Contact Us
whatsapp

Major Cyber Attacks on India (Alarming News)

Security Testing

Thursday August 23, 2018

Cyber Attacks is an attempt to destroy or infect computer networks in order to extract or extort money or for other malicious intentions such as procuring necessary information.

Cyber attacks alter computer code, data or logic via malicious code resulting in troublesome consequences which can compromise the information or data of the organizations to make it available to cybercriminals.

Cyber attacks consist of various attacks which are hacking, D.O.S, Virus Dissemination, Credit Card Fraud, Phishing or Cyber Stalking.

Out of the top 10 most targeted countries by cyber attackers, India ranks fourth and cybersecurity defenders are facing a lot of threats from these cyber criminals. cyber attacks is an illegal activity and is continuously increasing in India for financial loot.

Major and Minor Cyber Attacks in India 2018

SIM Swap Fraud

In August 2018, two men from Navi Mumbai were arrested for cybercrime. They were involved in fraudulent activities concerning money transfers from the bank accounts of numerous individuals by getting their SIM card information through illegal means.

cyber attacks

These fraudsters were getting the details of people and were later blocking their SIM Cards with the help of fake documents post which they were carrying out transactions through online banking.

They were accused of transferring 4 crore Indian Rupees effectively from various accounts. They even dared to hack the accounts of a couple of companies.

Know More: 50 QA Interview Questions to Land a Job

Prevention: The information required for such a scheme is gathered via various public domains and is misused later. Sharing personal information with unknown applications and domains can help in minimizing the risk of having your personal information reaching people with malicious content.

Fraudsters use the victim’s information in various scams and trick them into fraudulent activities. It is advisable therefore that the site where n individual is entering his banking or other details should be verified for authenticity, as scammer uses the fake site to get the information directly from prospective victims

Cyber Attack on Cosmos Bank

 A daring cyber attacks was carried in August 2018 on Cosmos Bank’s Pune branch which saw nearly 94 Crores rupees being siphoned off.

Hackers wiped out money and transferred it to a Hong Kong situated bank by hacking the server of Cosmos Bank. A case was filed by Cosmos bank with Pune cyber cell for the cyber attack. Hackers hacked into the ATM server of the bank and stole details of many visa and rupee debit cards owners.

The attack was not on centralized banking solution of Cosmos bank. The balances and total accounts statistics remained unchanged and there was no effect on the bank account of holders. The switching system which acts as an interacting module between the payment gateways and the bank’s centralized banking solution was attacked.

cyber attacks

The Malware attack on the switching system raised numerous wrong messages confirming various demands of payment of visa and rupee debit card internationally. The total transactions were 14,000 in numbers with over 450 cards across 28 countries.

On the national level, it has been done through 400 cards and the transactions involved were 2,800. This was the first malware attack in India against the switching system which broke the communication between the payment gateway and the bank.

Prevention: Hardening of the security systems by limiting its functions and performance only to authorized people can be the way forward.

Any unauthorized access to the network should immediately set an alarm to block all the access to the bank’s network. Also, to minimize risk, enabling a two-factor authentication might help.

Through testing, potential vulnerabilities can be fished out and can make the entire digital part of the banking system safe.

ATM System Hacked in Kolkata

In July 2018 fraudsters hacked into Canara bank ATM servers and wiped off almost 20 lakh rupees from different bank accounts. The number of victims was over 50 and it was believed that they were holding the account details of more than 300 ATM users across India.

The hackers used skimming devices on ATMs to steal the information of debit card holders and made a minimum transaction of INR 10,000 and the maximum of INR 40,000 per account.

On 5 August 2018, two men were arrested in New Delhi who was working with an international gang that uses skimming activities to extract the details of bank account.

Prevention: Enhancement of the security features in ATM and ATM monitoring systems can prevent any misuse of data.

Another way to prevent the fraudulent activity is to minimize the risk of skimming by using lockbox services to receive and transfer money safely.

This uses an encrypted code which is safer than any other payments.

Websites Hacked: Over 22,000 websites were hacked between the months of April 2017 and January 2018. As per the information presented by the Indian Computer Emergency Response Team, over 493 websites were affected by malware propagation including 114 websites run by the government. The attacks were intended to gather information about the services and details of the users in their network.

Prevention: Using a more secure firewall for network and server which can block any unauthorized access from outside the network is perhaps the best idea.

Personal information of individuals is critical for users and cannot be allowed to be taped into by criminals. Thus, monitoring and introducing a proper network including a firewall and security system may help in minimizing the risk of getting hacked.

Phishing Attack on Wipro

cyber attacks

There were reports about an attack on Wipro system by major online news portals.  Attack as per reported was a phishing attack and was done by a group through gift card fraud.

Even though the attack was not a massive one, many employees and client accounts were compromised.

How to avoid Phishing attack?

  • Always think before you click. Phishing link can impersonate as authentic links with some minor change that might not be visible at a single glance. Make sure that you have read the complete link before clicking it
  • Install measures that can effectively prevent such attacks
  • Make sure that the websites you are accessing are secure. Usually, a secure website will have a security certificate to safeguard all the customer information. Make sure that that website begins with https and has a lock symbol on the extreme left of the address bar.
  • Check your online account on a regular basis and make sure that there are no suspicious activities. Change the password frequently.
  • Update your browsers regularly as updates often will have security patches for existing loopholes.
  • Keep your personal details secret
Bib B Amitabh Bachchan ‘s Twitter Account Hacked!

Lately, Amitabh Bachchan’s twitter handle got hacked and the perpetrators posted hateful messages putting everybody in shock.

This can happen to big companies also. However, if the news gets out this can be a huge blow to the credibility of any company.

How to prevent Social Media Profile Hacking?

  • Social media is infested with third-party applications. Make sure that you are using legitimate authorized applications
  • Use strong credentials and change it often
  • Install proper antivirus
  • Enable two-factor authentication

Exposed Health Care Data

Be it any government-related data; it has to be kept in utmost secrecy. What if it’s exposed? That’s what happened lately when healthcare data of India was left exposed without enough security measure.

This mistake was found out by Bob Diachenko during a regular security audit. He found out that India based IP contained a data pack that’s been left exposed without any security measures.

How to Prevent Database Hacking?

  • Make sure that proper web application firewall is installed
  • Strengthen network security by login expiration, changing password,
  • Make sure that the admin level of your website is not exposed with a simple password
  • Change the database prefix from wp6 to something random which can’t be guessed
  • Stay updated regarding the latest hacking threats

How to prevent Database Hacking?

  • Make sure that proper web application firewall is installed
  • Strengthen network security by login expiration, changing password,
  • Make sure that the admin level of your website is not exposed with a simple password
  • Change the database prefix from wp6 to something random which can’t be guessed
  • Stay updated regarding the latest hacking threats
Personal Data Exposed from JustDial Database

An unprotected API end was the issue in this incident. Justdial one of India’s leading local search platform let a loose end which exposed all of their user data who accessed their services through the web, mobile, and their phone number.

Leaked data includes name, email, number, address gender, etc. the shocking part according to reports is that since 2015 the API has been exposed like this.

How to make your API secure?

  • Validate all the incoming data
  • Use the essential method for authentication verification
  • Monitor and manage using automated scripts
  • Encrypt data

Security Testing and its Significance

Hackers and criminals are getting smarter every day. The counter measure is to predict their attack and block it in the most effective way possible before any unfortunate events.

In Testing, mostly 4 major types of testing ate performed

  • Network security
  • System software security
  • Client-side application security
  • Server-side application security

For these testing to happen in the most efficient way possible it’s better to have a dedicated testing wing along with software development or hire services from an agency.

Mail

Hire

Cost Calc.

WhatsApp

Call Us