Cyber Review - July 2024

National

China-backed Phishing attack targeted Bharat’s “India Post” system users.

Smishing Triad— a China-based hacking group waged text message-borne phishing attacks against individuals in Bharat, using the “India Post” messaging system as a lure. The threat actors targeted iPhone users with iMessage, falsely claiming a package was awaiting collection at an India Post warehouse. The deceptive messages contain URLs leading to fraudulent websites. According to a report from Fortinet FortiGuard Labs, “between January and July 2024, more than 470 domain registrations were mimicking India Post’s official domain, with the majority registered via Chinese and American domain registrars.” FortiGuard Labs discovered phishing emails sent via iMessage using third-party email addresses like Hotmail, Gmail, and Yahoo. Apple ID accounts configured with these third-party emails send malicious messages containing short URLs that direct recipients to fraudulent websites.^[1]

A Ransomware attack on a technology service provider disrupted banking services for around 300 small banks across Bharat.

According to a Reuters report, a ransomware attack on C-Edge Technologies has crippled banking services for nearly 300 small banks across Bharat. As a precautionary measure, the National Payment Corporation of India (NPCI) temporarily isolated C-Edge from its system, preventing affected banks from accessing crucial financial services. The average cost of data breaches in Bharat has surged to $2.18 million in 2023, marking a 28 per cent increase since 2020. The latest attack underscores the urgent need for enhanced cyber security measures within the banking sector.^[2]

In Q2 of 2024, global cyber-attacks surged 30 per cent, with Bharat seeing a steep rise of 46 per cent.

According to a report by Checkpoint Research, in the second quarter (Q2) of 2024, worldwide cyber-attacks have increased by 30 per cent. In contrast, Bharat experienced a particularly sharp rise of 46 per cent year-over-year. After Taiwan, organisations in Bharat witnessed an average of 3,201 attacks per week, the second-highest recorded in the Asia-Pacific region. Globally, the education and research sectors were the most targeted, with an increase of 53 per cent in attacks compared to Q2 of 2023, with an average of 3,341 weekly attacks per organisation. Government and military establishments followed, faced 2,084 attacks per week, while healthcare organisations faced 1,999 attacks per week, a 15 per cent increase from the previous year.^[3]

Bharat hosted a Colombo Security Conclave seminar on cyber security.

On 30-31 July 2024, the National Security Council Secretariat (NSCS) and National Forensics Science University (NFSU) jointly organised the second edition of the Colombo Security Conclave on “Exchange of Information on Legislations, Cyber Policies, and Incident Mitigation”, along with a Joint Working Group (JWG) meeting on cyber security. The seminar aimed to foster a collaborative and unified approach to protecting Critical Infrastructure, addressing cyber-crime, improving incident response mitigation, and exploring emerging technologies.^[4]

International

The Chinese president called for a ‘Smart System’ to boost China’s border defence.

During a group study session on 30 July, attended by the Communist Party’s 24-member Politburo, Chinese President Xi Jinping called for more significant optimisation of technology and the deployment of a ‘smart system’ for border defence to meet new challenges and opportunities. “Enhance the development of new methods and conditions for border, maritime, and air defence, and build a comprehensive and smart management and control system,” highlighted President Xi. The discussion aligned with President Xi’s repeated urge to improve the use of advanced technology in the armed forces to meet the modernisation goals by 2027 and achieve the goal of building a world-class military by 2050.^[5]

The Australian government announced a plan to protect against cyber threats to the Australian healthcare sector.

Australia’s Minister for Home Affairs and Cyber Security— Clare O’Neil, declared that $ 6.4 million would be invested towards an Information Sharing and Analysis Centre (ISAC). The centre would connect industries and allow the sharing of information regarding cyber threats and methods of mitigation and response across businesses, non-profits and government organisations. “Healthcare providers hold highly sensitive data, and they often struggle with building and funding strong cyber protections. That’s why healthcare providers are one of the most common, and most damaging, targets of cyber-attack. This is a pattern we see all over the world. Cybercriminals know that every Australian depends on these essential services – and that they cannot afford to be offline over extended periods,” said Minister O’Neil.^[6]

By 2030, Australia could have 200,000 AI tech workers.

According to a Technology Council of Australia (TCA) report, a surge in Artificial Intelligence (AI) can generate 200,000 AI-related work opportunities in Australia by 2030. The projection provides opportunities for current tech workers and other professionals to secure well-paid jobs and build careers in a rapidly growing sector. The report, supported by Microsoft, LinkedIn, and WorkDay, states that realising this opportunity will require a 500 per cent growth in AI jobs over the next seven years. These roles will span both tech and non-tech fields, from developers to those marketing and selling AI products and those managing personnel involved with AI.

In 2014, Australia’s AI workforce included just 800 AI workers, whereas in 2023, the count rose to 33,000, accounting for about 4 per cent of the total local technology workforce.^[7]

In the Southeast U.S., Ransomware attacks disabled computers at the Blood Centre serving 250 hospitals.

A ransomware attack disabled computers at a blood centre, OneBlood, serving most of the Southeastern United States. The attack disabled the blood centre’s IT system, forcing it to operate at a reduced capacity in Florida, Georgia, and the Carolinas. “To manage its blood supply, the blood centre was asking more than 250 hospitals to activate their critical blood shortage protocols. The blood centre also was using manual processes to maintain basic operations,” said an official based on anonymity.^[8]

Endnotes

^[1]Eddy, Nathan. “China-backed Phishing attack targets India Postal System users”, DarkReading, 29 July 2024, available from: https://www.darkreading.com/endpoint-security/china-backed-smishing-campaign-targets-india-post-users [2] ; Kumar, Bablu. “Phishing Campaign Targeting Mobile Users in India Using India Post Lures”, Fortinet, 25 July 2024, available from: https://www.fortinet.com/blog/threat-research/phishing-campaign-targeting-mobile-users-in-india-using-india-post-lures [3]
^[2]Pathak, Priya. “Ransomware attack cripples hundreds of small banks in India: Details”, FE TechBytes, 31 July 2024, available from: https://www.financialexpress.com/life/technology-ransomware-attack-cripples-hundreds-of-small-banks-in-india-details-3570382/ [4]
^[3]TOI Tech Desk. “Global cyber-attacks surge 30% in Q2 2024, India hit hard”, Times of India, 21 July 2024, available from: https://timesofindia.indiatimes.com/technology/tech-news/global-cyber-attacks-surge-30-in-q2-2024-india-hit-hard/articleshow/111899167.cms [5]
^[4]“India hosts Colombo Security Conclave seminar on cyber security”, Devdiscourse, 31 July 2024, available from: https://www.devdiscourse.com/article/science-environment/3037315--india-hosts-colombo-security-conclave-seminar-on-cyber-security [6]
^[5]Wang, Amber. “Xi Jinping calls for hi-tech ‘smart system’ to boost China’s border defence”, South China Morning Post, 01 August 2024, available from: https://www.scmp.com/news/china/military/article/3272680/chinas-xi-jinping-calls-hi-tech-smart-system-boost-border-defence [7]
^[6]Croft, Daniel. “O’Neil announces plans to protect healthcare industry from cyber crime”, Cyber Daily, 01 August 2024, available from: https://www.cyberdaily.au/security/10767-oneil-announces-plans-to-protect-healthcare-industry-from-cyber-crime [8]
^[7]“AI to create 200,000 jobs in Australia by 2030”, Tech Council, 02 July 2024, available from: https://techcouncil.com.au/newsroom/ai-to-create-200000-jobs-in-australia-by-2030/ [9]
^[8]“Ransomware attack disables computers at blood center serving 250 hospitals in southeast US”, Associated Press, 01 August 2024, available from: https://apnews.com/article/blood-center-cyberattack-ransomware-florida-d82905237830b55fbbad30acee116893 [10]