| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Dear Cyber Pulse Readers,
In an increasingly online-first world, our digital identity has become the new currency of engagement — essential for everything from accessing financial services to health records and government benefits. India’s ambitious digital transformation has led to the widespread use of Aadhaar, mobile numbers, PAN cards, and biometric verification — enabling convenience, inclusivity, and speed powering Digital India. As the digital economy thrives, the trail of data we leave behind on social media, online portals, and apps is becoming an increasingly popular playground for malicious actors.
This edition explores the rising threat of digital identity frauds, discussing their various types and potential safeguards. Additionally, it highlights the significance of data backups along with an illustrative example of card-not-present fraud. The Indian cybersecurity landscape has responded through enhanced regulation, advanced biometric verification standards, and AI-driven fraud detection. However, the most effective firewall remains with each one of us. It is crucial that we all practice caution in our digital activities by utilizing multi-factor authentication, avoiding the sharing of One-Time Passwords (OTPs), regularly monitoring financial accounts, and staying vigilant against phishing attempts and suspicious links.
Looking forward, let us continue to embrace new and exciting technology platforms and applications and reap the many benefits it brings to our daily lives, however, remain alert and vigilant about our digital footprints. By staying informed, adopting best practices for data protection and working together as a community, we can effectively counteract digital identity frauds and ensure a safer cyber world for everyone.
Stay safe and stay secure online!
Sincerely,
Santhosh George
CEO, ReBIT
|
|
|
|
|
|
|
|
Behind the Screen | Digital Identity the New Currency for Cyber Frauds
Each day for us begins with checking our smartphones, browsing applications, completing transactions, managing finances, and engaging in numerous other activities - all contributing to our distinct digital identities within the virtual realm. By sharing personal details, we create customized user experiences based on our digital DNA. Yet, as we effortlessly swipe, scroll, click, and traverse the web, have we pondered over the repercussions should our digital persona be compromised? With cybercrime increasingly focusing on stealing digital identities and personal information, securing one's digital footprint has become an indispensable priority for both individuals and organizations.
What is Digital Identity
Digital identity refers to the data that defines individuals online, including usernames, passwords, biometrics, and browsing behavior. This information facilitates convenient online interactions but also stores sensitive personal identification data (PII), such as names, birthdates, email addresses, home addresses, phone numbers, government-issued IDs (Aadhaar, PAN, SSNs), biometric data (facial scans, voice prints, fingerprints), login credentials, UPI IDs, IP addresses, and browser history.
Identity Theft: A Growing Trend
In today's digital world, the value and risk of our identities have never been greater. Picture an electronic version of yourself constructed from stolen data. A counterfeit "digital twin" manufactured by scammers in the shadows of cyberspace, capable of opening bank accounts, applying for loans, and even assuming your identity, all without a face-to-face interaction. Digital identity theft has become one of the most prevalent cybercrimes in the modern era, with cases soaring not only in India but also worldwide. Criminals use tactics such as phishing, malware attacks, and social engineering to obtain PII, which they misuse for nefarious intentions. As an act of negligence, many individuals continue to keep weak passwords, succumb to phishing emails, thereby unknowingly providing scammers with the keys to clone their identities.
Sophistication and Scale
From financial fraud to synthetic identities, attackers are using advanced techniques to exploit the vast amount of personal data online. Synthetic identity fraud—in which real and fake data is mixed to form a new digital persona—is emerging as the fastest-growing form of this attack, affecting banking and eCommerce platforms alike. The rise of AI-powered identity theft has further made impersonation widespread and alarmingly easier to execute. It is now possible for AI to mimic human speech, writing styles, and biometric impersonations by generating deep-fake videos and synthetic voice recordings to bypass traditional security measures and gain unauthorized access to accounts and other sensitive data.
So, how do you protect yourself against these threats? Here are some effective measures:
1. Use Strong Passwords: Ensure each of your accounts has unique passwords consisting of letters (uppercase and lowercase), numbers, and symbols. Also advised to keep the length 8 - 12 characters long.
2. Enable Two-Factor Authentication: Two-factor authentication adds an extra layer of security and verification for account access.
3. Stay Alert of Phishing Scams: Stay updated on phishing tactics and always verify the sender's email address and check for authentic sources as the content of these emails seem genuine. Verify before clicking on any links in the email or messages.
4. Regularly Monitor Your Accounts: Keep track of your online accounts regularly. Check for any unusual activity, such as login attempts from unfamiliar locations or changes to your account settings.
5. Keep the System Updated: Keeping your operating system, applications, and web browsers updated helps patch known vulnerabilities.
6. Be Aware of Privacy Settings: Be mindful of the information you share online and with whom you grant access to data including the types of information you have granted consent for others to access.
Remember, your online identity is just as valuable as your real-life/offline one – treat it with the same care and attention.
|
|
|
|
|
|
|
|
|
|
|
|
Governance
NPCI BHIM Services Limited (NBSL) unveils BHIM 3.0
The new BHIM 3.0 app offers customer friendly and more intuitive experience with enhanced features for users, with new offerings for businesses and banks. It is now available in more than 15 Indian languages for better accessibility, works in low Internet areas thus ensuring seamless transactions even with slow or unstable network connections, and provides advanced tools to track, manage, and split expenses with ease.
Read more
RBI Sets Deadline for Banks to Transition to 'Bank.in'
All Indian banks must migrate their digital operations to the '. bank.in' domain by October 31, 2025, as per an RBI directive. This move aims to boost online banking security, create consistency, and build customer trust. Amid rising cybersecurity threats, this initiative forms part of RBI's broader strategy to protect consumers in the evolving digital financial landscape. Transition may necessitate IT infrastructure updates for smooth implementation.
Read more
Cyber Crime
FBI's IC3 Reports $16.6B Cybercrime Losses in 2024
In 2024, USA FBI's Internet Crime Complaint Center (IC3) processed 860,000 cybercrime complaints, causing over $16.6 billion in losses. Total losses reached $50.5 billion in the last 5 years. Phishing attacks are most common, but investment fraud caused the highest losses ($6.57 billion). Business Email Compromise fraud and tech support scams followed, causing $2.77 billion and $1.46 billion in damages respectively. Personal data breaches resulted in over $1.45 billion in reported losses.
Read more
CERT-In Launches Digital Threat Report 2024 for BFSI
India's Computer Emergency Response Team (CERT-In), under Ministry of Electronics and Information Technology (MeitY), along with CSIRT-Fin and SISA, have jointly launched the Digital Threat Report 2024 for the Banking, Financial Services, and Insurance (BFSI) sector. This collaboration offers a multi-dimensional perspective on emerging cyber threats through real-world intelligence from SISA's investigations, CERT-In's oversight, and CSIRT-Fin's expertise. Key attack vectors, adversarial tactics, and persistent security gaps are identified, providing practical recommendations for financial organizations to enhance their cybersecurity defenses.
Read more
|
|
Cyber Security
Meta introduces LlamaFirewall
An open-source it is built to serve as a flexible, real-time guardrail framework for securing LLM-powered applications. Designed to protect AI systems against advanced cyber threats such as prompt injection, jailbreaking, and insecure coding. Comprising PromptGuard 2, Agent Alignment Checks, and CodeShield, this framework detects real-time jailbreak attempts and subtle goal hijacking through sophisticated agent analysis.
Read more
IIT Madras Trains First Batch of 'Cyber Commandos
A formal valedictory ceremony took place at the Indian Institute of Technology (IIT) Madras campus for the completion of the training program of 37 law enforcement officers, who were trained by Pravartak under the innovative Cybersecurity Skills Training Initiative of the Union Ministry of Home Affairs. These newly designated "Cyber Commandos" responsible for investigating and prosecuting cybercrimes and also prevent such incidents from occurring.
Read more
Malware / Ransomware
New ResolverRAT, Targets Healthcare and Pharma Firms
A newly discovered Remote Access Trojan (RAT) named ResolverRAT has been targeting healthcare and pharmaceutical organizations since March 10, 2025. Security researchers have identified the threat of concern due to its advanced in-memory execution and evasion techniques. The attack begins with fear-based phishing emails that contain links leading to infected files. Once clicked, the malware is loaded into the victim's system entirely in memory, making it difficult to detect using traditional antivirus software.
Read more
Cybersecurity Breach Hits Canadian Electric Utility
A cybersecurity incident at Nova Scotia Power affected IT systems and networks of the enterprise, disrupting services such as customer care phone lines and online portals. Unauthorized access was detected leading to the shutdown and isolation of affected servers. An investigation into the incident revealed that some customer data maybe stolen as a result. Nova Scotia Power provides power to approximately 550,000 customers.
Read more
|
|
|
|
|
|
|
|
|
|
|
|
Data backup is the backbone of both personal and professional endeavors. Whether it's cherished family photos or sensitive business files, losing data can be devastating. This is where data backups come into play—a crucial step in safeguarding your digital assets.
What is Backup?
At its core, a backup is a copy of your data that is stored separately from the original source. It's like a safety net that ensures you can recover vital information in case of unexpected events, such as hardware failure, cyberattacks, or accidental deletion.
Types of Data Backups
Understanding the types of backups helps in choosing the right strategy:
- Full Back up: A comprehensive copy of all data—ideal for thoroughness, but time-intensive.
- Incremental Backup: Saves change since the last backup, optimizing storage and speed.
- Differential Backup: Captures all change since the last full backup, balancing efficiency and thoroughness.
Importance of Backups
Backups are not just about convenience; they're essential for:
- Recovery from Cyber Threats: Ransomware attacks often target your data, and having backups ensure you're not held hostage.
- Business Continuity: Losing critical business data can halt operations. Backups enable smooth recovery and minimize downtime.
- Achieving RTO and RPO Goals: Backups play a key role in meeting Recovery Time Objective (RTO), which defines the maximum acceptable time to restore systems after a disruption, and Recovery Point Objective (RPO), which specifies the maximum allowable data loss measured in time. Effective backup strategies ensure that both RTO and RPO are within acceptable limits.
Common Backup Solutions
There are several approaches to backing up data, catering to various needs:
- Cloud Storage: Services like Google Drive, OneDrive, or Dropbox provide easy access and scalability.
- Network-Attached Storage (NAS): Ideal for businesses, NAS systems provide centralized storage accessible across a network.
- External Drives: USB drives and external hard disks offer a simple, offline method for data storage.
Best Practices for Data Backups
To ensure that your data is protected and recoverable when disaster strikes, follow these essential best practices:
1. Prioritize Your Data: Before setting up a backup system, identify and categorize the data that needs to be backed up.
- Inventory Your Data: Understand the type of data you have, whether it’s personal files, business documents, or sensitive information. Know where it's stored be it on local devices, network drives, or cloud storage.
- Set Priorities: Not all data holds equal value. Assign priority levels to your data, with critical data being backed up first. This ensures that the most important files are always safeguarded.
- Plan and Communicate: Create a well-structured backup strategy and share it with relevant stakeholders. This ensures everyone is on the same page regarding backup responsibilities and recovery protocols.
2. Adopt the 3-2-1 Rule: One of the most effective backup strategies, the 3-2-1 Rule, ensures comprehensive data protection:
- 3 Copies of Your Data: Always keep the original and two additional copies of your important data.
- 2 Storage Mediums: Use different storage options, such as external hard drives, USB drives, and cloud services, to reduce the risk of simultaneous failures.
- 1 Off-Site Copy: Store at least one backup in a separate physical or geographical location, ensuring its safety in the event of local disasters, such as fires or floods.
3. Automate Your Backups: Use tools and software to create regular, automatic backups at predefined intervals. This ensures that backups happen even when you’re busy or forgetful.
4. Regularly Test Your Backups: Regularly test backups to ensure that the files are complete and not corrupted.
- Simulate Recovery Scenarios: Periodically perform mock recoveries to confirm that the data can be restored successfully and without issues.
- Identify Gaps: Testing helps uncover weaknesses in your backup process, allowing you to fine-tune your strategy.
5. Protect Your Backups: Backups are as valuable as the original data and securing them is critical.
- Encrypt Backup Files: Use encryption to protect sensitive data stored in backups.
- Implement MFA (Multi-Factor Authentication): Add an extra layer of protection by securing backups with MFA.
- Separate Backup Credentials: Use separate credentials (different from the system administrator) for backup or disaster recovery systems.
Adhering to these best practices ensures that your data is not only backed up but also secure and readily accessible in times of need. By prioritizing, automating, and regularly testing your backups, you can stay one step ahead of potential threats and disasters, safeguarding your digital world with confidence.
|
|
|
|
|
|
|
|
|
|
|
|
The Cyber Strike is a section dedicated to providing you with a summary of the most significant cyber-attacks that occurred over the past month. With the increasing prevalence of technology in our daily lives, cyber-attacks have become a constant threat to business and individuals alike.
It is important to stay informed about the latest cyber threats and attacks to protect ourselves and our organisations from potential harm. Let’s dive in and explore the most significant cyber-attacks of March -April 2025.
AI-Driven Ransomware: The Rise of FunkSec
Impact: FunkSec, an emerging ransomware group, has gained significant recognition due to its expanding list of victims and increasing prominence among other cybercriminal organizations. Despite leveraging AI to develop ransomware, their reliance on automated code and external guidance highlights operational weaknesses. Impact on organizations includes data breaches, financial losses, and operational disruptions. Their auction-based extortion model increases the likelihood of sensitive information being sold to multiple malicious actors, escalating security.
Recommended Actions
- Strengthen Data Recovery and Resilience Schedule frequent, automated backups of critical systems and data.
- Awareness Training: Employees must be trained to identify suspicious emails, links, and attachments.
- Establish a Robust Patch Management Program: Unpatched software creates security vulnerabilities that ransomware groups exploit.
- Develop and Execute an Incident Response Plan: It is essential for rapid containment and mitigation of ransomware attacks.
BlackHeart Ransomware: A Menacing Cyber Threat
Impact: A variant of the MedusaLocker family, the ransomware encrypts files and demands ransom for decryption while threatening data leaks. It can severely impact organizations by disrupting operations, causing financial losses, and damaging reputations due to data breaches. The encryption of critical files can lead to downtime, while the threat of leaked sensitive information may result in legal consequences and loss of customer trust.
Recommended Actions
- Restrict User Privileges: Limit user permissions and implement the principle of least privilege (PoLP) to reduce the potential impact of ransomware spreading within the network.
- Strengthen Email Security: Deploy email filtering solutions to block phishing emails, malicious attachments, and suspicious links that serve as primary ransomware infection vectors.
- Educate Employees on Cyber Hygiene: Conduct regular cybersecurity awareness training to help employees identify phishing attempts, avoid suspicious downloads, and report security incidents promptly.
Multiple Critical Vulnerabilities in VMware Tools, Fortinet and Google Chrome
Impact: CERT-In has warned of multiple high-risk vulnerabilities affecting VMware Tools, Fortinet products, and Google Chrome. These vulnerabilities pose a significant threat to enterprise environments and individual users. Unauthorized access can lead to data breaches, financial losses, and system-wide compromise. Attackers exploiting these flaws can evade security restrictions, execute remote commands, and deploy persistent malware.
Recommended Actions
- Update VMware Tools to version 12.5.1 or later.
- Apply security patches for Fortinet products as per vendor advisories.
- Update Google Chrome to version 134.0.6998.177/178 immediately.
Loches Ransomware Targeting Systems
Impact: Part of the GlobeImposter family, it encrypts files on compromised systems and demands a ransom for decryption, appending the "loches" extension to affected files. The ransomware spreads through phishing emails, compromised websites, and software vulnerabilities. The encryption locks users out of their crucial data, including documents, images, databases, and other important files. By leveraging advanced encryption algorithms, Loches Ransomware ensures that the locked files are practically impossible to recover without the decryption key, thereby compelling victims to consider paying the ransom.
Recommended Actions
- Endpoint Protection and Monitoring to utilize robust antivirus and anti-malware solutions with real-time monitoring to detect and prevent any ransomware activity on all endpoints, including workstations and servers.
- Access Control and Network Segmentation by implementing the principle of least privilege while restricting user access to sensitive systems and data.
- Assess and manage cybersecurity risks associated with third-party vendors, ensuring they also adhere to robust security standards and practices.
Mamona Ransomware: A Persistent Cyber Threat
Impact: It targets computer systems, encrypts files, and demands a ransom for their decryption. Once it infects a device, it appends the "HAes" extension to all affected files, rendering them inaccessible. It employs double extortion, threatening to leak stolen data if the ransom is unpaid. The ransomware spreads through phishing emails, malicious downloads, and network vulnerabilities. Since decryption without the attackers’ key is nearly impossible, prevention through backups, security software, and awareness remains the best defense.
Recommended Actions
- Implement Network Segmentation by dividing the corporate network into isolated segments to limit ransomware spread if one section is compromised.
- Restrict unnecessary access to sensitive data.
- Develop and Test an Incident Response Plan by establishing a ransomware response strategy that includes steps for isolation, investigation, data recovery, and legal reporting.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ReBIT is an ambitious, employee-first enterprise IT and software development organization that believes in empowering our teams to grow and perform to their full potential. We are a subsidiary of Reserve Bank of India driven by our passion for emerging technologies and powered by exceptional talent that contributes to ReBIT's mission.
Current Job Openings
Manager (IC) - Threat Hunting
Architect - Application Security SSDLC
Cyber Security Manager - Risk Assessment
and more...
We’re looking for candidates who have a zeal for technology and innovation. Check out our careers page for opportunities to work with us!
|
|
|
|
|
|
|
|
|
|
502, Building No 1, Mindspace Juinagar, Nerul,Navi Mumbai – 400706
|
|
|
|
You are receiving this email as you signed up for our newsletter.
Want to change how you receive these emails?
You can Unsubscribe here.
|
|
|
|
|
.jpg)
.jpg)
.jpg)
