What are Cyber Attacks?

Cyber Attack

Often times, we may not realize that our actions online might put us, our families, and even our country at risk. Learning about the dangers online and taking action to protect ourselves is the first step in making the Internet a safer place for everyone. Cybersecurity is a shared responsibility and we each have a role to play.

Cybersecurity involves protecting that infrastructure by preventing, detecting, and responding to cyber incidents. Unlike physical threats that prompt immediate action–like stop, drop, and roll in the event of a fire–cyber threats are often difficult to identify and comprehend. Among these dangers are viruses erasing entire systems, intruders breaking into systems and altering files, intruders using your computer or device to attack others, or intruders stealing confidential information. The spectrum of cyber risks is limitless; threats, some more serious and sophisticated than others, can have wide-ranging effects on the individual, community, organizational, and national level. These risks include:

• Organized cybercrime, state-sponsored hackers, and cyber espionage can pose national security risks to our country.
• Transportation, power, and other services may be disrupted by large scale cyber incidents. The extent of the disruption is highly uncertain as it will be determined by many unknown factors such as the target and size of the incident.
• Vulnerability to data breach and loss increases if an organization’s network is compromised. Information about a company, its employees, and its customers can be at risk.

Individually-owned devices such as computers, tablets, mobile phones, and gaming systems that connect to the Internet are vulnerable to intrusion. Personal information may be at risk without proper security.

Before Cyber Attack

You can increase your chances of avoiding cyber risks by setting up the proper controls. The following are things you can do to protect yourself, your family, and your property before a cyber incident occurs.

• Only connect to the Internet over secure, password- protected networks.
• Do not click on links or pop-ups, open attachments, or respond to emails from strangers.
• Always enter a URL by hand instead of following links if you are unsure of the sender.
• Do not respond to online requests for Personally Identifiable Information (PII); most organizations – banks, universities, companies, etc. – do not ask for your personal information over the Internet.
• Limit who you are sharing information with by reviewing the privacy settings on your social media accounts.
• Trust your gut; if you think an offer is too good to be true, then it probably is.
• Password protect all devices that connect to the Internet and user accounts.
• Do not use the same password twice; choose a password that means something to you and you only; change your passwords on a regular basis.
• If you see something suspicious, report it to the proper authorities.

The extent, nature, and timing of cyber incidents are impossible to predict. There may or may not be any warning. Some cyber incidents take a long time (weeks, months or years) to be discovered and identified. Familiarize yourself with the types of threats and protective measures you can take by:

• Signing up for the United States Computer Emergency Readiness Team (US-CERT) mailing list to receive the latest cybersecurity information directly to your inbox. Written for home and business users, alerts provide timely information about current security issues and vulnerabilities. 
• Becoming a Friend of the Department of Homeland Security’s Stop.Think.Connect. Campaign and receive a monthly newsletter with cybersecurity current events and tips. 

During A Cyber Attack

Immediate Actions

• Check to make sure the software on all of your systems is up-to-date.
• Run a scan to make sure your system is not infected or acting suspiciously.
• If you find a problem, disconnect your device from the Internet and perform a full system restore.

At Home

• Disconnect your device (computer, gaming system, tablet, etc.) from the Internet. By removing the Internet connection, you prevent an attacker or virus from being able to access your computer and perform tasks such as locating personal data, manipulating or deleting files, or using your device to attack others.
• If you have anti-virus software installed on your computer, update the virus definitions (if possible), and perform a manual scan of your entire system. Install all of the appropriate patches to fix known vulnerabilities.

At Work

• If you have access to an IT department, contact them immediately. The sooner they can investigate and clean your computer, the less damage to your computer and other computers on the network.
• If you believe you might have revealed sensitive information about your organization, report it to the appropriate people within the organization, including network administrators. They can be alert for any suspicious or unusual activity.

At a Public Place (library, school, etc.)

• Immediately inform a librarian, teacher, or manager in charge. If they have access to an IT department, contact them immediately.

Immediate Actions if your Personally Identifiable Information (PII) is compromised:

PII is information that can be used to uniquely identify, contact, or locate a single person. PII includes but is not limited to:

• Full Name
• Social security number
• Address
• Date of birth
• Place of birth
• Driver’s License Number
• Vehicle registration plate number
• Credit card numbers
• Physical appearance
• Gender or race

If you believe your PII is compromised:

• Immediately change all passwords; financial passwords first. If you used the same password for multiple resources, make sure to change it for each account, and do not use that password in the future.
• If you believe the compromise was caused by malicious code, disconnect your computer from the Internet.
• Restart your computer in safe mode and perform a full system restore.
• Contact companies, including banks, where you have accounts as well as credit reporting companies.
• Close any accounts that may have been compromised. Watch for any unexplainable or unauthorized charges to your accounts.

After Cyber Attack

• Report identity theft to the National Response Center For Cyber Crime.
• If your PII was compromised, consider other information that may be at risk. Depending what information was stolen, you may need to contact other agencies; for example, if someone has gained access to your Social Security number, contact the Social Security Administration. You should also contact the Department of Motor Vehicles if your driver's license or car registration has been stolen.
• For further information on preventing and identifying threats,Please visit Federal Investigation Agency

Cyber War Between Pakistan and India Starts!

After the escalation of the situation on working boundary between India and Pakistan, the cyber warriors on both side of borders have prepped for a possibly long-running and likely to be horrific cyber war that’s nearing with every passing day now.

Conventionally, cyber warriors from Pakistan and India have fought some major wars in past as the situation between nuclear neighbors has been precarious for past two decades.

It is considered as a norm that cyber warriors get into action as soon as the armed forced — from both sides — advance to borders.

First large scale cyber war between India and Pakistan was fought in 1998, then another round was played in 2004. Cyber war between both the countries during 2008 was somewhat massive but ended peacefully when senior Hackers from both sides intervend.

Some small scale incidents occurred in 2014 as well.

What’s a Cyber War

For more advanced markets, a cyber war usually consists of cyber attacks on sensitive government or commercial infrastructure; leaving millions or even billions of dollars at stake. In other incidents, the private records of individuals are leaked online.

For Pakistan and India, however, cyber wars are website hacks that usually don’t pose serious threats, at least on on critical infrastructure.

However, as one may imagine, several hundred thousands or even millions of websites are defaced, hacked, infected or are deleted during the process, causing major nuisance for brands, companies, individuals, government departments and so on.

Cyber war between India and Pakistan is usually contributed by beginners who empty their silos on random websites and defaced them alongside deleting files. Naturally the data on servers is stolen and ultimately used (reused or sold) on black markets.

Not to be mentioned, in some situations, senior hackers also launch targeted attacks on government websites that cause embarrassment for the other side of the border.

Pakistani senior hackers have this track record of targeting websites by issuing advance notice to Indian counterparts.

During the process, in some cases, banks, stock exchanges, government departments, high traffic websites and news outlets are targeted.

Cyber War 2016

Reportedly the defacement of websites is already in play. Indians somehow defaced some Pakistani websites and in response tens of thousands of Indian Websites are already down with Pakistani flags on their home pages.

Major Pakistani website defacement include colgate.com.pk. Indian defaced websites include government, semi government and commercial websites.

We will keep an eye on events that will unfold during days to come and will keep updating our readers accordingly.

Pakistan Hackers Force Indian Pilots To Hear ‘Dil Dil Pakistan’ As They Land In Jammu

The Pakistan government may not be directly confronting India over the recent surgical strikes, but it seems that cross-border hackers are trying hard to avenge it.

On Monday, Genius Pakistani Hackers broke into The National Green Tribunal's website and posted anti-India content on it. And it has now emerged that some hacker groups are "irritating" Indian pilots by playing Pakistani patriotic songs to them as aircrafts operate near the Line of Control in Jammu.

For representation 

The hackers reportedly tap into the frequency on which pilots communicate with Jammu air traffic control (ATC), block it and transmit Pakistani songs. 

The result? 

Songs like 'Dil, dil Pakistan, jaan jaan Pakistan' play out in the cockpits much to the irritation of pilots, reports The Times of India.

A pilot told the newspaper that it has been happening for some time now and is a "big irritant" because the aircrafts are often in the final stage of landing.

So how are pilots dealing with all this? After the frequency is tapped into, they communicate through the IAF-run Northern Control in Udhampur, which calls up the Jammu tower on the landline and given them alternate frequencies. The pilots then talk to Jammu ATC on that frequency.

Reportedly that is why the Jammu ATC frequency is changed very frequently. The hackers, thankfully, aren't so fast quick enough to keep pace.

Central Bank of India and Several Other Indian Websites Hacked by Pakistani Hackers

Here’s the defaced page: https://www.centralbankofindia.co.in/site/

Pakistani and Indian hackers keep on defacing cross-country websites to apparently show patriotism. It won’t be out of place to mention here that websites on both side of borders are largely notorious for lack of security.

Pakistan Cyber Army and MadLeets, claiming the responsibility for defacement, warned Indian hackers to stay away from Pakistani websites. On defaced page, the PCA said that their action is in response to the Pakistani websites hacked by “Indian Cyber Army”.

Here’s the complete message pasted on Central Bank of India:

Pakistani Hackers hacked Indian website out of moral responsibility

Pakistani hackers group “Hacked Pak Cyber Attackers” defaced the website of Chhatisgarh National Institute of Technology (NIT) and replaced the home page with a slogan of “Pakistan Zindabad” followed by “nothing harmed just defaced and deleted some vulnerable files, we are Muslim hackers, we hack for cause, not for fun; contact us.” This happened just a day after PM Narendra Modi launched Digital India Campaign to reform the country through technology.

  

Source: Times of India

Faisal Afzal, alleged to be the Pakistani hacker from the group, posted about the hacking on his Facebook timeline saying, “National Institute of Technology Raipur Official Website HaCKED AND ROOTED” along with a picture of a successful hack.

Source: Times of India 

Mohit Sahu, an expert of the cyber security in India, explained about the hacking and mirror link mentioned on Afzal’s Facebook wall,

“He had been accessing NIT’s website for a year and had never been tracked down. By hacking, Afzal wanted to show how vulnerable the websites are which can be easily hacked. He had earlier hacked NIT Kolkata’s website also, link of which is posted on his wall. The mirror link is what the hacker posts and keeps as log about the sites he had hacked and how they looked like after hacking.”

The site has been recovered, but Mohit believes that the hacker can attack again since he still has the ‘Buzz’ with him. Mohit explained that Buzz is an open source content management system which if gets leaked can allow anyone to hack the sites.

According to NIT, the hacker did not destroy the website’s database. However, NIT will hire a security expert to find out the loopholes in the website which aided the hackers.

What do you think about the recent spree of hacking incidents from Pakistani hackers? Let us know in the comment section below.

Facebook