Patient database vulnerable tweets cyber security whiz
Cybersecurity experts and companies voluntarily test and expose cyber vulnerabilities of government bodies, but on Monday night it was corporate hospitals chain Apollo Hospitals’ turn to receive an alert. The healthcare major was alerted via a tweet by a French security researcher about personal data of millions of patients being at risk. The latest alert highlights the vulnerability of the huge amount of patient data private hospitals are sitting on. The tweet by Elliot Alderson read: “Hi @HospitalsApollo, a serious security issue has been discovered in your system, can you contact me by DM. Experts believe through such a vulnerability may not mean a threat to the patient’s bank balance, it definitely raises a grave privacy concern. Alderson told TOI that though the Apollo Hospitals team initially tweeted him, asking for his email id and location, it was later pulled down. The personal data of millions of people are at stake, this is important. Many hospitals even take photographs along with other basic details, which can be misused,” said Suyusha, a patient. ” This was retweeted and flagged hundreds of times, with much-expressing concern. “It is a privacy and confidentiality concern and can also lead to identity theft in future when more data with Aadhaar is available online.
Cybersecurity skill demand in India triples in last one year
According to a survey by outbound hiring firm, Belong, the demand for cybersecurity professionals in India has gone up three times in past 12 months creating an eminent skill gap. “As companies seek to bolster their defence against data security breaches, the demand for cybersecurity experts in India has outstripped supply of these professionals by three times over the past 12 months,” the company stated in a release. There is also a possibility of companies hiring a senior level professional, who will be based in some other country, to lead a team here in the country. ” An earlier survey by EC-Council has concluded that “The skill gap in the cybersecurity industry spans all levels, from CISOs to security analysts. “Further within the technology sector, the demand is spread between ITeS (25 percent), the software product (non-security) or shared services or captives (24 percent) and security companies (9 percent),” suggested a report on PTI. “With the demand escalating, there may also rise an in expats hiring, especially for the mid-level or senior level roles where experience is needed. In fact, surveys have projected that the gap between cybersecurity professionals and unfilled positions will expand to 1. With the penetration of internet and knowledge of cybersecurity, the demand is only going to increase, suggested Rishabh Kaul, co-founder of Belong. It appears that the shortage of skilled professionals is not a problem that will be solved in the conceivable future. According to the report, “most companies are struggling by either giving more responsibilities to their mid-senior level executives or depending on third-party players.
Strategic installations should go for regular cyber-security audits: Rajnath Singh
Warning of a lurking cyber attack threat to India’s critical infrastructure, Home Minister Rajnath Singh on Saturday asked those in the power, rail and nuclear energy sectors to conduct regular cyber-security audits against potential sabotage bids. Addressing CISF jawans and officers on the 49th raising day of the paramilitary force at its camp in Ghaziabad, Singh said a cyber-security plan against such new age threats should not only be prepared but also strengthened from time to time. The veteran BJP leader added that the best strategy to counter these threats was to be “prepared” for them and that keeping this in mind, a new division of cyber security was recently created in his ministry even as there was one at the federal-level, known as the National Critical Information Infrastructure Protection Centre (NCIIPC. Singh, who took the salute of the CISF anniversary parade, said data theft, fraud and hacking were some of the major threats to India’s critical assets and networks in the power sector, railways, nuclear power and airports as there had been attempts to penetrate their defence and breach the firewall. Critical industrial and strategic installations of the country should get a cyber-security audit done regularly to keep a check on potential sabotage and hacking-like attacks, he said. He also urged all the Central Armed Police Forces (CAPFs) like the CISF to launch special recruitment drives to induct more women personnel into their ranks in order to achieve the government’s goal of having 33 percent women in the forces. The Central Industrial Security Force (CISF) was raised in 1969 and today’s event was held in the absence of a regular chief of the force for the first time in its history. “I would suggest that you (CISF) should earmark 2018 as the year for planning and strive to be a newer and modern force by 2022 when India celebrates the 75th year of its independence,” the minister, whose department is responsible for the internal security of the country, said.
Government fails to combat cyber attacks
A government official said cybersecurity mock drills are conducted regularly to enable assessment of cybersecurity posture and preparedness of organisations in government and critical sectors. “Hacking has increased because cybercriminals have quickly realised that India is not focusing on cybersecurity. Officials of the Ministry of Electronics and Information Technology and IT officials said organisations use servers to host websites and applications for the dissemination of information and providing services to users. Despite regular security audits by government agencies, 22,207 Indian websites—including 114 government ones—were hacked during April 2017 to January 2018. NEW DELHI: Government fails to combat cyber attacks Efforts by the government to strengthen the digital and cybersecurity system has failed to stop cyber attacks. Officials said that the Indian Computer Emergency Response Team (CERT-In) has empanelled 67 security auditing organisations to support and audit implementation of Information Security Best Practices. India needs to focus far more on cybersecurity,” he said. CERT-In also conducts regular training programmes for network and system administrators and chief information security officers of government and critical sector organisations. “Servers not configured properly and are prone to hacking and could be misused by cybercriminals. They hack websites for professional reasons, to get access to information so that it can be sold.
53,000 cybersecurity incidents observed during 2017: Ravi Shankar Prasad
Prasad said CERT-In has entered into Memorandum of Understanding (MoU) with its overseas counterpart agencies – CERTs of the US, the UK, Japan, South Korea, Australia, Malaysia, Singapore, Canada, Vietnam, Uzbekistan and Bangladesh for information exchange and collaboration for cybersecurity incident response. The government has initiated setting up of National Cyber Coordination Centre (NCCC) in CERT-In to generate necessary situational awareness of existing and potential cybersecurity threats and enable timely information sharing for proactive, preventive and protective actions by individual entities, Prasad said adding that phase I of NCCC has been made operational. As per the information reported to and tracked by Indian Computer Emergency Response Team (CERT-In), a total number of 49,455, 50,362 and 53,081 cyber security incidents were observed during the year 2015, 2016 and 2017, respectively,” IT Minister Ravi Shankar Prasad said in a written reply to Rajya Sabha today. Prasad said the IT (Intermediary Guidelines) Rules 2011 under section 79 of the IT Act requires that intermediaries observe due diligence while discharging their duties and inform users of computer resources not to host, display, upload, modify, publish, transmit, update or share any information that is harmful, objectionable, affect minors and unlawful in any way. Over 53,000 cybersecurity incidents, including phishing, website intrusions and defacements and ransomware were observed in 2017, Parliament today said. In response to a separate question, Prasad said some instances of use of social media being misused for posting objectionable contents, defame public personalities and to spread terror propaganda have come to the notice of the government. The Information Technology (IT) Act, 2000 has provisions for removal of objectionable online content,” he said. The minister pointed out that CERT-In issues alerts and advisories regarding latest cyber threats/vulnerabilities and countermeasures to protect computers on regular basis. Besides, the government takes action under section 69A of IT Act for blocking of websites/web pages with objectionable contents, whenever requests are received from designated nodal officers or upon Court orders.
Cybercriminals now target co-operative banks, three defrauded
Taking advantage of cybersecurity lapses in the co-operative bank sector, cybercriminals have tried to cheat a co-operative bank thrice in a week and managed to make away with `22.15 lakh. According to sources, Town Co-Operative Bank Ltd, Hoskote, Chinthamani Branch on February 26 fell prey to cybercriminals. An account holder, Sri Lakshmi Venkateshwara service station, had submitted a request to the bank to transfer `22.15 lakh to the account of HPCL retail maintained at HDFC bank in Mumbai, police said. The request was approved by bank manager Anjinappa and the approved requisition was sent to the head office of Town Co-Operative Bank in Hoskote through email at 3.40 pm on the same day. But the email received by the head office under the same approved signature contained a different attachment of scanned copy having details of the beneficiary. The details of the attachment were totally different from what was actually sent by Anjinappa. The bank officials have told CID that the account holder banks with a State Bank of India branch located in Uttar Pradesh. The officials also suspected that their email ID was hacked. In two other cases, we were able to save `29.20 lakh due to alert staff,” he said. He also said that they have not hired any agency to look after the security of their servers and online systems. Police officials said that they have been able to freeze the account and the suspects have been arrested in Lucknow.
As spying tools get cheaper, Indian digital users must tread cautiously
Digital rights non-profit organisation Electronic Frontier Foundation has warned Indian digital users to adopt safe practices as the cost of tools used for spying is going down drastically, a report in a financial daily stated. In its report, it also said that India was one of the most targeted countries due to a rapid transition to a cashless economy and increased use of wireless data. The dummy app would then transmit a target’s data to the hacker, the report added. Incumbents of the espionage campaign would create a copy of popular apps such as WhatsApp, thus duping their targets to install it. In the past, the ability to spy on millions of peoples’ devices required a team of specialists working on expensive custom-made software,” Galperin told ET. “Now, people are selling platforms where nation-states can log into a portal and spy on whoever they want by clicking on a dashboard. It is the same technology that allows one to target people with ads and has the power to track where you are, what you like, etc. Galperin was one of four members who led the investigation into Dark Caracal, a global espionage campaign, in January, the ET report said. Dark Caracal was a decades-long surveillance programme that tracked governments, activists, military personnel, journalists, enterprises as well as educational, medical, and financial professionals in more than 21 countries, including India.
Avast: CCleaner hackers planned to infect victims with third-stage Chinese hacking tool
There is no evidence that ShadowPad ever found its way onto any computer beyond the four Piriform machines – suggesting that remediation of the original attack may have foiled the attackers’ plans before they were executed. According to Avast, its researchers found that four Piriform computers were infected with the cybercriminal tool ShadowPad, which gives attackers remote control capabilities as well as additional modular functionalities such as keylogging and password stealing. Avast Software, which acquired CCleaner along with the assets of its original developer Piriform in July 2017, acknowledged this latest discovery last week both on its blog site and the SAS conference in Cancun, Mexico. Injected in August 2017 and discovered a month later, the first-stage malware is essentially a backdoor that initially compromised machines and enabled the attackers to exfiltrate non-sensitive data about them. Of these impacted machines, only about 40 PCs operated by high-tech and telecommunications companies were further infected by a second-stage malware – leading researchers to conclude that the scheme was a supply chain attack designed infected a large pool of victims, from which a select targeted few would be further compromised. ” ShadowPad is believed to originate from the Chinese hacker group Axiom, whose code was already spotted in the original first-stage CCleaner malware by Kaspersky Lab researcher Costin Raiu. “The version of the ShadowPad tool is custom-built, which makes us think it was explicitly built for Piriform. By installing a tool like ShadowPad, the cybercriminals were able to fully control the system remotely while collecting credentials and insights into the operations on the targeted computer. The hackers who injected malicious code into a version of computer maintenance app CCleaner last year may have been preparing to deliver third-stage malware to at least a select few of the 2.27 million computers that had downloaded the tainted utility program. “We found out that the keylogger had been active since April 12th, 2017, recording keystrokes on these computers, including keyloggers from Visual Studio and other programs,” states blog post authors Vince Steckler, Avast CEO, and Ondrej Vlcek, EVP and GM of the consumer business unit. “
Cellebrite reportedly can unlock every iPhone Model
Israel-based Cellebrite reportedly privately announced the capability to subvert the security of iOS 11 enabled devices including the latest iPhone, iPad, iPad mini, iPad Pro and iPod touch. A separate source in the police forensics community told the publication Cellebrite told him the company could unlock an iPhone 8 and that he believed the same was possible for the most recent iPhone X. While the company hasn’t made a public announcement concerning its capabilities, anonymous sources told Forbes that in the last few months the company has developed undisclosed techniques to get into iOS 11 and is advertising them to law enforcement and private forensics firms across the globe. Despite the updates, it appears the exploits may have already been used on an iPhone X in a federal investigation involving an arms trafficking case, the publication said citing a warrant. “In addition to this potentially impacting civil rights and due process, it also relies heavily on the ability of Cellebrite (and similar firms) to keep the code out of the hands of malicious actors,” Soto said. Rod Soto, director of security research at JASK told SC Media history has taught us that keeping zero days in the name of security or for law enforcement is dangerous. A suspect’s device was sent to a Cellebrite specialist at the DHS Homeland Security Investigations Grand Rapids labs and the data extracted on December 5, 2017. ” He went on to say that once threat actors gain access to these tools, they can implement aggressive mass exploitations that have the potential to cause extensive losses and, in some cases, put the general population’s well-being at risk. “It’s difficult to do this, as evidenced by the leaks of NSA exploitation code. 2 to address several serious vulnerabilities that were spotted by Google Project Zero.
Don’t use Aadhaar Android App: French Hacker to India Today
When asked to give one piece of advice for ordinary citizens who use Aadhaar and don’t want their data to be compromised, UIDAI chief replied “it’s complicated, first don’t use the Aadhaar Android App at all, be cautious when you give your Aadhaar card to anyone. Asked about the main flaw of Aadhar system, Robert told India Today “the main issue with the Aadhaar Android app is that if an attacker has a physical access to the device, he can easily bypass the password mechanism they put in place in the app. Clarifying his claims of accessing almost 20,000 Aadhaar cards in a single day, he said “these cards can be found on the internet. The alleged French security expert, Elliot Alderson, who created a storm recently by claiming to have accessed over twenty thousand Aadhaar card specifics on a single day by using a simple internet search tool is back in the news. He elaborated how one can misuse the Aadhaar by physically accessing the device with the Android app. The UIDAI has issued a statement saying “by simply knowing someone’s Aadhaar, one cannot impersonate and harm the person because Aadhaar alone is not sufficient to prove one’s identity but it requires biometrics to authenticate one’s Identity. Robert has responded to UIDAI’s comments by saying “they (UIDAI) also said that the Aadhaar card is an identity document which is inconsistent with their statement. When India Today asked about his motivation behind exposing the security flaws which largely affects a foreign country he said “I just want to point these flaws and help companies to fix it. While UIDAI issued a statement saying “It is reiterated that Aadhaar remains safe and secure and there has not been a single breach from its biometric database during that last eight years of its existence.