New Delhi, India
Mon-Sat, 8.00-18.00. Sunday CLOSED
Nowadays, The novel coronavirus not showing any sign of going slow on its world tour, although it has captured all the views of lockdown and falling Economies and now another invisible and overlooked hazard is taking place to help in global crises in the form of Cybercrimes. The report generated by the cybercrime experts witnessed that cybercrime activities raised two or three times more from the past few weeks. From WHO, MSMEs, MNCs to an individual, nobody is secure from that wrongdoers as they are not sparing anyone. Hence, Security has become a major concern for the whole I.T. Infrastructure.
This Virus is not only affecting the physical health of humans but also largely affecting the economical pillars of the country. In this pandemics, all the business areas are largely affected but IoT i.e. Internet of Things is the only network that is largely unaffected due to this lockdown. All the ongoing projects are paused and enterprise technologies turned off even the demands for new projects/ devices/ services are declining. Since IT services using IoT is the one whose work is still in progress but other viruses amongst the humans are showing their faces by affecting this area through cyber-attacks.
Due to this lockdown, the work from home policies are going on. Hence all the confidential data is floating amongst the employees via the internet. They are working outside of their protected networks. Therefore it’s a favorable situation for the attackers to hack the crucial data of companies.
According to the research performed by the Checkpoint, “71% of security engineers have noticed a rise in security threats or attacks since the beginning of this pandemic outbreak.”
The most observed are as follows:
- Email phishing Campaigns
- Fraud webpages or sites claiming to collect donations
Virus attacks – Spyware, Malware, Ransomware, and Covid-19
In this outbreak, I.T services is the only one who is keeping hope in peoples as they are accessing social media, entertaining application to watch movies or series and giving access/ permissions to share their personal information readily available on their phone, laptops or social media. The I. T. services keep an eye on the transfer of data, online transactions, and vulnerable activities. All these activities invited those attacks. Spyware steals the personal data of the users such as bank account details, passwords while online payment activities are going on. On the other side, Ransomware takes over the controls of logins and other credentials of individuals. These attacks are largely affecting the I.T. Infrastructure services not only financially but also otherwise.
Banking Frauds, EMI moratorium Frauds- Phishing Attacks
The role of I.T. services also exceeding in banking sectors also. The banks are working with the limited resources with Internet banking and phone banking and Cyber-attacks are encountering there also. The phishing emails or SMSes to bank customers and get the sensitive information of their accounts and also targeting the loan holders to discuss paying EMIs. Hence refrain from clicking on links from unknown resources and sharing sensitive information.
Examples of Covid-19 themed Cyber-attacks are:
- SC seeks centers that responded on the ban on Zoom due to its privacy, security issues.
- Data of 3.5 million Zoom care customers up for sale
- SBI warns customers on the Cerberus banking virus.
- Israel websites targeted in major cyber attacks
- And many more…
Security Attacks in I.T. Infrastructure:
Attacks are generally are of two types Passive and active and they can be launched at different layers of the protocol stack. The attacks can take place as follows:
- Attacks by dropping packets:
This is done by dropping the packets in the normal operational program. The attacker can drop the method via Blackhole or gray hole. In a black hole, the attacker drops all types of the packet such as control as well as data. Because of that, the packets of original programs are transferred to the attacker and then he can control them. In a gray hole, the attacker sends selective packets depending upon the intention of dropping the attack. On a particular node so that all the data from that node will be navigated to the attacker.
- Attacks using Impersonation:
This type of attack could be launched on attacker node masquerading as another node. The attacker node changes its identity by changing it with their own identity or MAC address to that of some benign node. This offers an attacker an initial point to do subsequent attacks.
- Attacks using fabrication:
This can be done by fabricating the messages either by falsifying route error message, routing cache poisoning in DSR, routing table, or overflow attacks. Falsifying provides a malicious node by sending false route errors against the benign node. In route-cache poisoning in DSR, it attacks any neighboring nodes that overhear the transmission which gets added to the route to their route cache. And in an overflow attack, the attacker adds the vulnerable programs to the table overflow attacks.
Techniques used by I.T Infrastructure to mitigate the attacks:
- Using firewalls
- Security scanning
- Protection of APIs
- Auditing and Logging
- Input Validation
- Access Controls
- Segregation of Duties
It’s essential to implement the security mechanism with all the storage like cloud and database. There are many Virus influencers are available such as Hoax Virus Communication which is having indicators and elements of hoax virus such as:
- Warning announcement/ cautionary statements
- Pernicious, devastating malware
- Offered expertise and solutions
- Technical Jargons
- Credibility bolstering
- Transmission / Perpetual requirements
All this altogether builds a secure I.T. Infrastructure to avoid Security or cyber-attacks. The MNCs providing I.T. services are reframing their security policies in order to deal with the raised COVID-19 themed cyber-attacks.
Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say. Security used to be an inconvenience sometimes, but now it’s a necessity all the time.
-- Vaibhavi Kengale