thecybershark, Author at The Cyber Shark

Rajasthan Police launch ‘Operation Cyber Shield’ to combat cyber crimes

Rajasthan Police has launched Operation Cyber Shield to tackle cybercrime, focusing on resolving complaints, identifying hotspots, blocking suspicious SIMs, and raising public awareness. Jaipur: In a bid to curb the escalating graph of cyber crimes and organized financial fraud in Rajasthan Police , the Cyber Crime Branch of Rajasthan Police has initiated a month-long special campaign named ‘Operation Cyber Shield’. The campaign, spearheaded under the direction of Director General of Police (DGP) Utkal Ranjan Sahu, aims to crack down on cyber criminals, resolve pending cyber cases, and create public awareness about cyber security. The operation will run throughout January, a senior police official said. “The Rajasthan government and Rajasthan Police are committed to preventing cyber crimes,” said DG (Cyber Crime) Hemant Priyadarshi. “We appeal to citizens to report any suspicious cyber activities to the local police, the cyber security helpline 1930, or the cybercrime portal at National Cyber Crime Reporting Portal” he added. Citizens can also contact the police at 0141-2741322 to report incidents, the senior official added. Seven Strategies Focus Areas The campaign will tackle cybercrime through seven key focus areas: Resolving Cyber Complaints: All complaints reported through the cybercrime portal and helpline 1930 will be addressed. Blocking Suspicious SIMs and IMEIs: Identifying and deactivating suspicious SM cards and IMEI numbers linked to fraudulent activities. Targeting Crime Hotspots: Identifying areas prone to cybercrime and taking preventive action. Arresting Offenders: Pursuing wanted criminals, standing warrants, and proclaimed offenders in cyber-related cases. Recovering Mobile Devices: Focus on recovering and returning lost or stolen mobile handsets to their rightful owners. Public Awareness: Conducting widespread awareness campaigns to educate citizens about cyber crimes and preventive measures. Building a Cyber Criminal Database: Creating a comprehensive database of cyber criminals across Rajasthan for better tracking and prevention. “We have issued detailed guidelines to senior officers across all police ranges and districts through video conferencing to ensure the success of this campaign,” said Priyadarshi.

10 the Top News Stories and Cybersecurity of 2024

The ransomware juggernaut rolled inexorably in 2024, yet again, leaving more devastated Cybersecurity in its wake. This year, the UK’s NHS found itself at the receiving end of some particularly nasty attacks, but there were other high-profile victims as well. Meanwhile, state-backed cyber intrusions from China and Russia continued apace, driven by global geopolitical uncertainty. Many long-running Cybersecurity espionage campaigns were exposed. But if 2024 proved one thing only, it was that shining a light on the cyber underworld is working. The British are coming for the bad guys, as new attributions from the National Cybersecurity Centre (NCSC), takedowns led by the National Crime Agency (NCA), and proposed legislation highlighting ransomware threats to critical sectors is proving. If 2024 is remembered for anything in the cyber community, it may just be the year in which the good guys took the gloves off and fought back properly. Here are Computer Weekly’s Top 10 Cyber Crime stories of 2024. British Library ransomware attack could cost up to £7m The effects of the British Library ransomware attack at the end of 2023 continued to be felt into 2024 as the venerable institution continued to struggle to bring its crippled systems back online. In January 2024, it emerged that the scale of the ransomware attack was so immense and its effects so devastating, that it could end up costing the British Library up to £7m, dwarfing the £650,000 ransom demand. Later in the year, in a remarkable display of transparency, the British Library’s leadership published a detailed breakdown of their experience at the hands of the Rhysida ransomware crew, to help others learn and understand. SolarWinds hackers attack Microsoft in apparent recon mission Also in January, Cosy Bear, the Russia-backed hacking outfit behind the SolarWinds Sunburst incident, was back in action, breaking into Microsoft’s systems with a brute force, password spraying attack and from there accessing corporate accounts belonging to leadership and Cybersecurity employees. Microsoft is one of some suppliers that finds itself at the receiving end of such intrusions, thanks in part to its global reach and scale, and its in-depth relationships with Western governments, and has faced tough questions over its Cybersecurity posture in recent years as a result. Lock Bit locked out in NCA-led takedown One of the biggest stories of the year unfolded dramatically on a dull February day when the infamous Lock Bit ransomware gang was taken down and its infrastructure hacked and compromised in Operation Cronos, led by the UK’s National Crime Agency (NCA). In the immediate aftermath of the takedown, Computer Weekly took the temperature of the Cybersecurity community, finding upbeat sentiment, but also tempered by the knowledge that one swallow does not make a summer. Throughout the year, the NCA has been sharing a trove of information it gathered during the exercise, as well as taking time to mock and troll Lock Bit’s leader since named as Dmitry Khoroshev, who at one time boasted of his luxury lifestyle as he toyed with law enforcement. Mandiant formally pins Sandworm cyber-attacks on APT44 group In April, threat intel leaders Mandiant formally “upgraded” the malicious activity cluster known as Sandworm to a full-blown, standalone advanced persistent threat (APT) actor to be tracked as APT44 – other companies have different taxonomies, Mandiant’s is alphanumeric. APT44 is run out of Russia’s Main Intelligence Directorate (GRU) within Unit 74455 of the Main Centre for Special Technologies (GTsST) and is described as one of the most brazen threat actors around. Although it confines its activities to those in service of the Russian state rather than financially motivated criminality, the links between cybercrime and cyber espionage continued to blur during 2024, with some nation-state APTs even acting as initial access brokers (IABs) for ransomware gangs. NHS services at major London hospitals disrupted by cyber attack In early June, a major cyber-attack on Synovia, a pathology lab services provider that works with Guys and St Thomas’ and King’s College hospitals in London, as well as other NHS sites in the nation’s capital, was laid low by a Qulin ransomware attack. This intrusion resulted in a major incident being declared in the NHS, with patient appointments and surgeries cancelled, and blood supplies running dangerously low. The ramifications of this truly callous cyber-attack are still being felt six months on. UK Cyber Bill teases mandatory ransomware reporting All eyes were on Westminster in July for the first King’s Speech held under a Labour government in over a decade , and for the Cybersecurity community, there was plenty to pick over as Keir Starmer’s administration proposed implementing compulsory cyber incident reporting – including ransomware – for operators of critical national infrastructure (CNI), in a new Cybersecurity and Resilience Bill. According to the government for Cybersecurity , the law will expand the remit of existing regulation give regulators a more solid footing when it comes to protecting digital services and supply chains, and improve reporting requirements to help build a better picture of Cybersecurity . The Bill will likely be introduced to Parliament in 2025. NCSC and allies call out Russia’s Unit 29155 over cyber-warfare In September, the UK and its Five Eyes allies joined forces with the European Union (EU) and Ukrainian cyber authorities to highlight a dastardly campaign of cyber espionage conducted by Unit 29155, another Russian APT. Unit 29155 targets victims to collect information for espionage purposes, sabotages websites and daily operational capabilities and tries to cause reputational damages by selectively leaking important data. It has conducted thousands of exercises across NATO and the EU with a notable focus on CNI, government, financial services, transport, energy, and healthcare. It is also particularly notable for its involvement in the Whisper Gate campaign of destructive malware attacks against Cybersecurity to Ukraine in advance of the 2022 invasion. Money transfer firm MoneyGram rushes to contain cyber attack US-based financial services and money transfer outfit MoneyGram was another high-profile cyber attack victim to emerge in 2024, with its systems taken down in an apparent ransomware attack in September 2024.

Bank official among four held for siphoning Rs 12 crore from Bengaluru firm’s accounts

Investigations revealed the gang was transferring Rs 12.30 crore across multiple cyber criminals accounts, with similar cases filed against them in 12 police stations across eight states. Bapatla police have arrested two cyber criminals who transferred over Rs 74 lakh into fraudulent accounts, with two main suspects still at large. The arrests were announced by Bapatla District Superintendent of Police (SP) Tushar Dudi during a press conference on 02-01-2025. The victim, G Sri Lakshmi Vara Prasad Rao, a retired professor from Chundur, reported the cyber criminals after unknown individuals falsely accused him of money laundering and siphoned Rs 74 lakh from his bank account. Police promptly froze the accounts and launched an investigation. Amid rising cybercrime cases, SP Dudi formed special teams led by IT Core Sub-Inspector (SP) Naib Rasool and Chundur Circle Inspector (CI) Srikanth. The teams traced the suspects to Rajasthan and Mumbai, arresting Ramesh (A3) and Shrawan Kumar (A4), both from Rajasthan, while the primary accused, Akash Kulhari and Sriva Prasad, remain at large. Investigations revealed the gang was involved in transferring Rs 12.30 crore across multiple fraudulent accounts, with similar cases filed against them in 12 police stations across eight States, including Andhra Pradesh, Karnataka, Maharashtra, Odisha, West Bengal, Gujarat, Telangana, and Rajasthan. Ramesh and Shrawan are accused of transferring Rs 15 lakh and Rs 35 lakh, respectively, across several cases. Police seized Rs 7 lakh in cash, 24 ATM cards, and 11 checkbooks, and froze Rs 17.90 lakh in accounts linked to the suspects. The gang is believed to have defrauded victims of Rs 10 crore in 43 cases across 39 districts in 18 States, as recorded on the National Crime Records Bureau (NCRB) portal. The SP warned the public about such cyber scams, clarifying that ‘cyber criminals’ do not exist. He urged victims to immediately report cybercrimes by calling 1930. The SP commended the efforts of the IT core team, special squads, and police personnel in cracking the case, emphasizing ongoing efforts to apprehend the remaining suspects.

WhatsApp, the biggest social media platform misused by cyber criminals in India

14,746 complaints file for cyber criminals were related to WhatsApp, 7,651 against Telegram, 7,152 against Instagram, 7,051 against Facebook, and 1,135 against YouTube till March 2024, says MHA report WhatsApp remains the biggest social media platform that is possibly misused by cyber criminals in India, according to the latest annual report of the Union Home Ministry. The data published in the report on “cybercrime complaints where Big Tech platforms have been misused” shows that 14,746 complaints were related to WhatsApp, 7,651 against Telegram, 7,152 against Instagram, 7,051 against Facebook, and 1,135 against YouTube till March 2024. “Big techs play an important role in proactive identification and action on cyber criminals. I4C has partnered with Google and Facebook for sharing intelligence and signals for proactive actions,” the report said. National Cybercrime Threat Analytical Unit (NCTAU) of I4C analyses the complaints reported on the portal and prepares analysis reports on the latest trends of cybercrime and misuse of services provided by service providers, it said. “These reports are shared with all the concerned stakeholders, i.e., banks, wallets, merchants, payments aggregators, payment gateways, e-commerce, and other departments to take preventive measures and mitigate the misuse of their platforms/services,” the report said. The Ministry has also rolled out a Cyber Volunteer Framework, which enables citizens to enroll as cyber volunteers for reporting unlawful content on the Internet, dissemination of cyber hygiene, and as cyber experts to aid law enforcement under which 54,833 volunteers had registered by March 31, 2024, according to the report. The Ministry’s integrated platform Citizen Financial Cyber cyber criminals Reporting and Management System (CFCFRMS), where all stakeholders, including law enforcement agencies of States/Union Territories, all major banks and financial intermediaries, payment wallets, crypto exchanges, and e-commerce companies, work in tandem. The platform ensures quick, decisive, and system-based effective action to prevent the flow of money from the victim’s account to the cyber fraudster’s account, and the seized money is restored to the victim following due legal process, it said. “Since its launch in April 2021, so far this platform has been able to save more than Rs 16 billion from going into the hands of fraudsters, and thus benefiting more than 5,75,000 victims,” it said.

Protect Yourself from Cybercrime in 2025

In 2025, cybercrime has become more complex, with new threats like AI-driven attacks, IoT vulnerabilities, and advanced ransomware emerging. To stay safe, it’s crucial to use strong passwords, multi-factor authentication, and encryption. As technology Cybercrime continues to evolve, balancing security with innovation is key to protecting ourselves. Introduction Welcome to the not-so-distant future: the year 2025. By now, we’ve seen an explosion of digital Cybercrime transformation across every industry and sector. The convenience of online services has grown significantly, but so have the risks. Cybercrime in 2025 has reached unprecedented levels of complexity and scale. Hackers are more cunning, and new forms of cyberattacks are emerging faster than ever. Are you ready for what’s coming your way? In this article, we’re about to unpack the ever-shifting world of cybercrime, focusing on the trends, threats, and solutions that define 2025. We’ll journey through the evolution of hacking, dive into the scariest new tactics criminals are using Cybercrime , and explore what governments and individuals can do to keep themselves safe. Ready to peer into the digital crystal ball? Let’s get started. The Evolution of Cybercrime The world of cybercrime is like a twisted carnival, morphing its attractions and illusions year by year. Oldies ransomware to hang on with the newbie Digital arrest and AI-enabled Deepfakes. Understanding how we got here is critical if we want to predict where we might end up next. Early Hackers In the earliest days of computing, hacking was more like an intellectual sport for tech enthusiasts. They broke into systems to show off their skills and explore the hidden corners of the digital realm. Think of these early hackers as curious Cybercrime rather than criminal masterminds. Over time, however, the novelty wore off, and malicious intent began to take shape. The “harmless” pranks of the past gradually paved the way for more nefarious schemes that now have global consequences. 2020s: A Decade of Transformation The 2020s were a turning point in cybercrime. Smartphones, social media, and cloud computing have become ubiquitous. Remote work soared in popularity, and digital communication replaced face-to-face encounters. With these changes, criminals found an open invitation to exploit human error and poor security practices. Suddenly, huge data breaches became the norm rather than the exception, and Cybercrime were demanded in Bitcoin rather than unmarked bills. By the time 2025 rolled around, hackers had upped their game with sophisticated toolkits, AI-driven attacks, and specialized criminal networks that span the globe. Emerging Threats in 2025 So, what do cyber threats look like in 2025? The short answer: sharper, smarter, and far more disruptive. Cybercriminals leverage cutting-edge technology and exploit societal trends, causing havoc for both individuals and organizations. AI-Powered Attacks Remember when we used AI mainly for chatbots and Netflix recommendations? Those days feel distant. In 2025, AI is a double-edged sword. On one hand, legitimate businesses use it to automate tasks and enhance customer experiences. On the other hand, cybercriminals deploy AI to conduct highly targeted attacks. Thanks to machine learning algorithms, phishing emails are more convincing, malware adapts in real-time, and intrusion attempts remain persistent yet stealthy. AI helps hackers automate reconnaissance, profile their victims in astonishing detail, and dynamically modify their strategies. It’s akin to battling an ever-evolving virus that learns from every defensive move you make. IoT Vulnerabilities Our world is packed with interconnected devices, from smart TVs and refrigerators to entire factories wired with sensors. While the Internet of Things (IoT) makes life more convenient, it also expands the potential attack surface exponentially. A single vulnerability in a connected device can provide a backdoor into the broader network, compromising everything from personal data to critical infrastructure. In 2025, criminals exploit IoT devices to orchestrate vast botnets, carry out data exfiltration, or even sabotage critical services. It’s like having a million tiny, unguarded windows in your digital fortress. Ransomware 3.0 Say goodbye to the days when ransomware simply locked your files. In 2025, criminals go beyond encryption. They threaten to publicly leak sensitive data, sabotage critical cloud systems, or even manipulate files in real-time, confusing what’s genuine and what’s corrupted. Some are calling this Ransomware 3.0—a vicious trifecta of encryption, public exposure, and data tampering. Victims face the ultimate dilemma: pay up or risk catastrophic damage to personal finances, reputations, or entire business operations. Cryptocurrency Heists With cryptocurrencies dominating the global financial landscape, it’s no surprise they remain a major magnet for cybercriminals. Far from being just about Bitcoin, a plethora of digital tokens are now in circulation. Criminals use sophisticated exploits to steal private keys, manipulate smart contracts, or hack crypto exchanges. This is the Wild West of the financial world, where the digital gold rush meets digital banditry. By 2025, we’re seeing elaborate networks of hackers targeting high-value wallets and decentralized finance (DeFi) platforms, leaving victims on shaky ground in a market famous for its volatility. Impact on Individuals You might be thinking, “I’m just an average person. Why would cybercriminals target me?” The truth is, in 2025, no one flies under the radar. It’s not just the wealthy or the high-profile individuals who face risks—everyone is a potential target. Identity theft remains rampant, with criminals siphoning off personal details to open lines of credit or commit fraud. Social media profiles become treasure troves for information, allowing hackers to guess security questions or craft hyper-targeted phishing attacks. Moreover, personal devices—phones, tablets, wearables—are more integrated into daily life than ever. A single click on a malicious link can give a cybercriminal access to personal photographs, financial accounts, and private communications. It’s like handing a stranger the keys to your home. The digital age has made everyday life easier, but it also requires us all to stay on guard. Corporate and Institutional Risks It’s not just individuals at risk. Large corporations and institutions are prime targets in 2025’s cybercrime arena because the payoff can be enormous. When a hacker gains access to a corporate network, the loot can include proprietary data, customer information, and massive financial sums. The result?

Sri Lankan police social media accounts, government website hacked

Colombo, Dec 31 (PTI) The social media accounts of the Sri Lankan police and the official website of the government’s Printer Department were targeted by cyberattacks, according to officials. “Our YouTube, Facebook, Instagram, Tik-Tok and X were hit by cyber-attacks. By now, we have restored all of them other than YouTube,” said Police Spokesman and Superintendent K B Manathunga. He added that the hackers had been identified, and investigations were ongoing. In addition to the police social media accounts, the official website of the government’s Printer Department was also hacked. The group behind the attack has yet to be identified, according to the Computer Emergency Response Team (CERT), a state agency. The CERT said the website where all government publications, including key announcements, are published was breached. “We can safely say that the website data had not been compromised, they have only added certain data,” Niroshan Ananda, a CERT spokesperson told reporters. PTI CORR GRS GRS GRS

Author: thecybershark