possible extent in India.

Cyber law and cyber security awareness must also be made available to children at the school level itself. Schoolchildren must be made aware about the provisions of Information technology Act, 2000 (IT Act 20000 and other laws of India so that they are well aware of the consequences of their acts or omissions in the cyberspace. Similarly, cyber security related aspects must also be taught to them to keep their cyberspace behaviour and activities cyber safe.

At PTLB Virtual Campus we believe that online skills development and education initiatives can play a significant role in educating our young generation. Virtual campus and e-learning platforms can provide “learn as you wish models” to school students that they can access from both school and their homes.

PTLB’s Online Skills Development and Training Platform has dedicated separate skills development, education and training courses for school students in the fields like cyber law, cyber security, etc. More details and the enrollment procedure would be announced by us very soon. Till then please visit the website and its segments on a regular basis.

Posted in Uncategorized | 1 Comment

Cyber Security Challenges In India Would Increase

Cyber Security Challenges In India Would IncreaseCyber security is a complicated process to manage. It requires both technological expertise and legal compliances. Some developed nations have enacted cyber security regulations but they have outlived their natural lives. The present day cyber security regulations require a techno legal orientation that is a big challenged for legislators around the world.

India has enacted the information technology act, 2000 that governs legal issues of e-commerce, e-governance, cyber crimes, etc. However, techno legal experts believe that Indian laws like IT Act 2000 and telegraph act require urgent repeal and new and better techno legal laws must be enacted to replaces these laws.

There are no dedicated cyber security laws in India. Indian government has drafted the cyber security policy of India 2013 but the same has not been implemented so far. Further, the policy is also suffering from many shortcomings including lack of privacy and civil liberties protection and absence of cyber security breaches disclosure norms. The cyber security trends of India (PDF) have also shown poor cyber security preparedness of India to protect its cyberspace and critical infrastructures.

India has still to take care of issues like critical infrastructure protection (PDF), cyber warfare policy (PDF), cyber terrorism, cyber espionage, e-governance cyber security, e-commerce cyber security, cyber security of banks, etc. Companies and individuals are also required to cyber insure their businesses from cyber threats.

A cyber crime prevention strategy of India may be formulated very soon by Indian government. This has come in the wake of a public interest litigation (PIL) filed at the Supreme Court of India that has asked the centre to frame regulations and guidelines for effective investigation of cyber crimes in India. Simultaneously, the cyber crime investigation trainings in India are also needed.

The offensive and defensive cyber security capabilities of India are also required to be developed. A cyber attacks crisis management plan of India must also be formulated to tackle cyber attacks and cyber terrorism against India. The proposed National Cyber Coordination Centre (NCCC) of India is a good initiative regarding strengthening of Indian cyber security capabilities. The National Critical Information Infrastructure Protection Centre (NCIPC) of India would also come handy in protecting Indian cyberspace.

The ambitious project named Digital India would also required very robust and effective cyber security infrastructure and capabilities on the part of Indian government and its agencies. There is no international cyber security treaty (PDF) or cyber law treaty that can help in resolving conflict of laws in cyberspace. Even a simple task of obtaining digital information from foreign companies like Google takes months to achieve. Till that time the crucial evidence is already gone and the received information proves worthless.

We at Perry4Law Organisation and Perry4Law’s Techno Legal Base (PTLB) believe that the cyber security breaches have significantly increased world over.  The cyber security challenges in India are not easy to manage especially when India is a late entrant in this field. There is no doubt that Indian cyberspace must be protected on a priority basis as India would be relying more and more on digital services in the near future.

Posted in Uncategorized | Comments Off

India Is A Sitting Duck In The Cyberspace And Civil Liberties Protection Regime

PRAVEEN DALAL MANAGING PARTNER OF PERRY4LAW CEO PTLBIndian Citizens, Political Organisations and Government Departments have been systematically targeted for Cyber Attacks for long. India was least bothered about these issues as India lacked Cyber Security Capabilities to tackle these sophisticated cyber attacks. The Cyber Security Trends in India 2013 (PDF) and Global Cyber Security Trends and Updates 2014 by Perry4Law and PTLB have highlighted many “Shortfalls and Weaknesses” of Indian Cyber Security Efforts and Initiatives.

Amid all these chaos the Indian Government introduced the National Cyber Security Policy of India 2013 (NCSP 2013). The NCSP 2013 can be accessed Here (PDF) and an analysis of the same makes it clear that it failed to address many crucial Techno Legal Issues including Privacy and Data Protection.  We have no dedicated Privacy and Data Protection Laws (PDF) in India as on date despite the pressing requirement for the same.

India is a Sitting Duck in the Cyberspace and Civil Liberties Protection Regime. Malware like Stuxnet, Duqu, Flame, Uroburos/Snake, Blackshades, FinFisher, Gameover Zeus (GOZ), etc cannot be tackled by India due to lack of Offensive and Defensive Cyber Security Capabilities. Cyber Security Breaches are increasing World over and India must be “Cyber Prepared” to deal with the same. The Cyber Security Challenges before the Narendra Modi Government are not easy to manage and Indian Cyberspace must be protected on a “Priority Basis”.

Civil Liberties like Privacy Rights must be respected by all. However, US FISA Court is a big trouble for Indian Privacy and Civil Liberties. For too long issues like Privacy Laws have been ignored in India and the Narendra Modi Government must ensure Privacy to Indians on a “Priority Basis”. The Policies in this regard must be changed urgently and work in the direction of enactment of dedicated Privacy and Data Protection Laws of India must be started as soon as possible. Intelligence Agencies Reforms in India must also be placed on the “Priority List” of Modi Government.

India must also stress upon “Indigenous Cyber Capabilities” to neutralise any isolation attempts through mechanisms like Wassenaar Arrangement. India has recently opposed the proposal to include Cyber Security Technologies under the Wassenaar Arrangement.

But the ultimate test for Modi Government is to “Stand Up” and show that India is not a Sitting Duck in the fields of Cyber Security, Civil Liberties Protection and Cyber Security Capabilities. Of course, India must make her “Own House in Order” before proving that “Character and Strength”.

Posted in Uncategorized | Comments Off

US Justice Department Charges Russian National For Creation Of Gameover Zeus (GOZ) Botnet

US Justice Department Charges Russian National For Creation Of Gameover Zeus (GOZ) BotnetThe Gameover Zeus or GOZ botnet is a well known malware that is capable of stealing sensitive banking and financial information and details. It fist appeared in the year 2007 and then changed its form from time to time. The second version of Zeus malware shifted its base from a centralised command and control server to peer-to-peer in September 2011. This has made it very difficult to apply countermeasures against Zeus that is now known as Gameover Zeus (GOZ) botnet.

It has been reported that the US Justice Department has indicted a Russian national with writing computer code used to compromise banking systems and assist others in stealing banking credentials. The government has unsealed a 14-count indictment accusing Russian national Evgeniy Mikhaylovich Bogachev, who authorities said is known online as Lucky12345, of involvement in the creation of the Gameover Zeus, or GOZ botnet. Authorities claim Bogachev and his group infected thousands of business computers with software that captured passwords, account numbers, and other information.

An international operation disrupted the crime ring. The European Cybercrime Centre also participated in the operation, along with Australia, Canada, France, Germany, Italy, Japan, Luxembourg, New Zealand, Ukraine and the United Kingdom. Intel, Microsoft, security software companies F-secure, Symantec, and Trend Micro, and Carnegie Mellon University also supported the operation.

Authorities used technical and legal tactics to interrupt the so-called botnet’s operations, shutting down the servers the criminals used to control infected machines and causing those machines to “phone home” to servers controlled by law enforcement.  As part of the cleanup effort, federal agents have redirected infected computers to Homeland Security servers to identify victims and provide information about how to remove the malware. Victims can head over to the DHS’s Computer Emergency Readiness Team (US-CERT) website for assistance.

In a separate action, U.S. and foreign law enforcement officials also seized control of the malware known as Cryptolocker, which locks victims out of their computer files until they pay a ransom.

“This operation disrupted a global botnet that had stolen millions from businesses and consumers as well as a complex ransomware scheme that secretly encrypted hard drives and then demanded payments for giving users access to their own files and data,” said Deputy Attorney General James M. Cole.   “We succeeded in disabling Gameover Zeus and Cryptolocker only because we blended innovative legal and technical tactics with traditional law enforcement tools and developed strong working relationships with private industry experts and law enforcement counterparts in more than 10 countries around the world”.

The Gameover Zeus botnet operates silently on victim computers by directing those computers to reach out to receive commands from other computers in the botnet and to funnel stolen banking credentials back to the criminals who control the botnet.  For this reason, in addition to the criminal charges announced today, the United States obtained civil and criminal court orders in federal court in Pittsburgh authorizing measures to redirect the automated requests by victim computers for additional instructions away from the criminal operators to substitute servers established pursuant to court order.   The order authorizes the FBI to obtain the Internet Protocol addresses of the victim computers reaching out to the substitute servers and to provide that information to US-CERT to distribute to other countries’ CERTS and private industry to assist victims in removing the Gameover Zeus malware from their computers.   At no point during the operation did the FBI or law enforcement access the content of any of the victims’ computers or electronic communications.

Posted in Uncategorized | Comments Off

Iranian Hackers Created False Social Networking Accounts And A Bogus News Website To Spy On Military And Political Leaders In The US

Iranian Hackers Created False Social Networking Accounts And A Bogus News Website To Spy On Military And Political Leaders In The USFake identities and pseudonymity is a common feature of Internet. The United States has been planning to use fake virtual people botnet and persona management software for long. Till now U.S. must actually be using these tactics. It has been alleged that radio waves and malware have been used by United State’s NSA for world wide e-surveillance.

The relationship between intelligence community, social media and open source intelligence is now well established. It is common practice among intelligence agencies around the world to use social media platforms and Internet for gathering intelligence related information and data. The cyberspace landscape of India is fast changing as is reflected in various cyber security and ICT trends. Keeping the contemporary requirements, the intelligence infrastructure of India needs transparency and strengthening.

It has been reported that the Iranian hackers created false social networking accounts and a bogus news website to spy on military and political leaders in the United States, Israel and other countries. ISight Partners, which uncovered the operation, said the targets include a four-star U.S. Navy admiral, U.S. lawmakers and ambassadors, and personnel from Afghanistan, Britain, Iraq, Israel, Saudi Arabia and Syria.

The firm declined to identify victims and said it could not say what data had been stolen by the hackers, who were seeking credentials to access government and corporate networks, as well as intelligence on weapons systems and diplomatic negotiations.

ISight dubbed the operation “Newscaster” because it said the Iranian hackers created six “personas” who appeared to work for a fake news site,, which used content from the Associated Press, BBC, Reuters and other media outlets. The hackers created another eight personas that purported to work for defense contractors and other organizations, iSight said.

The hackers set up false accounts on Facebook and other social networks for these 14 personas, populated profiles with fictitious personal content, and then tried to befriend targets, according to iSight. The operation has been active since at least 2011, iSight said, noting that it was the most elaborate cyber espionage campaign using “social engineering” uncovered to date from any nation.

To build credibility, the hackers would approach high-value targets by first establishing ties with the victims’ friends, colleagues, relatives and other connections over social networks including Facebook Inc, Google Inc LinkedIn Corp and Twitter Inc. The hackers would initially send the targets content that was not malicious, such as links to news articles on, in a bid to establish trust. Then they would send links that infected PCs with malicious software, or direct targets to web portals that ask for network log-in credentials, iSight said.

Iranian hackers stepped up their activity in the wake of the 2010 Stuxnet computer virus attack on Tehran’s nuclear program, widely believed to have been launched by the United States and Israel. Malware like Stuxnet, Duqu, Flame, Uroburos/Snake, Blackshades, FinFisher, etc have changed the way cyber warfare and cyber espionage battles are fought these days.

ISight said it could not ascertain whether the hackers were tied to the Tehran government, though it believed they were supported by a nation state because of the operation’s complexity.

Posted in Uncategorized | Comments Off

Joshua Rogers Detected SQL Injection Vulnerability In EBay’s Sub Domain

Joshua Rogers Detected SQL Injection Vulnerability In EBay’s Sub DomainEBay has been facing litigations in United States and Europe over the cyber breach of its computer systems. These investigations would analyse whether EBay has failed or not to adhere to proper cyber security practices and disclosure norms. Meanwhile, EBay is planning to boost the cyber security of its systems and this effort seems to be working.

Recently the IT security expert Joshua Rogers discovered SQL Injection vulnerability on sub domain. Whilst looking for some bugs in EBay, he came across the domain It appeared to be a domain for phone users on the old “Three” phone carrier/network that has been bought out by Vodafone awhile ago.

On the third tab of the page, there was a link to the “Categories section”. This is a list of categories as to where you can view items to buy or as was in this case, go into a sub-category. Joshua noticed that there were a few $_GET parameters being used. He just put a simple apostrophe into the end of the first parameter, “emv_CatParent”.
To his amazement, it came back with a half-completed page (Pretty much the poster-child of a blind SQL Injection).

He faced some trouble during his exploration as the Microsoft SQL Server was being used for the backend, not a unix-based one. He loaded the website into sqlmap and did everything through there. First, he scanned the parameter to see if my assumption was right. He found that 1 to 10 columns were injectable. He also found that the “Microsoft SQL Server/Sybase stacked queries” were also injectable. This meant possible file write/read and he did not look further into this research.

He intimated about this vulnerability to Ebay that was grateful to him for exposing this vulnerability. Very soon EBay patched the vulnerability and publicly acknowledged the efforts of Joshua. This is best step that Ebay team has done after the recent cyber breach.

Posted in Uncategorized | Comments Off