Cyber Review - April 2023
Anurag Sharma, Associate Fellow, VIF

National

Quad nations will cooperate on information exchange to strengthen cyber defence.

The Quad nations— Bharat, Japan, Australia, and the United States (US) begun working on strengthening their coordination on the information sharing on cyber-attacks targeting the Critical Infrastructure (CI). Gathered attack data will enable each country to prepare cyber defensive measures swiftly.

The Quad framework aims to reach a consensus at their summit in Australia in late May 2023. In modern warfare, cyber-attacks are often used to disrupt social systems before physical attacks such as missile strikes. Cyber-attacks like Distributed Denial-of-Service (DDoS) attacks, in which massive volumes of data are delivered to overpower and disable services, are getting increasingly sophisticated. Once the source and techniques of an attack intended at one of the four nations were known, it would be easier for the others to fight against it.[1]

“IP theft, cyber security and accidents top 3 threats for Indian industry”: India Risk Survey 2022

According to a FICCI report, India Risk Survey 2022, released on 19 April 2023, intellectual property (IP) theft, information and cyber security threats, and accidents have been ranked as the top three threats in Bharat. The report also highlighted that the lowest risk is associated with terrorism and insurgency. With the help of the India Risk Survey 2022, business leaders will be better able to assess their vigilance toward disruptive events like rapid digitalisation, accidents, and corporate espionage in the future and improve risk mitigation strategies.

IP theft is one of the top risks for the manufacturing and information technology (IT) industries, while corporate espionage is ranked second after cyber security concerns in the consulting industry.[2]

“New IT fact-checking unit will not censor journalism”, said MoS for Information Technology (IT)— Rajeev Chandrasekhar.

While speaking at an online discussion on 14 April, the Minister of State for Information Technology— Rajeev Chandrasekhar, said, “A proposed Bhartiya government unit to fact-check news on social media is not about censoring journalism nor will have any impact on media reportage.” The recent amendments in IT regulations require online platforms such as Meta’s Facebook and Twitter to ‘make reasonable efforts’ not to publish, share or host any information relating to the government that is ‘fake, false or misleading’.[3]

UIDAI-IIT Bombay collaborates to develop a touchless biometric capture system.

As a part of the Memorandum of Understanding (MoU), the Unique Identification Authority of India (UIDAI) joined hands with the Indian Institute of Technology, Bombay (IIT-Bombay) to develop a solid touchless biometric capture system for convenient use by people anytime, anywhere. Once completed and operational, the touchless biometric capture technology will allow fingerprint authentication from home, similar to face authentication. The new method will capture many fingerprints simultaneously, increasing the authentication success rate. Once implemented, the new system will supplement the existing Aadhaar ecosystem services.

Such a system will use an ordinary mobile phone that is accessible to most users and has a positive user experience, together with an intelligent combination of signal or image processing, machine learning, and deep learning. This will help the Universal Authenticator (UA) become a reality.[4]

International

Multi-nation effort ‘Operation Cookie Monster’ taken down the Genesis Market.

In a joint operation— ‘Operation Cookie Monster, on 04-05 April 2023, involving judicial and law-enforcement agencies in the United States (US), nine European countries, Australia, Canada, and the United Kingdom (UK), Genesis Market was taken down. The Genesis Market was a criminal marketplace accessible via the Dark Web and Clear Web that sold packages of stolen account credentials, including usernames, passwords, e-mail addresses, bank details, and social media access information. The credentials had been stolen from Malware-infected systems worldwide and were subsequently used by cyber-criminals to carryout cyber-enable frauds.

Europol and Eurojust supported the coordinated ‘Operation Cookie Monster’. In operation, the infrastructure and activities of the Genesis Market were dismantled, and the law-enforcement agencies of 13 nations carried out over 100 arrests and more than 200 search operations of Genesis Market customers who had purchased stolen account access credentials.[5]

“China building capabilities to hijack enemy satellites”: US Intelligence report

Citing a leaked US intelligence report from the Central Intelligence Agency (CIA), the Financial Times, on 21 April 2023, reported that China is building hacking capabilities that will allow it to ‘control’ enemy satellites. The report assessed that the plan to ‘deny, exploit or hijack’ enemy satellites is a core part of China’s goal to control information, which China considered a key ‘war-fighting domain’.

A day before, General Bradley Chance Saltzman told CNBC that Washington’s rivals [Russia and China] might use lasers and dazzlers that interfere with cameras to prevent the collection of the satellite’s imagery. “We are seeing satellites that can grab another satellite, grapple with it and pull it out of its operational orbit. These are all capabilities they are demonstrating onorbit today, so the mix of these weapons and the pace with which they have been developed are very concerning," said Saltzman.[6]

China amended its law to classify some cyber-attacks as ‘acts of espionage’.

On April 26, 2023, the Chinese government enacted an amendment to its counter-espionage legislation that would, among other things, allow individuals to be prosecuted as spies if they target Critical Infrastructure or governmental entities with cyber-attacks. China’s Standing Committee of the National People’s Congress (NPC) passed the revised version of the 2014 law and will go into effect on 01 July.

According to the amendment, “acts of espionage” now formally include ‘network attacks or intrusions, targeting State organs, units involved with secrets, or Critical Information Infrastructure (CII)’ perpetrated or funded by spying agencies/organisations and affiliated agents. Broadly, the espionage law also applies to agencies, organs, individuals, or other collaborators domestically or outside China who are involved in cyber-attacks.[7]

Apple’s high-security mode blocked NSO spyware: claimed Researchers.

On 18 April 2023, the cyber security and human rights research group— The Citizen Lab released a report analysing three ‘Zero-day exploits in iOS 15 and iOS 16 and claimed that the new feature in Apple— Lockdown Mode helped block an attack by hackers using NSO spyware. Lockdown Mode was designed to reduce the iPhone’s attack surface.

The iPhones of the targets blocked the hacking attempts and displayed a notification stating that Lockdown Mode barred access to the phone's Home app. The researchers point out, however, that it is feasible that the exploit creators at NSO sometimes discovered a solution to the notification problem, perhaps via fingerprinting Lockdown Mode.[8]

Endnotes

[1]Miki, Rieko. “Quad countries to bolster cyber defense with information sharing”, Nikkei Asia, 25 April 2023, available from: https://asia.nikkei.com/Politics/Defense/Quad-countries-to-bolster-cyber-defense-with-information-sharing
[2]PTI, “IP theft, cyber security & accidents top 3 threats for Indian industry: Survey”, The Economic Times, 19 April 2023, available from: https://economictimes.indiatimes.com/news/company/corporate-trends/ip-theft-cyber-security-accidents-top-3-threats-for-indian-industry-survey/articleshow/99621002.cms
[3]Reuters. “India says new IT face-checking unit will not censor journalism”, Reuters, 14 April 2023, available from: https://www.reuters.com/world/india/india-says-new-it-fact-checking-unit-will-not-censor-journalism-2023-04-14
[4] “UIDAI-IIT Bombay join hands to develop touchless biometric capture system”, Press Information Bureau- Ministry of Electronics and IT, 10 April 2023, available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1915321
[5] “Online market selling stolen account credentials to criminals worldwide taken down in multi-country effort dubbed Operation Cookie Monster”, European Union Agency for Criminal Justice Cooperation, 05 April 2023, Available from: https://www.eurojust.europa.eu/news/takedown-online-market-sold-stolen-account-credentials-Operation-Cookie-Monster
[6]Martin, Nik. “China building ability to hijack enemy satellites: report”, DW, 21 April 2023, available from: https://www.dw.com/en/china-building-ability-to-hijack-enemy-satellites-report/a-65392829
[7]Reddick, James. “China revises law to include certain cyberattacks as ‘acts of espionage’”, The Record, 26 April 2023, available from: https://therecord.media/china-beijing-cyberespionage-law-revised
[8]Franceschi-Bicchierai, Lorenzo. “Apple’s high security mode blocked NSO spyware, researchers say”, Tech Crunch, 18 April 2023, available from: https://techcrunch.com/2023/04/18/apple-lockdown-mode-iphone-nso-pegasus/

Contact Us