Tag: cyber security

Nationwide awareness campaign on Safer Internet Day to promote safe and responsible use of the internet

The Ministry of Electronics and Information Technology (MeitY) spearheaded a nationwide awareness campaign on Safer Internet Day, observed on February 11, 2025, to promote safe and responsible use of the internet. Organized under the theme ‘Together for a Better Internet’, the campaign aimed to educate and sensitize internet users about cyber hygiene, online safety practices, and emerging cyber threats. This initiative was conducted under the Information Security Education and Awareness (ISEA) program in collaboration with NIC, NIXI, C-DAC, NIELIT, MyGov, NeGD, and various partner institutions. The National Informatics Centre (NIC) played a crucial role in amplifying the outreach efforts through its extensive digital infrastructure and communication networks.

Cyber awareness drive

As part of this extensive campaign, 1,521 awareness workshops were conducted across 35 States/UTs, 599 districts, 493 blocks/tehsils, and 134 gram panchayats, reaching over 3.08 lakh beneficiaries. These workshops covered key topics such as cyber threat mitigation, digital security best practices, and responsible online behavior. Additionally, a series of expert talks, quizzes, and competitions were organized to further reinforce awareness.

Strengthening digital resilience

To maximize outreach, promotional messages and expert interviews were broadcasted on a Pan India basis in 11 major Indian languages, covering vital topics such as cyber hygiene practices, common cyber threats, and the mechanism for reporting cybercrimes through the toll-free National Cybercrime Helpline Number (1930). These messages were disseminated through FM stations, Prasar Bharati, and Vividh Bharati networks, achieving an estimated reach of 2.27 crore listeners. On digital platforms, social media outreach led by MyGov, NIC, and ISEA teams garnered over 5.49 lakh impressions and 63.57 lakh views through 680 creative posts.

An online awareness workshop, titled Navigating the Digital Highway: Safeguarding Your Online Journey’, was also organized for the officials of MeitY and other government ministries, departments, and organizations, engaging 1,217 participants in discussions on digital safety. The session sensitized participants on best cybersecurity practices and also provided demonstrations of insightful security tools, such as PIC2MAP, deviceinfo.me, coveryourtracks.eff.org, stopNCII.org, SecureEraser app, etc. which help in verifying online content authenticity, preventing identity fraud, analyzing device fingerprints, and securing personal data. The workshop was highly appreciated by participants for its practical approach and relevance in addressing contemporary cybersecurity challenges.

About ISEA

The Information Security Education and Awareness (ISEA) Project, implemented by MeitY, aims to strengthen cybersecurity awareness and build skilled human resources in Information Security. The recently approved ISEA Phase-III (October 2023) seeks to develop 2.25 lakh trained individuals in cybersecurity over five years, including 45,000 skilled and certified cybersecurity professionals (CISOs, Deputy CISOs, and aspirants) and 2.3 lakh students and researchers in formal and non-formal courses. Additionally, the project aims to cover over 12 crore beneficiaries from diverse backgrounds—school children, teachers, college students, faculty, women, senior citizens, government employees, MSMEs, and NGOs—through mass awareness initiatives under the Cyber Aware Digital Naagrik campaign.

Bharat NCX 2024 Officially Inaugurated: Strengthening Cyber Defense and Strategic Decision-Making Across India

Daily writing prompt
Who are your current most favorite people?
View all responses

The Bharat National Cyber Security Exercise (Bharat NCX 2024), a landmark initiative to fortify India’s cybersecurity resilience, was inaugurated today at a high-profile ceremony organized by the National Security Council Secretariat (NSCS) in collaboration with Rashtriya Raksha University (RRU). The 12-day exercise is a critical step in preparing India’s cybersecurity professionals and leadership to tackle evolving threats with advanced cyber defense, incident response capabilities, and strategic decision-making.

In his Inaugural AddressLt Gen M. U. Nair, PVSM, AVSM, SM (Retd), the National Cyber Security Coordinator, stated, “Bharat NCX 2024 equips our nation’s cyber defenders and leaders with the skills to mitigate complex threats. From technical exercises to strategic decision-making, this initiative ensures our preparedness to manage crises at all levels.”

Prof. (Dr.) Bimal N. Patel, Vice Chancellor of RRU, delivered the Keynote Address, highlighting the integration of education, research, and innovation in addressing cybersecurity challenges. He remarked, “This exercise not only strengthens technical skills but also prepares leadership to navigate national-level cyber crises through informed decision-making.”

Key Features of Bharat NCX 2024: The exercise includes immersive training on cyber defense and incident response, live-fire simulations of cyberattacks on IT and OT systems, and collaborative platforms for government and industry stakeholders. A Strategic Decision-Making Exercise will bring together senior management from across sectors to simulate decision-making in a national-level cyber crisis, enhancing their ability to respond to high-pressure situations with strategic acumen. The CISO’s Conclave will feature Chief Information Security Officers from government, public, and private sectors sharing insights, participating in panel discussions, and exploring the latest trends and government initiatives in cybersecurity. On the sidelines, the Bharat Cybersecurity Startup Exhibition will showcase innovative solutions from Indian startups, emphasizing their role in enhancing the nation’s cybersecurity infrastructure. The exercise also highlights leadership engagement and capacity building, fostering a unified approach to emerging cyber challenges.

The event runs from November 18 to November 29, 2024, culminating in a comprehensive debrief to consolidate lessons learned and establish best practices in cybersecurity.

*****

Block chains, electronic discovery, cyber-security, robotics, Artificial Intelligence and bio-ethics etc. in their curricula

 As per the provisions of Sections 7(l)(h) and (i) of the Advocates Act, 1961, the Bar Council of India (BCI), is entrusted with the function inter-alia of promoting and laying down the standards of legal education in the country. The legal Education Rules, 2008 lay down the mandatory minimum standards and requirements for legal education in India. The BCI has informed that it periodically reviews and updates the curriculum to ensure that it remains relevant and comprehensive, and that it addresses the changing needs of the legal profession. The BCI has encouraged the law schools to include emerging areas of law, such as Intellectual Property Law, Cyber Law, and Environmental Law, in their curriculum. To make law courses more practical, the BCI has also introduced clinical legal education, which requires students to participate in internships, moot courts, and legal aid clinics. This helps students gain practical experience and develop their skills in a real-world setting. As per vision of Hon’ble Prime Minister the BCI has issued circular to all Universities and Centres of Legal Education to incorporate subjects such as block chains, electronic discovery, cyber-security, robotics, Artificial Intelligence and bio-ethics etc. in their curricula. Requisite Circular has also been issued to include the recently introduced three Criminal Laws i.e. Bharatiya Nyaya Sanhita, 2023, the Bharatiya Nagarik Suraksha Sanhita, 2023, and the Bharatiya Sakshya Adhiniyam, 2023 in the curriculum. Overall, the BCI is aware that curriculum of law courses in India remains comprehensive, practical and relevant to the needs of the legal profession and ensures that the graduates are well equipped to handle contemporary legal challenges.

Although, the BCI oversees the legal profession in India but it does not determine the fees for Advocates or Senior Advocates. Therefore, the matter of providing stipends to the junior advocates are totally at the discretion of the individual advocates and senior advocates. The BCI has further informed that the Delhi High Court vide order dated 25th July, 2024 in the case of Simran Kumari vs BCI & Anrs.,{W.P. (c) 10159/2024} has directed to consider representations regarding payment of minimum stipend to junior lawyers hired by advocates and senior advocates.

The BCI as a regulatory body, maintains the standards of legal education. Several circulars have been issued by BCI to State Governments and Universities to meticulously scrutinise the applications of new law Colleges before granting them NOCs and affiliations. If any deficiencies are found on the part of any Centres of Legal Educations (CLEs), the approval of affiliation are not granted. Moratorium to grant NOCs and affiliation to new law colleges and additional sections in existing centres was issued vide resolution dated 11.08.2019 which was subsequently overturned by Punjab and Haryana High Court in its order dated 04.12.2020. The BCI has also constituted a High-Level Committee headed by a former Chief Justice of High Court to identify such Centres of Legal Education which are not complying with the infrastructural, faculty, library and other requirements of Rules of Legal Education by conducting surprise inspections of these Centres of Legal Education without their knowledge. On the basis of the Report of High-Powered Surprise Inspection Committee, the BCI conducts rigorous inspections of Centres of Legal Educations (CLEs). Further, based on not meeting the standard, several CLEs have been barred from admitting students for the academic year 2024-25. The BCI has also launched Legal Education portal in December 2023, which has detected numerous irregularities committed by these CLEs which invite stringent action by BCI.

Top 10 online courses in india

Top 10 online courses in India 

Due to covid , people starting focus on the online learning and they wanted to explore online courses . These days everyone wants to learn something new and with the help of online learning platform and online courses this is possible to do . 

There are top 10 online courses in India 

1. Data science – 

Data science combines math and statistics, specialized programming, advanced analytics, artificial intelligence (AI), and machine learning with specific subject matter expertise to uncover actionable insights hidden in an organization’s data. These insights can be used to guide decision making and strategic planning.

2. Machine learning –

Machine Learning is the field of study that gives computers the capability to learn without being explicitly programmed. ML is one of the most exciting technologies that one would have ever come across. As it is evident from the name, it gives the computer that makes it more similar to humans: The ability to learn. Machine learning is actively being used today, perhaps in many more places than one would expect.

3. Graphic design – 

Graphic design is a craft where professionals create visual content to communicate messages. By applying visual hierarchy and page layout techniques, designers use typography and pictures to meet users’ specific needs and focus on the logic of displaying elements in interactive designs, to optimize the user experience.

4.  Data Analytics –

Data analytics (DA) is the process of examining data sets in order to find trends and draw conclusions about the information they contain. Increasingly, data analytics is done with the aid of specialized systems and software.

5. Digital Marketing – 

Digital marketing, also known as online marketing, refers to advertising delivered through digital channels to promote brands and connect potential customers using the internet and other forms of digital communication such as: Search engines. Websites.

6. Foreign language – 

A foreign language is any language that is not native to a particular region or person. Obviously, this definition varies from region to region and by the individuals within a particular region. Many countries have more than one official language or contain significant populations that speak their own languages. Foreign language instruction is often required or strongly encouraged in primary and secondary education; there are also numerous methods of adult language instruction. Many people are bilingual or multilingual, that is, fluent in two or more languages; this is an asset in many professions.

7. Programming –

Computer programming is the process of performing a particular computation, usually by designing and building an executable computer program. Programming involves tasks such as analysis, generating algorithms, profiling algorithms’ accuracy and resource consumption, and the implementation of algorithms.

8. Cyber security – 

Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes.

9. Web development – 

Web development is the work involved in developing a website for the Internet or an intranet. Web development can range from developing a simple single static page of plain text to complex web applications, electronic businesses, and social network services.

10. Social media marketing – 

Social media marketing is the use of social media platforms and websites to promote a product or service. Although the terms e-marketing and digital marketing are still dominant in academia, social media marketing is becoming more popular for both practitioners and researchers. 

CYBER CRIME CASE STUDY IN INDIA

Computer Crime Cyber crime encompasses any criminal act dealing with computers and networks (called hacking).Additionally, cyber crime also includes traditional crimes conducted through the internet. For example; The computer may be used as a tool in the following kinds of activity- financial crimes, sale of illegal articles, pornography, online gambling, intellectual property crime, e-mail spoofing, forgery, cyber defamation, cyber stalking.The computer may however be target for unlawful acts in the following cases- unauthorized access to computer/ computer system/ computer networks, theft of information contained in the electronic form, e-mail bombing, Trojan attacks, internet time thefts, theft of computer system, physically damaging the computer system

Cyber Law is the law governing cyberspace. Cyberspace is a wide term and includes computers, networks,software, data storage devices (such as hard disks, USB disks), the Internet, websites, emails and even electronic devices such as cell phones, ATM machines etc.

Computer crimes encompass a broad range of potentially illegal activities. Generally, however, it may be divided into one of two types of categories

(1) Crimes that target computer networks or devices directly; Examples – Malware and malicious code, Denial-of-service attacks and Computing viruses.

(2) Crimes facilitated by computer networks or devices, the primary target of which is independent of the computer network or device. Examples – Cyber stalking, Fraud and identity theft, Phishing scams and Information warfare.

CASE STUDIES

Case no:1 Hosting Obscene Profiles (Tamil Nadu)

The case is about the hosting obscene profiles. This case has solved by the investigation team in Tamil Nadu. The complainant was a girl and the suspect was her college mate. In this case the suspect will create some fake profile of the complainant and put in some dating website. He did this as a revenge for not accepting his marriage proposal. So this is the background of the case.

Investigation Process

Let’s get into the investigation process. As per the complaint of the girls the investigators started investigation and analyze the webpage where her profile and details. And they log in to that fake profile by determining its credentials, and they find out from where these profiles were created by using access log. They identified 2 IP addresses, and also identified the ISP. From that ISP detail they determine that those details are uploaded from a café. So the investigators went to that café and from the register and determine suspect name. Then he got arrested and examining his SIM the investigators found number of the complainant.

Conclusion

The suspect was convicted of the crime, and he sentenced to two years of imprisonment as well as fine.

Case no:2 Illegal money transfer (Maharashtra)

ThIS case is about an illegal money transfer. This case is happened in Maharashtra. The accused in this case is a person who is worked in a BPO. He is handling the business of a multinational bank. So, he had used some confidential information of the banks customers and transferred huge sum of money from the accounts.

Investigation Process

Let’s see the investigation process of the case. As per the complaint received from the frim they analysed and studied the systems of the firm to determine the source of data theft. During the investigation the system server logs of BPO were collected, and they find that the illegal transfer were made by tracing the IP address to the internet service provider and it is ultimately through cyber café and they also found that they made illegal transfer by using swift codes. Almost has been  The registers made in cyber café assisted in identifying the accused in the case. Almost 17 accused were arrested.

Conclusion

Trail for this case is not completed, its pending trial in the court.

Case no:3 Creating Fake Profile (Andhra Pradesh)

The next case is of creating fake profile. This case is happened in Andhra Pradesh. The complainant received obscene email from unknown email IDs. The suspect also noticed that obscene profiles and pictures are posted in matrimonial sites.

Investigation Process

The investigators collect the original email of the suspect and determine its IP address. From the IP address he could confirm the internet service provider, and its leads the investigating officer to the accused house. Then they search the accused house and seized a desktop computer and a handicam. By analysing and examining the desktop computer and handicam they find the obscene email and they find an identical copy of the uploaded photos from the handicam. The accused was the divorced husband of the suspect.

Conclusion

Based on the evidence collected from the handicam and desktop computer charge sheet has been filed against accused and case is currently pending trial.

Hacking is a widespread crime nowadays due to the rapid development of the computer technologies. In order to protect from hacking there are numerous brand new technologies which are updated every day, but very often it is difficult to stand the hacker’s attack effectively. With some of these case studies, one is expected to learn about the cause and effect of hacking and then evaluate the whole impact of the hacker on the individual or the organization.

Pegasus Spyware – Is it a curse to privacy ?

  • Photo from The Guardian YouTube channel


What is the work of Pegasus and What is its origin?

Pegasus owned by a NSO group- a private foundation, which many leading countries believe that it is the most powerful spyware ever created, it was coded to infiltrate into the smartphones of target users, be it IOS or Android, and it converts personal devices into surveillance devices. It is the main product of NSO group which was founded by Niv Carmi, Shalev Hulio and Omri Lavie. It is a Herzliya based company located near Tel Aviv, Israel which was founded in 2010, it is a subsidiary of Q Cyber Technologies group of companies.

What is the actual meaning of a Spyware?

Let’s get this straight, in simple words, a spyware is the term given to a category of software which aims to steal personal or organisational data/information without the consent of host. Once a spyware is successfully installed, it starts sending the data from that computer/mobile in the background to a third-party which is controlling this spyware. This third-party can be any government or The NSO group itself.

Pegasus can bypass your phone’s security and install malware that grants complete access to your device. It can access every message you’ve ever sent and received, every photo, video and email, can turn on your microphone, even when you’re not using a phone call, just record what you’re doing in the room. It can turn on your camera, and is also able to record what’s on your screen, can access your GPS, it can monitor your location. And it is able do all of this without you ever knowing.

So if you think that you are using online chatting apps like WhatsApp owned by Facebook or Signal owned by Moxie Marlinspike and Brian Acton which are famous for end-to-end encryption but this gets meaningless once Pegasus is on your phone. It is virtually undetectable which makes it even more lethal.

History of Pegasus software :

  • To begin with the brief history of Pegasus, in 2016 the Canadian Cybersecurity Organisation The Citizen Lab encountered it’s first case on the smartphone of Human Right activist Ahmed Mansoor.
  • In addition, in September 2018 The Citizen Lab published a report identifying 45 countries in which Pegasus was being used.
  • Furthermore, in the year 2019 WhatsApp exposed that journalists and Human Rights Activists in India were under surveillance by operators using Pegasus.
  • The latest case of this spyware is found India in July 2021, The Pegasus Project revealed that various governments used the software to spy on government officials, opposition politicians and many more eminent faces. Some records state that Indian government used the software to spy on around 300 people between 2019 and 2021.
This image has an empty alt attribute; its file name is nso.jpg

Is spying legal in India?

The laws governing surveillance in India are The Telegraph Act, 1885 which indicates about the interception of calls and The Information Technology Act, 2000, it deals with the interception of data. Under both the laws, only government, under certain circumstances, is allowed to conduct surveillance. Moreover, hacking in India is illegal under IT Act.

Is there any solution to save us from this cyber attack havoc ?

Many Cybersecurity experts state that a phone infiltrated by Pegasus might not be able to recover completely, some traces can be found even after a strong factory reset.

Although they have introduced some preventive measures to save oneself from getting hitched with this software.

Open links only from trusted websites, contacts and sources while using your device.

Please make sure that your device is fully upgraded with the latest patches and system/app updates.

Keep your device safe by limiting physical access. This can be done by applying pin, password, biometric locking and face-locking facility.

Also avoid using open Wi-fi or hotspot as the host may steal your data from the network connection. Try using VPN to prevent this condition while using Wi-fi or hotspots it is a safer option to prevent your information.

Do have a backup of your credentials and important documents, if in case your device is lost, stolen or broken you will never lack from your data.

 

Pegasus – A threat to your Privacy

What is Pegasus?

  • It is a type of malicious software or malware classified as a spyware.
  • It is designed to gain access to devices, without the knowledge of users, and gather personal information and relay it back to whoever it is that is using the software to spy.
  • Pegasus has been developed by the Israeli firm NSO Group that was set up in 2010.
  • The earliest version of Pegasus discovered, which was captured by researchers in 2016, infected phones through what is called spear-phishing – text messages or emails that trick a target into clicking on a malicious link.
  • Since then, however, NSO’s attack capabilities have become more advanced. Pegasus infections can be achieved through so-called “zero-click” attacks, which do not require any interaction from the phone’s owner in order to succeed.
  • These will often exploit “zero-day” vulnerabilities, which are flaws or bugs in an operating system that the mobile phone’s manufacturer does not yet know about and so has not been able to fix.

What are the types of cyber attacks?

  • Malware: It is short for malicious software, refers to any kind of software that is designed to cause damage to a single computer, server, or computer network. Ransomware, Spy ware, Worms, viruses, and Trojans are all varieties of malware.
  • Phishing: It is the method of trying to gather personal information using deceptive e-mails and websites.
  • Denial of Service attacks: A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic, or sending it information that triggers a crash.
  • Man-in-the-middle (MitM) attacks: Also known as eavesdropping attacks, occur when attackers insert themselves into a two-party transaction. Once the attackers interrupt the traffic, they can filter and steal data.
  • SQL Injection: SQL stands for Structured Query Language, a programming language used to communicate with databases. Many of the servers that store critical data for websites and services use SQL to manage the data in their databases. A SQL injection attack specifically targets such kinds of servers, using malicious code to get the server to divulge information it normally wouldn’t.
  • Cross-Site Scripting (XSS): Similar to an SQL injection attack, this attack also involves injecting malicious code into a website, but in this case the website itself is not being attacked. Instead the malicious code the attacker has injected, only runs in the user’s browser when they visit the attacked website, and it goes after the visitor directly, not the website.
  • Social Engineering: It is an attack that relies on human interaction to trick users into breaking security procedures in order to gain sensitive information that is typically protected.

What are the initiatives taken by the government to tackle the issue of cyber attacks?

  • Cyber Surakshit Bharat Initiative: It was launched in 2018 with an aim to spread awareness about cybercrime and building capacity for safety measures for Chief Information Security Officers (CISOs) and frontline IT staff across all government departments.
  • National Cyber security Coordination Centre (NCCC): In 2017, the NCCC was developed to scan internet traffic and communication metadata (which are little snippets of information hidden inside each communication) coming into the country to detect real-time cyber threats.
  • Cyber Swachhta Kendra: In 2017, this platform was introduced for internet users to clean their computers and devices by wiping out viruses and malware.
  • Indian Cyber Crime Coordination Centre (I4C): I4C was recently inaugurated by the government.
  • National Cyber Crime Reporting Portal has also been launched pan India.
  • Computer Emergency Response Team – India (CERT-IN): It is the nodal agency which deals with cybersecurity threats like hacking and phishing.

Laws in India related to Cyber Security

  • Information Technology Act, 2000.
  • Personal Data Protection Bill, 2019.
  • International Telecommunication Union (ITU): It is a specialized agency within the United Nations which plays a leading role in the standardization and development of telecommunications and cyber security issues.

Basics of Cyber-Security

Recently I’ve been getting barged with calls from unknown numbers often ending as a nuisance from the other side. Result? Blocked. 

I wasn’t very aware of all this cyber security stuff because no one ever explained it to me properly. The small tid-bits that I got was often from here and there from the internet itself. And let’s be honest. Even though this whole self-learning thing is the ‘new-trend’ not many of us have the time in hand or patience to sit down and browse through these millions of articles. If you’d ask my opinion about it, I definitely think it’s high-time that cyber-security as a course is introduced in junior grades and everyone is aware of the basic cyber-security laws and procedures. 

Without wasting anymore time, let’s begin this article by asking the “Why?”

Why is it important to know about cyber-security? 

Social media, telegram group chats or any other websites that have your personal information stored is susceptible to threats and leakage of your data. When your personal data is leaked it may cause further problems as a possible danger to your bank accounts, personal life information and any such things that can be maliciously used by some people. It may sound “fine”, but it is indeed a big deal. Doxxing which refers to publishing someone’s private information on the internet typically with malicious intent may cause problems such as incessant callings from unknown numbers, or someone actually knowing details such as your exact location and using it to fulfill any of their evil goals. Therefore, it’s important that you stay safe and share your personal details with caution. 

How Can We Stay Safe? 

  1. Enter your personal details such as Name, age, location, etc only on trusted platforms. Avoid giving out too much information about yourself on Social Media and do not publish your phone number on any site unless it’s an absolute must and the site is safe. Keep your phone number and person details hidden from unknown people if possible. 
  2. To recognize safe sites, look for a 🔒and  https in the URL of the website. A site with ⚠ and just http in it’s URL is usually a site that’s prone to cyber attacks and thus unsafe. 
  3. If you ever need to sign-up on any website for insignificant reasons then do so with a spare email ID that doesn’t reveal much of your credentials and is not associated with any of your bank details or personal secured email IDs.
  4. Do not click on any unknown link sent to you by any unknown number or SMS. It can possibly lead to hacking of your personal details and accounts. 
  5. Do not reply back to unknown numbers that call you incessantly and for no genuine reason. Best way is to report and block them. 
  6. If you ever find yourself a victim of any of the cyber-bullying or such blank or malicious calls, do not hesitate to report them to the cyber security of India. 
  7. To report any such events or seek any further assistance you can contact either an organization called Law Sikho that works pro-bono or report directly to the Cyber Crime Security of India Website. 
  8. Lastly, always be cautious to never share any of your personal details to anyone on the internet unless you trust them 100% and know them personally. 

That’s it for the tips. I hope you’d keep them in mind and browse safely and securely on the internet! 

CYBER CRIME : CLASSIFICATION AND IMPACTS

INTRODUCTION

Cyber ​​crime can be termed as illegal use of the internet and computers. Computers can be victims of crime or be used as a criminal weapon. This crime has become a regular part of our daily lives. Every day one person or another becomes a victim of cyber crime. The Internet is accessed by many people at the same time for various purposes, and these hackers are making a way out of these opportunities.

TYPES OF CYBER CRIME

1)Identity theft – This involves obtaining personal information about the user by sending unsolicited emails or by using a criminal website to steal sensitive information similar to an authorized website.
2)Identity Theft – This involves obtaining information about credit or debit cards or banking details, some unwanted payments can be easily deducted after hacking.
3)Malware Attack – Malware is a malicious software designed to damage computers or systems. This is done to gain credible information or to commit certain crimes through the system.
4)ATM Fraud – The ATM machine has been completely stolen in this case. Criminals have developed a way to access all the information on the card and pin, continuously succeeding in duplicating the cards and using the same to withdraw money.
5)Cyber ​​Stalking – A criminal is involved in tracking that person through online actions. They can even send malware to damage systems to get specific information. Includes user abuse.
6)Pornography – The act of introducing a sexual activity containing a video, through sexual websites.
7)Download – In this case, the email was received and appears to be from a real source, but it is not the same. It’s broken.
8)Criminal crime – Unauthorized access to confidential information. Many times when government websites are hacked and corrupted files contain important information.

AWARNESS

1)Strong passwords should be used. Password should be complex, you might guess.
2)Use antivirus programs to keep the system free of malware.
3)Continue to update the program.
4)Be aware of and use the presence of intelligence to prevent identity theft.
5)Let your children know online, so that they can report any abuse or abuse when they pass.
6)Keep privacy settings on social media.

CYBER SECURITY

Cyber ​​security protects our system, network, devices and programs from malicious software attacks. Illegal data acquisition can therefore be suspended.

Importance – Information relating to any significant national problem or other data intended for personal use, if shared will create a number of problems. Therefore in the event of a multi-level security test, important data and data can be retained in the leak.

TYPES OF SECURITY THREATS

1)Network Security – Protects the network from malware attacks and thus uses a secure network.
2)Cloud security – Means data protection from cloud resources.
3)Information security – Helps protect data from unauthorized or illegal access.
4)End User Safety – User should be aware of when installing any external devices in the system, opening any emails or links.
5)Application security – helps keep the system and software safe.

CONCLUSION

Cyber ​​crime is spreading its arms day by day. The safest way to avoid becoming a victim of its ill effects is to follow safety precautions. There are various ways in which we can protect our confidential information from being disclosed. We should always focus on awareness as – ‘Prevention is better than cure’, especially if there is no cure.

Poor cyber security – Chinese cyber attacks on Indian vaccine development company servers

The claims of cyber intelligence agencies related to Chinese cyber attacks in India are very important in view of the country’s cyber security. One of these claims is related to US cyber intelligence company Future Recorded, which in its latest report has feared that China’s cyber attack may be responsible for the failure of the power grid in Mumbai last year. 

Reports suggest that labs of two Indian companies that make power grid and COVID vaccine were under Chinese cyber attack. These cyber attack attempts have not only exposed but also have given a future warning for cyber security,

Cyberma, the cyber intelligence firm of rating agency Goldman Sachs, claims that the servers of two Indian companies, Serum Institute and Bharat Biotech, engaged in the manufacture of the Corona vaccine, had been targeted by Chinese hackers for the past few weeks. Certainly these claims of cyber intelligence agencies are yet to be confirmed, but the threat of cyber attack from China is not new, even if it gives a million explanations. 

According to a New York Times report related to Future Recorded’s claim, in Ladakh when tension between India and China was at its peak, on October 12 last year, the power grid was targeted by a Chinese cyber attack that stalled power supplies in India’s commercial capital for several hours, and in the treatment of Corona patients which was a big obstacle. 

There is no reason to doubt the assurance of the Union Ministry of Power that cyber monitoring mechanism is working in the entire power supply system of the country. Not only this, the Indian Computer Emergency Response Team (CERT), the cyber security agency of India, is also not only fully prepared, but has also given power system operation corporation (POSOCO) handling the power grid in the country about the risk of possible cyber attack ,were also warned in November last year. Since cyber attack can be carried out with malware from thousands of kilometers away, there is a need to be very vigilant. 

Future Recorded’s report only shows the severity of this new threat, according to which how a country can be severely harmed without using weapons or fighting nuclear war, by putting malware in the electric grid or other sensitive infrastructure. The methods will not work, we need to be prepared to deal with cyber threats.

5 tips for a cyber Secure Home Experience

Cybersecurity became a full new ball game for a few IT departments when coronavirus forced businesses into enabling employees to figure from home, many of them for the primary time. Risk-averse organizations will have it covered with long-standing business continuity plans; others may have been smart enough to determine protocols and processes within the origin of the lockdown, but more are struggling to place something in situ after the event. One certainty in uncertain times is that hackers and complicated cybercriminals are looking to use the explosion in home working and vulnerabilities that are inevitable when unexpected arrangements replace the carefully monitored activity that typically protects a business. Here’s a list of the top 5 things that can help you secure your home cyber experience.

 

  1. Make a password management tool and make sure you use strong passwords: You may have heard that strong passwords are critical to online security. Use this link (https://iprouterlogin.com/192-168-2-1/ ) to know about the ip logins and passwords. The reality is passwords keep your hackers out of your data. If you want to make it easy to manage your passwords, try to use a password account vault or a password management tool. According to the National Institute of Standards and Technology’s (NIST)2017 new password policy framework, you should consider:

 

  • Dropping the crazy, complex mixture of upper case letters, symbols, and numbers. Instead, go for something that is more user-friendly but at least eight characters and a maximum of 64 characters.

  • Do not use the same password twice.

  • Always reset your password in case you forget it and change it at least once in a year for general safety.

  • Your password should contain at least one lowercase letter, one uppercase letter, one number, and four symbols but not the following &%#@_.

  • Set your password that is easy to remember and never leave any hint for the public or the hackers to hack it.

 

2.     Use anti-virus protection and firewall: Anti-virus (AV) protection software has been the foremost prevalent solution to fight malicious attacks. Antivirus software stops any kind of viruses from entering your device and hampering it. Take an AV software from a trusted vendor and use only that software for your device. Using a firewall is additionally important when defending your data against malicious attacks. A firewall helps classify hackers, viruses, and other malicious activity that happens over the web and determines what traffic is allowed to enter your device. Your router should even have a firewall inbuilt to forestall attacks on your network.

 

3.     Keep your software up to date: Ransomware attacks were a serious attack vector of 2017 for both businesses and consumers. One of the foremost important cybersecurity tips to mitigate ransomware is patching outdated software, both software systems, and applications. Here are some quick tips to induce you started: 

 

  • Turn on automatic system updates for your device

  • Make sure your desktop browser uses automatic security updates 

  • Keep your applications program plugins like Flash, Java, etc. updated

 

4.     Learn about Phishing Scams – be very suspicious of emails, phone calls, and flyers: In a phishing scheme attempt, the attacker poses as someone or something the sender isn’t to trick the recipient into divulging credentials, clicking a malicious link, or opening an attachment that infects the user’s system with malware, trojan, or zero-day vulnerability exploit. This often ends up in a ransomware attack. 90% of ransomware attacks originate from phishing attempts. A few important cybersecurity tips to recollect about phishing schemes include:

 

  • Bottom line – Don’t open email from people you don’t know

 

  • Know which links are safe and which don’t seem to be – hover over a link to find where it directs to 

 

  • Be suspicious of the emails sent to you generally – look and see where it came from and if there are grammatical errors

 

  • Malicious links can come from friends who are infected too. So, be extra careful!

 

5.     Protect Your Sensitive Personal Identifiable Information (PII): Personal Identifiable Information (PII) is any information that may be employed by a cybercriminal to spot or locate a person. PII includes information like name, address, phone numbers, date of birth, Social Security Number, IP address, location details, or other physical or digital identity data. Your MasterCard information should be protected by companies if they follow the PCI DSS standards. 

 

In the new “always-on” world of social media, you ought to be very cautious about the data you include online. it’s recommended that you just only show the very minimum about yourself on social media. Consider reviewing your privacy settings across all of your social media accounts, particularly Facebook. The risk of social security will increase if you add your birth date, home address, or other personal identification information. Hackers use this information to their advantage!

 

So here are few tips that can help you secure your home cybersecurity. Do give it a read and apply it.