cyber security

Chinese Hackers Double Cyber-Attacks on Taiwan

Taiwanese government networks experienced a daily average of 2.4 million cyber-attacks in 2024, most of which were attributed to Chinese state-backed hackers. This represents double the daily average from 2023 which saw 1.2 million daily attacks targeting government networks, Taiwan’s National Security Bureau said in a new report. “Although many of those attacks have been effectively detected and blocked, the growing numbers of attacks pinpoint the increasingly severe nature of China’s hacking activities,” the Bureau warned. The report also highlighted a substantial rise in People’s Republic of China (PRC) cyber-attacks targeting critical industries in Taiwan. These include telecommunications (650% increase), transportation (70%), and defined supply chain (57%). Security researchers have also observed significant Chinese cyber-attack activity in Taiwan over recent years amid rising geopolitical tensions around the Island territory’s self-governing status. How Chinese Hackers Target Taiwan The report highlighted a range of techniques employed by People’s Republic of China (PRC) hackers and noted that attacks against Taiwanese government agencies are typically designed to steal confidential data. The Bureau said the People’s Republic of China (PRC) hackers often exploit vulnerabilities in Netcom devices and utilize evasion techniques such as living off the land. Social engineering techniques have also been deployed which target the emails of Taiwanese civil servants for espionage purposes. China uses a range of tactics to infiltrate and compromise Taiwan’s critical infrastructure systems, such as highways and ports, to disrupt the Island’s transportation and logistics. Other cyber-attack tactics include phishing attacks, compromise of zero-day vulnerabilities, and use of Trojans and backdoors. Additionally, DDoS attacks are used to “harass” and “intimidate” Taiwan when carried out in the Island’s transportation and financial sectors. At the same time, China conducts military drills in the area, the Bureau noted. Other commonly observed Chinese attacks against Taiwanese targets include: Ransomware and other cybercrime techniques against manufacturing companies Theft of information about patented technologies developed by start-ups Stealing personal data of Taiwanese nationals and selling that information on the dark web The Bureau said the hack and leak of Taiwanese citizens’ data helps generate profits and are also designed to undermine the credibility of the Taiwanese government. “China has continued to intensify its cyber-attacks against Taiwan. By applying diverse hacking techniques, China has conducted reconnaissance, set cyber-attack ambushes, and stolen data through hacking operations targeting Taiwan’s government, critical infrastructure, and key private enterprises,” the Bureau wrote. The report also highlighted the success of Taiwan’s joint security defines a mechanism for ensuring that threat information is shared in real-time among intelligence sources and government agencies.

BSF Inspector duped of over Rs 70 Lakh after making ‘digital arrest’ in Gwalior

Bhopal: A Border Security Force (BSF) official in Gwalior was held in the longest digital arrest for 32 days before his son came to his rescue. The victim identified as Absar Ahmed, posted as an inspector in the BSF Training Centre, Tekanpur, was under digital arrest from December 2, 2024, and was duped of Rs 71.25 lakh in 34 transactions during the period, police said. “We have received the complaint regarding the digital arrest of a BSF official. The crime branch has registered a case and the probe is on,” Gwalior district superintendent of police (SP) Dharamveer Singh said. According to the police, the BSF official, a resident of Uttar Pradesh, had received a WhatsApp call at 11.29 am on December 2, 2024. The identified Mumbai cyber and crime branch officer told the victim that an arrest warrant had been issued against him and his family members in connection with a money laundering case. The BSF official was told that he was being interrogated virtually and he and his family members would be arrested if he informed other people. He was asked to transfer money to particular accounts as part of the probe and the money would be returned if he was found innocent. Under psychological pressure, Ahmed sold his flat in Delhi exhausted all his savings, and transferred Rs 71.25 lakh to the accounts mentioned. His son rushed to Gwalior on January 2 after learning about it and asked him to file a police complaint.

Youtuber Ankush Bahuguna shares 40-hour digital arrest scam ordeal urges vigilance

January 6, 2025: Popular content creator Ankush Bahuguna recently revealed a harrowing 40-hour ordeal in which he was held in a “digital arrest” by cybercriminals. In a deeply emotional video shared on Instagram, Ankush recounted how scammers isolated him from friends and family, coerced him into performing suspicious financial transactions, and manipulated him through fear and threats. The ordeal began with a seemingly harmless automated call about a suspicious package linked to his name. Following instructions, he pressed a button for customer support, unknowingly falling into an elaborate scam trap. A fake official on the call claimed the package contained illegal substances bound for China and an digital arrest warrant had been issued in his name. Isolation and Manipulation Panicked, Ankush was connected to someone posing as a law enforcement officer. This person accused him of money laundering, drug trafficking, and being involved in serious crimes. He was then placed under so-called “self-custody,” isolating him entirely from the outside world. For 40 hours, Ankush was kept on a continuous video call, and forbidden from answering messages, picking up calls, or contacting anyone. Under duress, he was forced to share sensitive information, perform bank transactions, and follow every instruction the scammers gave. “I was crying and begging, but they kept me on the call. They convinced me my career would be destroyed, my family was in danger, and I would face abuse if I didn’t comply,” Ankush shared, visibly shaken. Friends and Family Intervene Ankush’s family and friends grew suspicious of his erratic behavior throughout the ordeal. His sister’s persistent messages finally reached him, revealing that such “digital arrests” are a common scam. Realizing the truth, Ankush broke free from the scammers’ grip and reconnected with his family. “I’m so grateful for my friends’ instincts. If they hadn’t acted quickly, I might still be trapped in that nightmare,” he admitted. A Warning to All Ankush urged his followers to be cautious of such scams and never engage with suspicious calls or share sensitive information online. “The thing with these digital arrest is, if you believe one lie, they tell ten more, each scarier than the last. Please be vigilant and report such incidents immediately,” he concluded. This incident highlights the growing sophistication of cyber scams and serves as a stark warning about individuals’ vulnerabilities in an increasingly digital world.

Cyber Fraud: UP Police shares must-watch video ahead of Mahakumbh

Ahead of the Mahakumbh Mela, which is scheduled to begin on January 13, the Uttar Pradesh Police released an awareness video on its social media account on 05/01/2025, urging people to stay cautious of cyber fraud related to any kind of online booking for the Mahakumbh. Mahakumbh Mela The Mahakumbh in Sangam Nagari Prayagraj is likely to be attended by 40 crore people. In light of the rising incidents of cyber fraud in recent times, this video has been created to create awareness among people about digital fraud. The Video’s Message: The short film portrays the experience of a family who falls victim to cyber fraud while booking a hotel online. Tempted by attractive offers, the family makes a booking through a fake website. However, upon reaching the given location in Prayagraj, they find an empty plot instead of the promised hotel. In another instance, the family scans a QR code displayed on the street to book a stay, but instead of securing their booking, their money gets deducted fraudulently. Towards the end, Bollywood actor Sanjay Mishra appears in the video, cautioning people about such scams and advising them to avoid fake links and websites. Safety Advice: Sanjay Mishra urges devotees to use the official Maha Kumbh website Kumbh.gov.in to check the list of verified accommodations and make bookings. The video has been shared across all social media platforms of the Uttar Pradesh Police. Additionally, a link to the list of available accommodations in Prayagraj has been provided to assist devotees in making safe and informed decisions. Important Information for Devotees: Devotees planning to visit Prayagraj during the Maha Kumbh 2025 are encouraged to use the verified list or official website for their bookings. This initiative by the Uttar Pradesh Police aims to safeguard devotees from cyber fraud while ensuring a secure and smooth pilgrimage experience during the Maha Kumbh 2025.

Beware of online sextortion: boys and girls

Online Sextortion occurs when a fraudster threatens to circulate your private and sensitive material online if you do not provide images of a sexual nature, sexual favors, or money. The perpetrator may also threaten to harm your friends or relatives by using information they have obtained from electronic devices unless you comply with their demands. Sextortion is a form of Online Sextortion abuse, wherein the cybercriminal makes use of various channels like instant messaging apps, SMS, online dating apps, Online Sextortion media platforms, porn sites, etc., to lure the users into intimate video/audio chats and makes them pose nude or obtains revealing pictures from them. The fraudsters later make use of this material to harass, embarrass, threaten, exploit, and blackmail the victims. Dangers Abuse and Exploitation Harassment Blackmail Threats of public humiliation Mental distress Modus Operandi The fraudsters try to lure the users into sharing intimate content in different ways posting messages for video/audio chat using fake accounts/profiles creating pages/ad campaigns The users get victimized when they pay for such services and pose nude or in a compromising position in video calls accepts or sends friend requests to the fake account/profile and is involved in intimate interaction posing nude in video chats, sending revealing pictures, etc., The fraudster records video/ takes screenshots/ takes pictures/makes use of revealing pictures/morphs the pictures sent The fraudster starts blackmailing the victim leading to sextortion. The users of porn sites may also fall prey to sextortion when their chats/video calls on porn sites are used for blackmail by fraudsters. Channels used for trapping the victims into sextortion The fraudsters resort to sextortion following the modus operandi given above using various channels like – Messaging apps Dating apps Online Sextortion media platforms Porn sites etc., Warning signs indicate attempts of sextortion by cybercriminals Repeated untoward messages/video calls from unknown number/s Repeated friend requests from an unknown person Repeated requests for private intimate pictures, video chats, photos Manipulating or redirecting the conversation toward intimate topics Rush through the things and try to develop intimacy Warning signs that may indicate victimization Signs of fear, nervousness, anxiety, depression Isolating self and being very reactive & emotional Feeling desperate and frustrated Having suicidal thoughts and self-harming behavior. Safety tips to protect yourself against online sextortion Never share any compromising images, posts, or videos of yourself with anyone, no matter who they are Remember that the internet never forgets or forgives. If you have shared something once, it will remain present on the Net forever, in one form or the other. Never accept or request friendship from unknown people on social media platforms. Enable privacy and security features on your Online Sextortion media accounts and instant messaging apps. Use the “Report User” option on Online Sextortion media platforms to report any such Do not share your personal/private pictures publicly. Turn off your electronic devices and web cameras when you are not using them. Use two-factor authentication with strong passwords and different passwords for different social media accounts. During an Online Sextortion interaction or chat, if the person on the other side is trying to rush through things and develop intimacy, then it is cause for alarm. Never allow anyone, however close to capture any private part or intimate activity with any device. Such data can be misused at a later stage. Do not accept video calls or open attachments from people you do not know. Save the evidence and the screenshots for referring to the incident later. Do not suffer in silence, know that you are not alone, and reach out and seek help from trusted family and friends. File a complaint against sextortion Online Sextortion or at your nearest cybercrime cell. Remember that you can also anonymously file an Online Sextortion complaint against such an offense on the national cybercrime reporting portal cybercrime.gov.in. Avoid clicking intimate/nude/semi-nude photos/videos on your phone, which if leaked could cause embarrassment. Several rouge mobile apps could access your gallery/storage and can be used to blackmail you. Don’t hesitate to file a complaint or contact the police due to shame, embarrassment, and self-blame. Know what the Law Says about this offense? It is a punishable offense by law and attracts sections 354 (D), 506 / 507, 509 IPC, and 384 IPC, and Sec.67 of the IT Act is also applicable. Offenders in such crimes usually thrive on the victim’s silence and lack of clarity in the law. Hence, everyone needs to be aware of the codes and sections that will help them in such cases. Section 108(1)(i)(a) of the Criminal Procedure Code empowers the victim to call the magistrate of her locality and inform him/her about the person whom she believes could circulate any obscene matter. The magistrate has the power to detain such person(s) and can order him to sign a bond to stop him from circulating the material. This might deter the accused. This is a quick remedial section because the victim can complain to the magistrate without any direct evidence against the accused. Section 292 of the Indian Penal Code (IPC) incriminates any person who distributes or threatens to disperse any intimate and compromising images of someone through any electronic means, including apps and other social media. If a picture of the woman is clicked obscenely without her knowledge and is distributed, a voyeurism case under Section 354C of the IPC can also be filed along with the aid of other relevant sections from the Information Technology Act.

10 the Top News Stories and Cybersecurity of 2024

The ransomware juggernaut rolled inexorably in 2024, yet again, leaving more devastated Cybersecurity in its wake. This year, the UK’s NHS found itself at the receiving end of some particularly nasty attacks, but there were other high-profile victims as well. Meanwhile, state-backed cyber intrusions from China and Russia continued apace, driven by global geopolitical uncertainty. Many long-running Cybersecurity espionage campaigns were exposed. But if 2024 proved one thing only, it was that shining a light on the cyber underworld is working. The British are coming for the bad guys, as new attributions from the National Cybersecurity Centre (NCSC), takedowns led by the National Crime Agency (NCA), and proposed legislation highlighting ransomware threats to critical sectors is proving. If 2024 is remembered for anything in the cyber community, it may just be the year in which the good guys took the gloves off and fought back properly. Here are Computer Weekly’s Top 10 Cyber Crime stories of 2024. British Library ransomware attack could cost up to £7m The effects of the British Library ransomware attack at the end of 2023 continued to be felt into 2024 as the venerable institution continued to struggle to bring its crippled systems back online. In January 2024, it emerged that the scale of the ransomware attack was so immense and its effects so devastating, that it could end up costing the British Library up to £7m, dwarfing the £650,000 ransom demand. Later in the year, in a remarkable display of transparency, the British Library’s leadership published a detailed breakdown of their experience at the hands of the Rhysida ransomware crew, to help others learn and understand. SolarWinds hackers attack Microsoft in apparent recon mission Also in January, Cosy Bear, the Russia-backed hacking outfit behind the SolarWinds Sunburst incident, was back in action, breaking into Microsoft’s systems with a brute force, password spraying attack and from there accessing corporate accounts belonging to leadership and Cybersecurity employees. Microsoft is one of some suppliers that finds itself at the receiving end of such intrusions, thanks in part to its global reach and scale, and its in-depth relationships with Western governments, and has faced tough questions over its Cybersecurity posture in recent years as a result. Lock Bit locked out in NCA-led takedown One of the biggest stories of the year unfolded dramatically on a dull February day when the infamous Lock Bit ransomware gang was taken down and its infrastructure hacked and compromised in Operation Cronos, led by the UK’s National Crime Agency (NCA). In the immediate aftermath of the takedown, Computer Weekly took the temperature of the Cybersecurity community, finding upbeat sentiment, but also tempered by the knowledge that one swallow does not make a summer. Throughout the year, the NCA has been sharing a trove of information it gathered during the exercise, as well as taking time to mock and troll Lock Bit’s leader since named as Dmitry Khoroshev, who at one time boasted of his luxury lifestyle as he toyed with law enforcement. Mandiant formally pins Sandworm cyber-attacks on APT44 group In April, threat intel leaders Mandiant formally “upgraded” the malicious activity cluster known as Sandworm to a full-blown, standalone advanced persistent threat (APT) actor to be tracked as APT44 – other companies have different taxonomies, Mandiant’s is alphanumeric. APT44 is run out of Russia’s Main Intelligence Directorate (GRU) within Unit 74455 of the Main Centre for Special Technologies (GTsST) and is described as one of the most brazen threat actors around. Although it confines its activities to those in service of the Russian state rather than financially motivated criminality, the links between cybercrime and cyber espionage continued to blur during 2024, with some nation-state APTs even acting as initial access brokers (IABs) for ransomware gangs. NHS services at major London hospitals disrupted by cyber attack In early June, a major cyber-attack on Synovia, a pathology lab services provider that works with Guys and St Thomas’ and King’s College hospitals in London, as well as other NHS sites in the nation’s capital, was laid low by a Qulin ransomware attack. This intrusion resulted in a major incident being declared in the NHS, with patient appointments and surgeries cancelled, and blood supplies running dangerously low. The ramifications of this truly callous cyber-attack are still being felt six months on. UK Cyber Bill teases mandatory ransomware reporting All eyes were on Westminster in July for the first King’s Speech held under a Labour government in over a decade , and for the Cybersecurity community, there was plenty to pick over as Keir Starmer’s administration proposed implementing compulsory cyber incident reporting – including ransomware – for operators of critical national infrastructure (CNI), in a new Cybersecurity and Resilience Bill. According to the government for Cybersecurity , the law will expand the remit of existing regulation give regulators a more solid footing when it comes to protecting digital services and supply chains, and improve reporting requirements to help build a better picture of Cybersecurity . The Bill will likely be introduced to Parliament in 2025. NCSC and allies call out Russia’s Unit 29155 over cyber-warfare In September, the UK and its Five Eyes allies joined forces with the European Union (EU) and Ukrainian cyber authorities to highlight a dastardly campaign of cyber espionage conducted by Unit 29155, another Russian APT. Unit 29155 targets victims to collect information for espionage purposes, sabotages websites and daily operational capabilities and tries to cause reputational damages by selectively leaking important data. It has conducted thousands of exercises across NATO and the EU with a notable focus on CNI, government, financial services, transport, energy, and healthcare. It is also particularly notable for its involvement in the Whisper Gate campaign of destructive malware attacks against Cybersecurity to Ukraine in advance of the 2022 invasion. Money transfer firm MoneyGram rushes to contain cyber attack US-based financial services and money transfer outfit MoneyGram was another high-profile cyber attack victim to emerge in 2024, with its systems taken down in an apparent ransomware attack in September 2024.

WhatsApp, the biggest social media platform misused by cyber criminals in India

14,746 complaints file for cyber criminals were related to WhatsApp, 7,651 against Telegram, 7,152 against Instagram, 7,051 against Facebook, and 1,135 against YouTube till March 2024, says MHA report WhatsApp remains the biggest social media platform that is possibly misused by cyber criminals in India, according to the latest annual report of the Union Home Ministry. The data published in the report on “cybercrime complaints where Big Tech platforms have been misused” shows that 14,746 complaints were related to WhatsApp, 7,651 against Telegram, 7,152 against Instagram, 7,051 against Facebook, and 1,135 against YouTube till March 2024. “Big techs play an important role in proactive identification and action on cyber criminals. I4C has partnered with Google and Facebook for sharing intelligence and signals for proactive actions,” the report said. National Cybercrime Threat Analytical Unit (NCTAU) of I4C analyses the complaints reported on the portal and prepares analysis reports on the latest trends of cybercrime and misuse of services provided by service providers, it said. “These reports are shared with all the concerned stakeholders, i.e., banks, wallets, merchants, payments aggregators, payment gateways, e-commerce, and other departments to take preventive measures and mitigate the misuse of their platforms/services,” the report said. The Ministry has also rolled out a Cyber Volunteer Framework, which enables citizens to enroll as cyber volunteers for reporting unlawful content on the Internet, dissemination of cyber hygiene, and as cyber experts to aid law enforcement under which 54,833 volunteers had registered by March 31, 2024, according to the report. The Ministry’s integrated platform Citizen Financial Cyber cyber criminals Reporting and Management System (CFCFRMS), where all stakeholders, including law enforcement agencies of States/Union Territories, all major banks and financial intermediaries, payment wallets, crypto exchanges, and e-commerce companies, work in tandem. The platform ensures quick, decisive, and system-based effective action to prevent the flow of money from the victim’s account to the cyber fraudster’s account, and the seized money is restored to the victim following due legal process, it said. “Since its launch in April 2021, so far this platform has been able to save more than Rs 16 billion from going into the hands of fraudsters, and thus benefiting more than 5,75,000 victims,” it said.