Some Recent Cyber Security Attacks

The spread of internet among the population is getting deeper day by day. This not only increases the scope of e-governance and e-commerce in the fields of healthcare, banking, power distribution etc., but also causes cyber threats like hacking, credential theft, data temporing, account kidnapping etc. According to a report, around 62,189 cyber security incidents occurred, mainly from countries such as America, Europe, Brazil, Turkey, China, Pakistan, Bangladesh, Algeria and UAE, in the January-May 2014 period. In addition, about 10,000 sites of the Government of India were compromised during this period. India has a serious system of IT security professionals to effectively deal with such behaviors. According to a report, India needs about one million cyber security professionals to effectively deal with cyber threats.

Some recent cyber crime events: In the current section, we will discuss some common cyber crimes and casual events on the Internet, so that you can understand how this small ignorance can cause a major destruction.

1. PayPal is an international online money transfer service, which allows you to transfer money via the Internet using various encryption techniques and offers other traditional payment methods such as checks, money orders, etc. It has an active user base of more than 100 million active users in 190 countries and pays more than 9 million per day. It is one of the popular means of payment on online auction sites like eBay etc. It is especially a convenient medium for the trade of buyers and vendors that are from different countries and their currencies are different. The Romanian hacker Tinkode alias Razwan Carniyanu removed a flaw in the code of PayPal’s chargeback process. Due to this, the user can double their money in every effort. Suppose the user has Rs 1000, then using this flaw, the amount will double in the first attempt to double Rs 2000. Now in the second attempt, it will double Rs 2000 to Rs 4000. Apart from this, Rs 4000 will be doubled to Rs 4000. 8000. Similarly, this process will also continue endlessly.

2. In Australia, a website called MP3/WMA Land provides a large number of pirated songs, music video clips to its users for free download. As a result, artists and makers of those songs suffered heavy financial losses. The complaint was dismissed by an organization called Music Industry Piracy Investigations. The website owner, NG, Tran and Le, who were students of Australian University, were implicated for Australia ‟’s largest copyright violation case (Urbas, 2012).

3. An interesting case of online chase was registered by Mrs. Ritu Kohli in Delhi Police (Kaur, 2013). He said that a person is using his identity for chatting on www.mirc.com website on the Internet, and he also distributed his address and phone number. As a result, he received a large number of phone calls from all places including Dubai, Ahmedabad, Mumbai etc. at an odd -time. This caused him a lot of mental disappointment and decided to report the case. Based on his complaint, Delhi Police traced the IP address and eventually arrested the accused Manish Kathuria and arrested him. An NRI in Dubai was blackmailed, and by the time the case came to light, he had given about Rs 1.25 crore to the accused (Madhya Pradesh State Cyber Police, 2013). NRI met a girl on the internet and after several long conversations, the girl won the love and trust of NRI. Meanwhile, she introduces him to many of her friends. Due to some reasons, this relationship could not last long. After some time, a friend of the girl ‟, who was introduced by the girl, tells her that the girl has committed suicide due to the mental stress of a broken relationship and the police is investigating the case.

Several fake copies of letters of CBI, Calcutta High Court, New York Police and Punjab University etc. were also sent to NRIs. NRI sought help from the girl’s friend, who in turn introduced her to a law firm in Kolkata. The owner of the law firm agreed to take the matter. A large amount of money was demanded by the legal firm and a total of more than 1.26 crore funds were transferred on various occasions, yet they deposited more funds. The NRI smelled some disturbance and informed the Mumbai Police about the case. The NRI forwarded all the emails received from the girl, her friend and the owner of the law firm. After the forensic derivative of the email, the IP address of the three individuals was found to be obtained from the same source. After investigation, it was found that the identity of the girl and her friends was virtual, that is, they do not exist. The owner of the law firm was the mastermind who had made a false identity of all individuals and this false story was coined to blackmail NRI.

4. The virus of Iran ‟in Natanz was attacked by the virus, Staksnet, which is considered developed by the US (Shubert, 2011). It was not possible to inject the virus through the Internet as Iran ‟has a private network of necalty facilities and was different from the rest of the world. The virus first influenced the usefulness of the third party, which is used by Natanj facility and had an impact on the network. The virus was designed to attack a specific system software that controls the operation of cemens controllers. The virus increases or slows down the speed of centrifuge, causing them to deteriorate prematurely. In addition, it hijacked the system and sent incorrect signs about the health and condition of the necalty plant. Therefore, by the time the effect of the virus was detected, it was too late and the virus has greatly damaged the Naculier feature.

5. A trojan mail was used and money was withdrawn to hack the user name and password of the current account of Mumbai -based firm RPG Group. 2.41 crore by Real Time Gross Satellment (RTGS) (Narayan, 2013). Bank officials were suspected when they saw a huge amount of money transfer. He also confirmed this to the officials of the Company ‟who denied the transfer of funds to the nominated accounts. Based on the names and addresses of the account holders receiving the money, the police came to know that the account holders have allowed the main accused to use their account in exchange for a heavy commission.

6. Chennai Police resolved a case of credit card fraud, in which two BPO employees had increased the credit card limit and the communication address of the credit card owner with the help of the son of the accused (Madhya Pradesh State Cyber Police, 2013). He illegally hacked the computer of his company ‟to know the details of the credit card owner. Even before the incident was discovered, his credit card company was cheated for about Rs 7 lakh. Due to the possibility of communication address, the owner of the credit card could not get the stylized monthly details at the end of the month ‟. The case was registered with Chennai Police. After digital forensic examination of the compute system of BPO ‟, it was found that two of its employees have illegal access to the computer to steal customer records.

7. A case of copyright violation came to light in Andhra Pradesh (Nandanwar, 2013). A famous mobile service operator company launched a promotional campaign, in which it offered mobile phones to its customers at a very low price with a 3-year lock-in period. The software of the phone was configured in such a way that the SIM of another company could not work with the SIM handset in the lock-in period. A competitor from that company lured the existing customers of the mobile phone company to “unlock” the phone by cracking mobile software to use any other SIM along with the handset. The company reported the crime and the case was registered under the copyright violation under Section 63 of the Copyright Act.

8. A gang of criminals is active on cyber space, who steals the credit card data of card holders from POS in shopping malls, petrol pumps, restaurants, hotels etc. and uses these cards to book air tickets online. According to reports, more than 15000 credit cards were fraudulently used by these criminals to book tickets online, causing revenue loss of about Rs 17 crore. These criminals use public infrastructure like cyber cafes etc. to book these tickets so that they are difficult to detect. The fraud came to mind when the customers who were charged for booking air tickets and these customers reported to the card -issuing banks claiming that these tickets were never booked by them.

9. In the year 2000, a worm called Love Bug Worm or VBS/Lovelator, which specifically targeted the Windows operating system -based computer system, caused almost cost damage. 22,000 crore rupees. The subject row receives a spam mail with “iloveyou” and love-altter-for-you.txt.vbs as an attachment. If the user clicks on the attachment, the machine gets infected and the worm starts searching all the drives of the computer and starts disrupting the files. It also starts forwarding copies of email to all outlook contacts added to the user’s address book. About 10% of the Internet related machines became infected in no time (Madhya Pradesh State Cyber Police, 2013). Many large organizations, including British Parliament, Pentagon, have to close the email system to prevent the virus from spreading in their network.

10. Online degree fraud is very popular on the Internet these days where online degree is offered by fake universities (Golin, 2003). These diploma mills offer to convert your work experience into degree in exchange for money. These copies are also issued to students on the basis of self-assessment. When students are rejected due to fake degrees, they realize that he has become a victim of online fraud.

11. Can you believe that a fake tweet message can cause a loss of $ 136 billion in a few seconds (Fisher, 2013). The US stock market crashed in response to a fake Twitter message sent through the Hacked Twitter account of the Associated Press, USA, informing two blasts in the White House and the injuries of President Barack Obama. Later, the terrorist group Syrian Electronic Army took responsibility for AP hack on its Twitter feed. Hacking fishing was done by sending e-mail. As soon as the pishing was clicked on the link given in the e-mail, a spyware was installed in the computer and the information stored in the system was sent to the remote server. Using this information, AP’s account was hacked and cheated, affecting the feelings of the investor of the New York Stock Exchange and suffered heavy losses.

12. Recently a new virus, which infects the point of sale (POS) machines and steals customers’ credit card payment records. These confidential data such as PIN code, credit card number, expiration date, CCV number etc. are tracked and sent to hackers to misuse this information for financial fraud.

13. People with bad intentions are not only looking for your personal and confidential data, but are also looking for your communication infrastructure so that your identity can be used to hide their identity so that they are not caught after creating a nouses. The terrorist organization Indian Mujahideen (IM) used Mumbai-based American citizen Kenneth Hewood’s unsafe Wi-Fi network. He hacked her Wi-Fi network and sent an e-mail to a news agency exactly 5 minutes before the Ahmedabad blast, with her IP address (Chaudhary, Nair, and Johnson, 2008).

14. The terrorist used open Wi-Fi network of Khalsa College of Arts, Science and Commerce in Matunga, Mumbai to send terrorists to the media house (The Indian Express, 2008). Terrorists reach the router from a distance and after using the network, the system removes the log, making it difficult to detect the source of email for investigation.

15. Pune -based software engineer, Asma Sandeep Thorve was arrested by the Source Code of Software Products and other confidential information of Brainvisa Technologies by the Economic Offenses Branch of Pune Police on charges of illegally stealing, due to which the company was Rs. 46.5 crore (Times of India, 2009).

16. A new type of crime is developing on the Internet, where a potential trading partner will provide you with an investment and very attractive commission-based business opportunity (Castilo, 2007). Once the person agrees to work with the company, the potential business partner will ask for details such as the address, phone number, photo identity, date of birth etc. After some time, the person will receive a parcel at the address, which will have re -packing instructions as well as a list of addresses where these parcels are to be sent abroad. Actually these goods are purchased using the stolen credit card and the goods are distributed at the address given by the person. If the delivery of the goods is detected by the investigators, the person will be held responsible. The real problem begins when your commission comes. It is in the form of third party checks and is of more amount than you expect. A few days later instructions are obtained to return the additional amount electronically. Once the additional amount is moved electronically, the bank will know that the check is fake and that person will be responsible for this act.

17. Some customers of ICICI Bank were victims of fishing attack (Nair, 2009). Some customers received an email from a person who claimed to be an officer of ICICI Bank. He asked customers to update their account information using a link, which redirect customers on a page that is similar to the webpage of ICICI Bank ‟. The matter was registered by the bank officials when the bank came to know about this fraud when some customers were suspicious and informed the IT department of the bank to verify the source of such emails. Bank officials were surprised to know that the website, which was very similar to the official website of the bank ‟. If the customer used that link to update the credentials of his account by logging into the fake website using his user ID and password, these details will reach the hackers and they can later use this information to log in to the customer’s account and buy money and goods online.

18. Cyber criminals have targeted the gas filling station in the US to investigate credit cards and debit card data. The hacker installed Bluetooth competent credit card skimmers at most gas stations located in southern United States. Customer data, which includes information like account number, PIN, CVV, etc., is mostly used by hackers to extract more than $ 2 million from ATMs located in Manhattan.

19. Hackers used equipment used by law enforcement agencies to purses data from iPhone to steal private photos of women celebrities in the US (Henge, 2014). It is believed that hackers are using alkomsoft phone password breakers and software to log on to Apple ‟site and download backup files in their machines.

20. Many such incidents have taken place when non-friend countries launched cyber attacks to get access to sensitive information. One such incident is that Russia is suspected to be involved in the Hacking of the US financial system (Farbarov, 2014). JP Morgan Chase, one of the major banks, was reported to have been attacked by Russian hackers. Hackers were successful in stealing sensitive data from the bank ‟S server. 21. Recently, a Chinese mobile company Xiaomi was found guilty of sending sensitive data to the Chinese server (Kumar, 2014). This information includes SMS, photograph, contact list etc. without users’ information. This is not the first time that a Chinese company has been suspected of espionage and the US government has banned the use of Chinese equipment in some of its major establishments.

Read Also: