VIF Cyber Review: December 2022
Anurag Sharma, Associate Fellow, VIF

NATIONAL

Minister for Electronics and IT launched ‘Stay Safe Online’ campaign & ‘G20 Digital Innovation Alliance’ as part of Bharat’s G20 Presidency.

On 28 December 2022, the Minister for Electronics and Information Technology, Communications and Railways— Ashwini Vaishnaw launched the ‘Stay Safe Online’ campaign and the ‘G20 Digital Innovation Alliance’ (G20-DIA). Ministry of Electronics and Information Technology (MeitY) is the nodal ministry for the G20 Digital Economy Working Group (DEWG) and has represented Bharat in numerous working groups and ministerial sessions during previous presidencies. In Bharat’s tenure of G20 Presidency, MeitY will focus on three areas— i) Digital Public Infrastructure (DPI), ii) Cyber Security, and iii) Digital Skill Development (DSD).

Addressing the event, the Minister said, “Bharat [India] believes in the philosophy of inclusion. Bharat’s population scale and open source ‘public digital platforms’ such as UPI and Aadhaar have delivered economic and social inclusion and spurred innovation. The two campaigns launched today have the humanitarian way of thinking.”

The objective of the 'Stay Safe Online' campaign is to raise awareness among Internet users about how to stay safe while surfing the web. This campaign will make citizens of all ages, particularly children, students, women, senior citizens, the disabled, teachers, faculty, Central/State Government officials, and others, aware of the cyber risk and how to deal with it. To reach a wider audience, the campaign will be carried out in Hindi, English, and local languages. [1]

MoS for Electronics and IT held public consultation with over 200 stakeholders on the DPDP Bill 2022

On 23 December 2022, the Minister of State for Electronics and Information Technology and Skill Development & Entrepreneurship— Rajeev Chandrasekhar met over 200 stakeholders to discuss and deliberate on the Digital Personal Data Protection (DPDP) Bill 2022. Public consultations were open until 02 January 2023. The attendees included representatives from industry, think-tanks, law firms, consumer and citizen rights group. “Bill will act as a kinetic enabler for personal data protection while catalysing data led innovation and start-up ecosystem. Post the bill, the intermediaries will have to go for deep behavioural changes, and it will no longer be business as usual for them,” said MoS Chandrasekhar.

The stakeholders made numerous suggestions regarding various clauses of the Bill, such as the penalty regime for data fiduciaries, obtaining parental consent for children, cross-border data flows, and consent managers and how the government intends to regulate them, among many others. The Minister also clarified the deemed consent clause for government data access. [2]

“Bharat (India) will chart its own course on the future of Internet”: MoS Chandrasekhar

Speaking at a session at the India Global Forum held in Dubai, UAE, on 14 December 2022, the Minister of State for Electronics and Information Technology and Skill Development & Entrepreneurship— Rajeev Chandrasekhar said over 820 million Internet users deserve to have their own way to decide what kind of internet they want. “European GDPR (General Data Protection Regulation) is considered a gold standard for privacy and data protection. But we [Bharat] would like to disagree. With more than 820 million internet users, we have the largest presence on global internet and deserve an opportunity to shape our own destiny. We will chart our own course and build a framework suitable for us,” said MoS Chandrasekhar.

On Digital Personal Data Protection (DPDP) Bill 2022, the Minister said that “protecting the digital rights of our citizens is an obligation of the Government. But we do not see this as a binary at the expense of slowing down the ecosystem for innovation that exists in India (Bharat) and in partnerships with other countries. The Government would not strongly regulate the Internet but is committed to the principles of open, safe, trusted and accountable internet.” [3]

CERT-In issued advisory on multiple vulnerabilities in Apple iOS and iPdOS

On 15 December 2022, the Indian Computer Emergency Response Team (CERT-In) issued an advisory on multiple vulnerabilities reported in Apple iOS and iPadOS which could allow remote attacker(s) to gain access to sensitive information, execute arbitrary code, spoof the UI, gain elevated privileges, bypass security restrictions or cause denial of service conditions on the targeted system. The vulnerabilities exists in the Accounts, Apple Mobile File Integrity, Core Services, GPU Services, among other components of Apple iOS and iPadOS.

Successful exploitation of these vulnerabilities could allow the attacker(s) gain access to sensitive information, execute arbitrary code, spoof the UI, and bypass security restrictions on the targeted system. [4]
As solutions, the advisory suggests users to apply appropriate software updates as mentioned in Apple’s security updates at: Click here to read...

Tata Group to invest USD 90 billion over 5 years into chip manufacturing in Bharat

In an interview with Nikkei Asia on 08 December 2022, the Tata Sons chairman— Natarajan Chandrasekaran informed the Tata Group plans to begin production of Semiconductors in Bharat in next few years, in order to make the country an essential part of global chip supply chains. Tata Group already have announced a semiconductor design and development partnership with Renesas Electronics, Japan, in June 2022.

According to the India Electronics and Semiconductor Association, the semiconductor market will more than double to USD 64 billion between 2021 and 2026. The ongoing ‘disengagement’ between the United States and China in chip-related technology is causing major chipmakers to seek more diverse supply-chain locations. The Government of India and Tata Group are both looking to capitalise on this shift in order to position Bharat as a new semiconductor hub. The chairman also announced a USD 90 billion investment over the next five years as part of that effort. Aside from semiconductors, the company is in the process of launching new businesses such as electric vehicle (EV) and EV battery production, renewable energy production, and the development of ‘super apps’ that allow users to purchase goods and services ranging from groceries to financial products. [5]

Since 2018, stolen data of 6,00,000 Indians sold on Bot markets, claimed study by Nord VPN

According to the study conducted by one of the world’s largest VPN service providers— NordVPN, since 2018, around five million people worldwide, including 6,00,000 Indians, had their data stolen and sold on the Bot market. Bot markets are used by hackers to sell stolen data from victims’ devices with bot malware. The stolen data included user logins, cookies, digital fingerprints, screenshots and other information, with the average price for the digital identity of a person at ₹490 Indian rupees (USD 6.03/USD 1=₹81.14).

As reported by The Times of India, a week after the ransomware attack on AIIMS in November 2022, the Indian Council of Medical Research (ICMR) faced around 6,000 hacking attempts within 24 hours. [6]
Bharat’s cybersecurity rules have tightened in 2022, with the Indian Computer Emergency Response Team (CERT-In) requiring tech companies to report data breaches within six hours of noticing such incidents and to maintain IT and communications logs for six months. [7]

INTERNATIONAL

Hackers claimed to stole data from multiple electric utilities in a ransomware attack in the US

An unidentified group of hackers claimed to stole data belonging to multiple electric utilities of US government contractor, in a ransomware attack held in October 2022. In a memo distributed to power company executives in December 2022 by the North American Grid Regulator's Cyber-Threat Sharing Centre, it is stated that while private investigators searched the Dark Web for stolen data, US Federal officials kept an eye on the incident for any potential wider effects on the US power sector.

An engineering firm— Sargent & Lundy, with offices in Chicago, was the target of the ransomware attack. The company has designed over 900 power plants and thousands of kilometres of power lines, and holds sensitive project data. According to the memo shared by the Electricity Information Sharing and Analysis Centre, there is no indication that the “model files” and “transmission data” that Sargent & Lundy used for utility projects, which were stolen, are available on the Dark Web. [8]

LockBit ransomware gang claimed cyber-attack on Port of Lisbon Administration

On 25 December 2022, LockBit ransomware gang carried out a cyber-attack on Port of Lisbon Administration (APL) and claimed to steal financial reports, audits, budgets, cargo information, ship logs, customer PII (personal identifiable information), and more. According to the statement released by APL, “cyber-attack did not impact the port’s operations. All safety protocols and response measures provided for this type of occurrence were quickly activated, the situation being monitored by the National Cybersecurity Center and the Judicial Police.”

The ransomware gang demanded the ransom of USD 15,00,000 and also gave the possibility to delay the publication of the data by 24 hours by paying USD 1,000. The LockBit gang is currently at the third version of their encryptor that powers the notorious RaaS (Ransomware as a Service) project, and one of the most prolific gangs of 2022. [9]

International Police shut down 48 DDoS-for-hire services, arrested 07 alleged administrators

The Europol, on 15 December 2022, announced that the International Police shut down around 48 popular websites, mainly Distributed Denial-of-Service (DDoS), that allowed paying users to launch DDoS attacks, and arrested seven alleged administrators of these websites. According to the US Department of Justice (DOJ), the accused disguised their sites as services that could be used for network testing but actually sought money for conducting DDoS operations against educational institutions, government agencies, gaming platforms, and millions of individuals worldwide. DDoS function by flooding websites with spam traffic, rendering them inaccessible.

The Operation— “Power Off” operation was carried out by law enforcement authorities in the US, the UK, Germany, Poland, and the Netherlands. According to the DOJ, the takedown occurred less than two weeks before the Christmas holiday, which normally results in a large rise in DDoS attacks across the gaming sector. [10]

US extended ban on military and surveillance tech sales to China

On 15 December 2022, the US administration extended a ban on commercial exports of advanced US technology that it said “aids Beijing’s military and hypersonic programs and enables Human Rights violations. The decisions come a month after US President Biden and Chinese President Xi Jinping met in Bali to try to put a “floor” under the relationship’s downward spiral. The Chinese government has accused the US administration of abusing export regulations in order to wantonly hinder and handicap Chinese firms and keep its sci-fi hegemony.

The Entity List includes 36 Chinese firms that are effectively prohibited from getting US technology. All but one, a Chinese subsidiary based in Japan, are based in China. Significantly, 21 of the newly listed corporations are also subject to a new regulation— Foreign Direct Product Rule (FDPR), which prohibits foreign companies from selling to Chinese entities anything manufactured with American technology or equipment. [11]

US National Cyber Director visited Japan to bolster digital cooperation

In December 2022, the United States’ National Cyber Director— Chris Inglis visited Japan to advise government officials posted there on strengthening cyber security defences. The visit was an effort to improve cyber security cooperation with a key alley (Japan) in Asia amid a strained relationship between the US and China. According to Mark Montgomery, former executive director of the Cyberspace Solarium Commission (CSC) and current director of the Centre on Cyber and Technology Innovation (CTI) at the Foundation for Defense of Democracies (FDD), the Biden administration wants to encourage all friendly nations to speed up their investments in cybersecurity. “Boosting cybersecurity collaboration with Japan is crucial for the US amid increasing cyber threats from China, North Korea, and Russia,” said Atlantic Council Cyber Statecraft Initiative Program Assistant Jen Roberts. [12]

Endnotes :

[1] “Shri Ashwini Vaishnaw launches ‘Stay Safe Online’ Campaign and ‘G20 Digital Innovation Alliance’ as part of India’s G20 Presidency”, Press Information Bureau- Ministry of Electronics and IT, 28 December 2022, accessed on 02 January 2023, available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1887114
[2]https://pib.gov.in/PressReleasePage.aspx?PRID=1886126
[3]https://pib.gov.in/PressReleasePage.aspx?PRID=1883518
[4]https://cert-in.org.in/
[5]https://asia.nikkei.com/Business/Tech/Semiconductors/Tata-to-enter-chipmaking-in-India-Chairman-Natarajan-Chandrasekaran?del_type=1&pub_date=20221208190000&seq_num=2
[6]https://timesofindia.indiatimes.com/india/after-cyberattack-on-aiims-icmr-website-faces-6000-hacking-attempts/articleshow/96031036.cms
[7]https://www.reuters.com/technology/stolen-data-600000-indians-sold-bot-markets-so-far-study-2022-12-08/
[8]https://edition.cnn.com/2022/12/27/politics/hackers-data-utilities-ransomware-sargent-lundy/index.html
[9]https://www.bleepingcomputer.com/news/security/lockbit-ransomware-claims-attack-on-port-of-lisbon-in-portugal/
[10]https://therecord.media/police-shut-down-48-ddos-for-hire-services-arrest-7-alleged-administrators/
[11]https://www.washingtonpost.com/national-security/2022/12/15/china-military-tech-export-ban/?utm_source=substack&utm_medium=email
[12]https://www.cyberscoop.com/chris-inglis-to-visit-japan/

Contact Us