Tech trends: Data breaches forced governments, enterprises to focus on cyber security
New Delhi: Mega cyber attacks such as "WannaCrypt" and "Petya" this year forced governments and enterprises globally, including in India, to focus and invest more on bolstering their security networks.
In the first major attack of the year, the world reeled under "WannaCrypt" that locked files on computers. Hundreds of thousands of computers were infected with the malware in May.
The primary reason for this attack being successful was not the software but human error. On March 14 this year, Microsoft released a security update which addressed the vulnerability in the 16-year-old Windows XP operating system.
Once the patch for the vulnerability was released, hacker group "Shadow Brokers" exploited this loophole and wreaked havoc in 150 countries. Those who installed the update were saved, while several who did not, fell prey to the attack.
Soon after the "WanaCrypt" attack, tens of thousands of computers globally were affected by the "Adylkuzz attack" that shut down SMB networking to prevent further infections with other malware (including the WannaCrypt worm).
While Europe and major parts of the world struggled with another big ransomware attack called "Petya", India also bore the brunt. Some Indian servers were down owing to the Petya attack.
The Shipping Ministry said operations at one of the container terminals at Mumbai's Jawaharlal Nehru Port Trust (JNPT) was affected by Petya.
Companies like Genesis BM, a public relations firm, had to shut down systems in India after their international servers were attacked.
The month of May saw another cyber attack when a malware called "Judy" hit over 36.5 million Android-based phones, making its way through Google Play Store.
In August, the "Locky" ransomware, once considered almost defunct, sent over 23 million emails with the malware to the US workforce in just 24 hours. It scrambled the contents of millions of computers and demanded payment to unlock it.
A group of hackers leaked the "Game of Thrones" script, along with 1.5TB of HBO data that included other popular TV shows. The hacking group demanded approximately $6.5 million worth of Bitcoins from HBO.
A group of hackers also penetrated Equifax -- one of the largest credit bureaus in the world -- and stole personal data of 145 million people. Accountancy firm Deloitte was also targeted by a sophisticated hack that compromised the confidential emails and plans of some of its blue-chip clients and the attack went unnoticed for months.
In November, Yahoo agreed that it was attacked in 2013 wherein criminals had information about all three billion accounts. In another massive attack, hackers stole the personal data of 57 million customers and drivers from Uber Technologies. The breach was concealed for more than a year.
Most companies fall victim to cyber attackers either because of unpatched software with known vulnerabilities or because of the human factor like people falling victim to phishing emails, Finland-based cyber security firm F-Secure said.
Later in the year, the enterprise cyber security company FireEye said Chinese advanced persistent threat (APT) groups that have allegedly been creating cyber havoc internationally will shift their focus in 2018 to countries like India and Hong Kong and groups seen as a threat to Beijing's influence over global markets.
Slowly becoming aware of emerging cyber threats, organisations worldwide will spend $96.3 billion on security in 2018 -- an increase of eight per cent from 2017, according to a Gartner forecast.
More than 60 per cent of organisations globally will invest in multiple data security tools by 2020 -- up from 35 per cent today, it added.
"Cyber attacks such as WannaCry and NotPetya, and most recently the Equifax breach, have a direct effect on security spend, because these types of attacks last up to three years," the market research firm said.
To ward off future attacks, the Indian government set up NIC-CERT centre to monitor, detect and prevent cyber attacks on government networks. NIC-CERT will work in close coordination and collaboration with sectoral CERTs and CERT-In.
Prime Minister Narendra Modi inaugurated the fifth edition of the Global Conference on Cyber Space (GCCS) in New Delhi in November that witnessed top global security experts deliberating on ways to fight cybersecurity.
2017: Highlights
* "WannaCrypt" attack infected more than 230,000 computers in over 150 countries in a single day
* "Petya" ransomware attack hit India as some servers in the country became victim to the attack
* "Judy" malware hit over 36.5 million Android-based phones
* "Locky" ransomware sent over 23 million emails with the malware to the US workforce in just 24 hours
* The Indian government set up NIC-CERT centre to monitor, detect and prevent cyber attacks on government networks
* Prime Minister Narendra Modi inaugurated the fifth edition of the Global Conference on Cyber Space (GCCS) in New Delhi in November.
Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.
Kerala: ED files money laundering case in Sabarimala gold loss case
Thiruvananthapuram/New Delhi (PTI): The Enforcement Directorate on Friday filed a money laundering case in the Sabarimala gold loss case in Kerala, official sources said.
The federal probe agency's Kochi zonal office has registered an Enforcement Case Information Report (ECIR), an ED equivalent of a police FIR, under various sections of the Prevention of Money Laundering Act (PMLA), they said.
The politically sensitive case is already being investigated by a state special investigation team (SIT) under the supervision of the Kerala High Court.
In December, the high court had allowed the ED to undertake an independent investigation into the case after it dismissed objections raised by the SIT against sharing the case information with the central agency.
The SIT is probing two cases related to the gold loss incident and has arrested 11 people so far. The latest to be arrested by the SIT was Kandararu Rajeevaru, the chief priest of the Lord Ayyappa temple.
The other prominent persons arrested in the case by the SIT are Bengaluru-based businessman and prime accused Unnikrishnan Potty and former Travancore Devaswom Board president A Padmakumar.
The ED is expected to soon look for more evidence, question the accused, and it may also go on to attach certain assets of those involved if it finds that they generated "proceeds of crime", according to the officials.
The probe is related to a series of irregularities, including official misconduct, administrative lapses and a criminal conspiracy to misappropriate the gold from the various artefacts of the Lord Ayyappa shrine.
The investigation by the SIT, and now by the ED, is related to the loss of gold from the gold-cladded copper plates of the Dwarapalaka (guardian deity) idols and the door frames of the Sreekovil (sanctum sanctorum) of the temple.
The SIT has informed the High Court that its probe found "a series of serious official misconduct and administrative lapses on the part of the Devaswom officials right from the initial correspondence till the handing over of the door frame plates, connected plates, Dwarapalaka plates and pillar plates to Unnikrishnan Potty without proper authorisation".
It further said in its statement that Govardhan, Pankaj Bhandari, the CEO of Chennai-based Smart Creations, which carried out the electroplating of the artefacts from the temple, Potty and the other accused hatched a criminal conspiracy with malicious intention to misappropriate the gold cladded on the copper plates in and around the shrine.
"It is found during the investigation that all these criminal activities were part of a large conspiracy and an organised crime committed by the accused persons.
"They had a larger plan to dismantle other gold-clad items on the Sabarimala Sreekovil and to extract the gold from them for misappropriation," it said.
