|
|
|
|
|
|
Dear Cyber Pulse Subscribers,
Let me extend warm wishes for a Happy New Year 2024, a year that promises new frontiers in cyber security. I'm delighted to connect with you through our latest edition of Cyber Pulse. The cybersecurity landscape is ever-changing, and our commitment to providing you with new updates on the threat landscape and cyber safeguards remains unwavering.
Last year was marked by a significant rise in the number and scale of cyberattacks that kept the cybersecurity community on its toes. Amidst these challenges, 2023 also showcased remarkable strides in cybersecurity technology. Innovations such as AI-driven threat detection, blockchain-enhanced security protocols, and proactive threat intelligence sharing played pivotal roles in bolstering our defenses. In this month’s edition we give insights on some of the key cyber security trends that will emerge in 2024; it also enumerates 24 cyber safeguards to stay safe in 2024 and a quick look at the Zero Trust Model for enterprises to consider in their strategy.
The year 2023 also saw the growing strength of collaboration making cybersecurity a shared responsibility. There is increased emphasis on collaboration between regulatory bodies and financial institutions to share threat intelligence and best practices. This collaborative approach will not only facilitate a quicker response to cyber incidents but also promote a collective effort to stay ahead of cybercriminal tactics.
Thank you for being a part of the Cyber Pulse community. As we welcome 2024 with optimism and determination, the newsletter will keep you updated on the latest updates in cyber security. Let's remain vigilant, safe and secure in the online world.
Sincerely,
Santhosh George
CEO, ReBIT
|
|
|
|
|
|
As we step into the new year, the realm of cyber security is set to undergo significant transformations driven by emerging threats and risks for individuals and organizations. Cloud security measures continues to trend from last year, reflecting the increasing reliance on cloud services for business as usual; maturity of artificial intelligence and machine learning for threat detection; blockchain, IOT security make it to the list for 2024.
New Frontiers in Cyber Security: Key Trends Emerging in 2024
1. Cloud Security
The three key functionalities of cloud computing services—encryption, authentication, and disaster recovery—will become more in demand as globally organizations look forward to the time and cost savings from cloud migrations in 2024.
2. Phishing and Social Engineering
Phishing attacks will continue to keep us busy in 2024, hence all cyber security professionals and organizations should not let their guard down and continue to place a high priority on regular monitoring and network security measures against phishing and ransomware attacks.
3. Cyber Resilience Beyond Cyber Security
Cyber Resilience measures are designed to ensure continuity of operations even in the wake of a successful breach. Developing the capability to recover in an agile manner while minimizing data loss and downtime will be a strategic priority in 2024.
4. Cyber Insurance
A cyber insurance policy helps an organization pay for any financial losses they may incur in the event of a cyberattack or data breach. As many organizations are facing losses from cyber attacks, there is an increase in demand for cyber insurance from various organizations globally.
5. IOT Security
The ‘connected’ behavior of IoT devices makes it an easy target for fraudsters. Enhancing the security of these ‘Internet of Things’ devices and the networks from any privacy violations and data breaches will be a top priority in 2024.
6. Zero Trust Model
Zero Trust is founded on the principle of “never trust, always verify.” In 2024, businesses will increasingly adopt this mindset, moving away from the traditional perimeter-based security models.
7. Blockchain Security
Blockchain security is a comprehensive risk management system for a blockchain network, using cybersecurity frameworks, assurance services and best practices to reduce risks against attacks and fraud and it’s a need of the hour due to its continuous evolution.
8. AI Potential
AI is like giving computers the ability to learn and make smart decisions, helping them to do tasks that need human thinking. Its set to trend in 2024 because as technology improves, AI becomes more accessible and creates innovative security solutions.
9. Dark Web Monitoring
Dark web is a hidden online space for anonymous activities. Monitoring of such activities is needed. It is expected to trend as all users recognize the importance of safeguarding sensitive information and responding to rising cyber threats.
10. Automotive Hacking
The automotive industry is transforming. Self-driving cars are on the road. Smartphones have turned into keys. Technology is increasingly penetrating the automobile sector. Gaining control of the vehicle or using microphones for eavesdropping is expected to rise in 2024 with more use of automated vehicles.
In essence, as these cyber security trends shape the new year, their impact extends far and beyond. They have become an integral part of the daily lives of individuals in all spheres of life, promising a safer more secure online world.
References:
|
|
|
|
|
Governance
RBI deputy governor has advice banks to invest in IT and IT security
Shri Swaminathan J, Deputy Governor, RBI provided insights that RBI’s root cause analysis of system downtime at some banks indicated that their switch to disaster recovery was not smooth and did not uniformly support all channels. He advised banks to build risk buffers ensuring good governance and compliance and suggested to invest heavily in technology. Shri Swaminathan was speaking at SBI's 10th Economic Conclave in Mumbai.
Read more
India proposes a global AI framework
Speaking at the Global Partnership on Artificial Intelligence Summit, he stated that although AI has the potential to be the greatest development instrument of the twenty-first century, he emphasized the importance of exercising extreme caution while utilizing new technology keeping in view the challenges of cyber fraud. The Prime Minister has proposed creating a responsible, human-centric governance framework for AI.
Read more
Cyber Crime
Delhi records highest number of cyber crimes in 2023: I4C Cyber Crime data According to data from the Indian Cyber Crime Coordination Centre (I4C), Delhi had the highest number of cybercrime complaints in the nation for any state or Union territory in 2023, with 755 cases registered per 100,000 people. The next highest rate is 432 in Chandigarh, followed by 381 and 261 in Telangana and Haryana.
Read more
Google suspends over 2,500 fraudulent loan apps from its Play Store
In a written response to the Lok Sabha, Smt. Nirmala Sitharaman, Finance Minister, GoI stated that Google, between April 2021 and July 2022, had banned or deleted over 2,500 bogus lending applications from its Play Store. She mentioned that the goal is to continue being proactive, monitor and maintain cyber security readiness.
Read more
|
|
Cyber Security
Rs 52 crore cyber fraud hits Indian pharma giant
In a recent incident it was stated by Alkem Laboratories, 52 crore was fraudulently transferred from one of its subsidiaries because of a cybersecurity breach. While did not disclose the specifics of the breach, the company said that fraudulent actors had accessed the business email accounts of certain employees at its subsidiary. The incident is an alarm into the cybersecurity risk and preparedness environment in India's pharmaceutical industry.
Read more
55% APAC companies face cyber attacks in 2023 says report
In the past year, more than half of respondents in the APAC region (57%) reported a cyber attack that stopped them from accessing data. As cyber-attacks become more frequent and sophisticated, customers need to have a comprehensive data protection strategy in place with an integrated suite of solutions to enhance their cyber security.
Read more
Ransomware
Xerox subsidiary suffers ransomware attack
According to a statement released by parent company Xerox Corporation, XBS (Xerox Business Solutions) in the United States was targeted by a ransomware cyber attack. The threat actors could have information on several XBS partners, clients, and staff members. Post attack, Xerox has assured that it will notify all affected individuals confirmed to have been impacted by this incident.
Read more
Compromised credentials the highest reason for ransomware attacks in healthcare, says report.
According to 'The State of Ransomware in Healthcare' report, in about 75% of the cases, attackers were able to effectively encrypt data and only 24% of organizations were able to stop assaults before data encryption.
Read more
|
|
|
|
|
|
|
The Cyber Strike is a section dedicated to providing you with a summary of the most significant cyber-attacks that occurred over the past month. With the increasing prevalence of technology in our daily lives, cyber-attacks have become a constant threat to business and individuals alike.
It is important to stay informed about the latest cyber threats and attacks to protect ourselves and our organisations from potential harm.
Let’s dive in and explore the most significant cyber-attacks of the month.
Remote Code Execution Vulnerability in Apache Struts
Impact: This vulnerability exists in Apache Strut due to manipulation in file upload parameters. An unauthenticated remote attacker could exploit this vulnerability to get unauthorized path traversal. Successful exploitation of this vulnerability could allow an unauthenticated attacker to execute arbitrary code on the targeted system.
Overview: This vulnerability has been reported in Apache Struts which could allow an unauthenticated remote attacker to execute arbitrary code on the targeted system.
Recommended Actions:
- Upgrade to Struts 2.5.33 or Struts 6.3.0.2 or greater
JaskaGO Hits Both Windows and Mac
Impact: JaskaGO poses a significant threat to organizations by potentially compromising sensitive information on both Windows and macOS systems. Its sophisticated capabilities, including information harvesting, cryptocurrency theft, and system manipulation, could lead to data breaches, financial losses, and operational disruptions, highlighting the need for robust cybersecurity measures and awareness within organizations.
Overview: JaskaGO, a recently discovered cross-platform malware built on the Go programming language, poses a threat to both Windows and Apple macOS systems. It employs deceptive tactics, disguises as legitimate software, and exhibits advanced capabilities such as manipulating the clipboard for cryptocurrency theft.
Recommended Actions:
- Implement Robust Endpoint Security: Deploy advanced endpoint security solutions that include malware detection, behavior analysis, and real-time monitoring to detect and mitigate threats like JaskaGO on both Windows and macOS systems.
- Regular System Audits and Monitoring: Conduct regular audits of systems to detect any signs of JaskaGO or similar threats.
- Update and Patch Management: Keep all operating systems, software, and security solutions up to date with the latest patches.
- Network Segmentation: Implement network segmentation to restrict the lateral movement of malware within the organization.
Rhadamanthys Stealer Grows More Sophisticated
Impact: A threat to organizations, potentially leading to increased data breaches and espionage activities. Its advanced capabilities, such as cryptocurrency payment redirection and evasion of security measures like Windows Defender, could result in more successful cyberattacks, compromising sensitive information and system integrity.
Overview: The Rhadamanthys information-stealing malware latest version, 0.5.1, enhances capabilities such as a Clipper Plugin for redirecting cryptocurrency payments, Telegram options for exfiltrating wallet information, recovery of deleted Google Account cookies, and Windows Defender evasion etc.
Recommended Actions:
- Regular Security Audits: Conduct frequent security audits to identify vulnerabilities, ensuring that antivirus software is up-to-date
- Network Monitoring Systems: Deploy robust network monitoring systems to detect and respond to unusual activities promptly
- Enhance Email Security: Implement advanced email security measures to mitigate the risk of malware distribution
New Malvertising Campaign Distributes PikaBot Malware
Impact: The PikaBot malware's shift to malvertising is a significant risk to organizations, potentially leading to unauthorized access and control of compromised systems by threat actors. The emergence of ParaSiteSnatcher, a sophisticated Chrome extension, heightens the threat of data interception, manipulation, and exfiltration, underscoring the need for organizations to bolster cybersecurity measures to mitigate these evolving browser-based threats.
Overview: PikaBot acts as a backdoor and payload distributor, granting unauthorized remote access to compromised systems. The PikaBot malware loader is currently being disseminated through a malvertising campaign that specifically targets users seeking legitimate software like AnyDesk. Additionally, a surge in malvertising, exemplified by the novel loader HiroshimaNukes and a malicious Chrome extension called ParaSiteSnatcher, underscores evolving cyber threats, emphasizing the need for enhanced cybersecurity measures.
Recommended Actions:
- Implement Robust Endpoint Protection: Deploy advanced endpoint protection solutions to detect and block malware, including PikaBot
- Network Monitoring and Anomaly Detection: Employ network monitoring tools and anomaly detection systems to identify unusual activities indicative of malware infections or unauthorized access, allowing for prompt response and mitigation.
- Train employees about the dangers of interacting with unfamiliar or suspicious content, particularly in advertisements.
|
|
|
|
|
|
Key Principles of Embracing Zero Trust 2024
Zero Trust is a cybersecurity framework that operates on the fundamental principle of "never trust, always verify." In essence, it means that trust should not be assumed for any user or device, whether inside or outside the network perimeter. Every user, device, and application must continuously prove their identity and security posture before they are granted access to resources.
Why Zero Trust Matters
1. Evolving Threat Landscape: Traditional perimeter-based security models struggle to defend against advanced threats like phishing, insider attacks, and supply chain vulnerabilities. Zero Trust addresses these challenges head-on.
2. Remote Work: The rise of remote work has blurred the lines of the traditional network perimeter. Zero Trust enables secure access from anywhere, ensuring that remote employees and their devices are not security weak links.
3. Protection Against Insider Threats: Zero Trust assumes that threats can come from within, making it effective at safeguarding against both external and internal threats.
4. Compliance and Data Privacy: Many industries have stringent compliance requirements. Zero Trust helps organizations meet these standards by providing granular control and auditability. Implementing Zero Trust Implementing Zero Trust is not a one-size-fits-all approach. It involves careful planning, technology investments, and cultural shifts within an organization.
Key Principles
1. Verify Identity: Zero Trust requires strong identity verification for all users and devices attempting to access network resources. This often involves multi-factor authentication (MFA) to ensure that only authorized users gain access.
2. Least Privilege Access: Users and devices are granted the minimum level of access necessary to perform their tasks. This limits potential damage in case of a breach.
3. Micro-Segmentation: Networks are segmented into smaller, isolated zones, limiting lateral movement for attackers if they breach one segment.
4. Continuous Monitoring: Real-time monitoring of network traffic and user behavior allows for the rapid detection of anomalies and potential threats.
5. Security Throughout: Security controls are integrated into every aspect of the network, from the user's device to the application and data.
Key Steps to Get Started
1. Assessment: Understanding the current security posture and identifying weaknesses is the first step.
2. Policy Development: Clearly define access policies, authentication methods, and user roles.
3. Technology Integration: Implement tools and solutions that facilitate identity verification, micro-segmentation, and continuous monitoring.
4. Education and Training: Educate employees about the new security model and encourage a security-conscious culture.
5. Testing and Optimization: Regularly test the Zero Trust model and adjust as needed to adapt to evolving threats. In an era where cyber threats are ever evolving, the Zero Trust model offers a proactive and adaptable approach to cybersecurity.
By shifting from a stance of trust to one of continuous verification, organizations can better protect their data, systems, and reputation. While implementing Zero Trust may require effort and investment, the long-term benefits far outweigh the costs. It's time to embrace this paradigm shift and make "never trust, always verify" the mantra of modern cybersecurity.
|
|
Your content goes here...
|
|
|
|
|
|
|
|
|
|
|
ReBIT is an ambitious, employee-first organisation that believes in empowering our employees to grow alongside the organisation's goals and perform to their full potential. We are fascinated by technology, and we admire our employees. We house exceptional talent that contributes to ReBIT's mission.
We’re looking for candidates who have a zeal for technology and innovation. Check out our careers page for opportunities to work with us!
|
|
|
We'd love to hear from you!
Share your thoughts with us at communications@rebit.org.in or leave us a feedback by clicking on the button below.
|
|
|
|
|
502, Building No 1, Mindspace Juinagar, Nerul,Navi Mumbai – 400706
|
|
|
You are receiving this email as you signed up for our newsletter.
Want to change how you receive these emails?
You can Unsubscribe here.
|
|
|
|
|