#FactCheck - Debunked: AI-Generated Image Circulating as April Solar Eclipse Snapshot

Introduction

‍

India is confronting a wake-up call as a recent cyber incident aimed at the aviation sector underscores the fragile nature of digital systems that guide national air travel. The disclosure in Parliament has pushed the conversation on flight safety, signal integrity, and cyber readiness back into urgent focus. In a written response to a Parliamentary question, Civil Aviation Minister Ram Mohan Naidu acknowledged that GPS spoofing, a malicious method employed to alter navigation signals, had been noticed at seven major airports of the country. New Delhi flights had not been affected during the incident, but still, it was an event that again made air travel's safety, GNSS interference, and the overall cyber threat to India's airspace an issue of concern.

‍

The Incident: What Happened?

‍

Initial notices came from Indira Gandhi International Airport in Delhi, where the pilots of the different inbound flights talked about GPS spoofing as the reason for their landing. Spoofing is the process of sending counterfeit GPS signals which mislead the aircraft's navigation systems and may cause a wrong measure of the altitude, the position or the runway alignment. In Delhi, pilots operating under GPS-based landing procedures over Runway 10 experienced errors in their approaches and promptly switched to the alternative procedures without any delay.

The Minister said that apart from Delhi, other airports, viz. Kolkata, Amritsar, Mumbai, Hyderabad, Bengaluru, and Chennai were the 6 airports that recorded similar GNSS interference patterns consisting of both jamming and spoofing. Though no major interruptions or incidents occurred, these occurrences are a sign of a steady and enlarging threat.

‍

Why Is GPS Spoofing So Dangerous?

‍

Satellite navigation and communication systems are the backbone of modern aviation, which is now a matter of great precision. Signal jamming by malicious actors comes with a bunch of risks:

‍

1. Diversions and Delays: Pilots may be forced to either give up attempts to land or divert flights, which translates into higher consumption of fuel and more complicated operations due to the case of jamming.

2. Threat of Safety Issue: Pilots are trained to deal with such incidents by following the prescribed fallback procedures, but still they depend very much on the GNSS signals that are accurate for safe manoeuvring, especially in low visibility situations.

3. Pressure on Old Systems: Indian airports are still in the process of completely converting from ground-based navigation aids to GNSS. Signal disruptions entail the use of older technologies, which results in putting additional pressure on the already overburdened air traffic control systems.

4. Opening Up Possibilities for Direct Attacks: Signal jamming can be made a tool for more clever tactics of operation that can include causing confusion during the busy traffic period or performing coordinated attacks to create chaos.

‍

Aviation and Cyber Threats

‍

The disturbances that have been mentioned at the seven airports are not unique. The civil aviation regulators all over the world have already reported an increase in GNSS jamming. The exemplary cases in the Middle East, Eastern Europe, and East Asia have revealed that the safety of airspace has turned into a tactical issue.

Moreover, India's quick adoption of digital technology in the aviation sector could open threat vulnerabilities from state-sponsored groups, hackers. In this instance, the government has not yet announced who was responsible for the spoofing, but the trend points to an adversary with advanced technology.

‍

Government and Regulatory Response

‍

The confirmation from the Civil Aviation Minister underscores a proactive stance by agencies such as:

• Directorate General of Civil Aviation (DGCA)
• Ministry of Civil Aviation
• Airports Authority of India (AAI)

‍

The involved entities are collaborating now to do an inquiry into the cases and set up preventive measures. 

‍

The main steps that are taken in response are: 

‍

• More thorough observation of GNSS signal anomalies 
• More pilot briefings and training on dealing with spoofing situations 
• Improving navigation aids to set up a backup 
• Working with IT security experts to find out the sources of interference 
• Communicating with other global aviation authorities to share the best practices 

‍

India, being a significant player in the world aviation market, is not allowed to relax its guard. Cyberattacks on airports show how digital as well as physical security are becoming more and more intertwined.

‍

The Bigger Picture: Protecting Critical Infrastructure

‍

Aviation is a sector that very clearly shows that threats from cyberspace can easily translate into security issues for a nation. The airport system not only becomes more vulnerable to attacks but also the whole aviation industry as the digital ecosystems gain more complex forms together with integrated telecommunications networks, the Internet of Things (IoT)-enabled systems, and cloud-based services.

‍

One of the many threats in the form of GNSS spoofing demonstrates so-called: 

‍

• Ransomware attacks on airport systems
• Contamination of air traffic control infrastructure 
• Data breaches conducted by insiders 
• Passenger data attacks 
• Hinderance of airport logistics and baggage systems 

‍

What Needs to Happen Next?

‍

India is compelled to embrace a multi-faceted approach in order to manage the intricacies of GNSS interference risk:

‍

1. Cybersecurity Measures in Aviation Enforced: New monitoring tools, anomaly detection systems, and instant response plans will be put into service.
2. Redundant Technology: The non-GNSS-based navigation system will be expanded to guarantee the continuity of operations in the event of jamming.
3. Cyber Drills Across all Sectors: To get pilots, air traffic control personnel, and airport operators ready, the aviation cyber drills will be conducted at the national level.
4. Global Cooperation: International organisations will be approached to share the information and standardise the procedures.
5. R&D and Innovations: Funding will be directed towards anti-spoofing technology, stronger satellite signals, and the domestic navigation system, like NavIC.

‍

Conclusion

‍

The cyberattack that targeted the seven airports serves as a clear reminder that aviation cybersecurity should not be considered a secondary issue anymore. Even though the quick reaction from the authorities managed to averted any disruptions, the event still shows the vulnerabilities of modern aviation systems. India's air travel infrastructure expansion will be a good time for the country to install its strong cybersecurity frameworks to protect its passengers, maintain the continuity of operations, and secure the airspace of its territory. At CyberPeace, we believe that a coordinated, proactive, and technology-driven approach is no longer an option, it is the new fundamental of aviation security in the digital age.

‍

Reference

‍

• https://www.youtube.com/watch?v=8ZgAVgwQ5lE

‍

Introduction

The Indian Computer Emergency Response Team, CERT-In, is the national statutory agency that responds to Cybersecurity Incidents under the Ministry of Electronics and Information Technology (MeitY) of the Government of India. CERT-In and Information Sharing and Analysis Center (ISAC) have joined hands to develop a focused pool of Cybersecurity Leaders through the National Cyber Security Scholar Program (NCSSP). This National Cyber Security Scholar Program is to create a pool of credible and ethical cybersecurity leaders in the country who prioritise national cyber security in their professional endeavours. This program allows both organisations to jointly issue joint certifications for Cohort 6 of the National Cyber Security Scholar Program (NCSSP). This certification is provided to cybersecurity professionals who complete one of the world’s leading cybersecurity management programs.

About the Program

The National Cybersecurity Scholar (NCSS) is a comprehensive 18-week, 160-hour Instructor-led program for emerging cybersecurity leaders. The ISAC will conduct the program with CERT-IN and KDEM as knowledge partners. This Cyber Security Scholar program aims to provide an extraordinary opportunity, for scholars, to gain hands-on experience in real-world scenarios through activities such as war games. It will allow scholars to acquaint themselves with roles such as that of stakeholders,  including attackers, Security Operations Centre (SOC) teams, Forensicators, Chief Information Security Officers (CISOs), and CEOs, and engage in tabletop exercises that simulate a cyber crisis. This program would allow scholars to understand how responses to cyber crises impact the financial performance of an organisation, including, stock prices and sales.  It offers a treasure trove of insights into the economic impact of cybersecurity decisions and the importance of proactive risk management. 

The program invites applications from various scholars including Mid to senior-level leaders, diplomats and diplomatic corps officers, mid to senior-level government officials involved in homeland and cybersecurity operations, experienced executives from Managed Security Services Providers (MSSPs), faculty members who specialise in new and emerging technologies, cybersecurity professionals in CII sectors and post-doctoral or research scholars in cybersecurity. 

CyberPeace Outlook

The National Cyber Security Scholar Program subsumes several key dimensions working towards building a resilient cybersecurity ecosystem for India.

1. The program focuses on skill development and enhancing scholars’ knowledge in domains of network security, ethical hacking, cyber forensics, incident response, malware analysis, and threat intelligence. 
2. The partnership between CERT-In and ISAC, government and Industry entities, ensures that scholars are exposed to different policy-level frameworks and technical expertise, offering a unique blend of perspectives that cater to the country's national security goals and industry best practices.
3. The scholar program encourages the development of new methodologies, tools, and frameworks that could be instrumental in tackling future cyber challenges and advancing India's position as a global leader in cybersecurity research and development. Research and innovation in cybersecurity are critical to the program.
4. It plays a significant role in providing opportunities for career development by further providing networking platforms with professionals, researchers, and thought leaders in the cybersecurity field, giving them exposure to internships, job placements, and further academic pursuits.

This program aims to support upskilling India’s broader cyber defence strategy through the creation of highly skilled professionals. The scholars are expected to contribute actively to national cybersecurity efforts, whether through roles in government, private sector, or academia, helping to create a more secure and resilient cyberspace. The National Cyber Security Scholar Program is a major advancement in strengthening cybersecurity resilience in India. In a digital world where cyber threats crossing boundaries, such programs are essential for maintaining our national security and economic stability.

References

• https://theprint.in/ani-press-releases/cert-in-and-isac-collaborate-to-develop-focussed-pool-of-cybersecurity-leaders-through-the-national-cyber-security-scholar-program-ncssp/2318021/ 
• https://isacfoundation.org/national-cyber-security-scholar/
• https://cyberversefoundation.org/national-cyber-security-scholar/ 

‍

Introduction:

The Federal Bureau of Investigation (FBI) focuses on threats and is an intelligence-driven agency with both law enforcement and intelligence responsibilities. The FBI has the power and duty to look into certain offences that are entrusted to it and to offer other law enforcement agencies cooperation services including fingerprint identification, lab tests, and training. In order to support its own investigations as well as those of its collaborators and to better comprehend and address the security dangers facing the United States, the FBI also gathers, disseminates, and analyzes intelligence.

The FBI’s  Internet Crime Complaint Center (IC3) Functions combating cybercrime:

1. Collection: Internet crime victims can report incidents and notify the relevant authorities of potential illicit Internet behavior using the IC3. Law enforcement frequently advises and directs victims to use www.ic3.gov to submit a complaint.
2. Analysis: To find new dangers and trends, the IC3 examines and examines data that users submit via its website.
3. Public Awareness: The website posts public service announcements, business alerts, and other publications outlining specific frauds. Helps to raise awareness and make people become aware of Internet crimes and how to stay protected.
4. Referrals: The IC3 compiles relevant complaints to create referrals, which are sent to national, international, local, and state law enforcement agencies for possible investigation. If law enforcement conducts an investigation and finds evidence of a crime, the offender may face legal repercussions.

‍

Alarming increase in cyber crime cases:

In the recently released 2022 Internet Crime Report by the FBI's Internet Crime Complaint Center (IC3), the statistics paint a concerning picture of cybercrime in the United States. FBI’s Internet Crime Complaint Center (IC3) received 39,416 cases of extortion in 2022. The number of cases in 2021 stood at 39,360.

FBI officials emphasize the growing scope and sophistication of cyber-enabled crimes, which come from around the world. They highlight the importance of reporting incidents to IC3 and stress the role of law enforcement and private-sector partnerships.

About Internet Crime Complaint Center IC3:

IC3 was established in May 2000 by the FBI to receive complaints related to internet crimes.

It has received over 7.3 million complaints since its inception, averaging around 651,800 complaints per year over the last five years. IC3's mission is to provide the public with a reliable reporting mechanism for suspected cyber-enabled criminal activity and to collaborate with law enforcement and industry partners. 

The FBI encourages the public to regularly review consumer and industry alerts published by IC3. An victim of an internet crime are urged to submit a complaint to IC3, and can also file a complaint on behalf of another person. These statistics underscore the ever-evolving and expanding threat of cybercrime and the importance of vigilance and reporting to combat this growing challenge.

What is sextortion?

The use or threatened use of a sexual image or video of another person without that person’s consent, derived from online encounters or social media websites or applications, primarily to extort money from that person or asking for sexual favours and giving warning to distribute that picture or video to that person’s friends, acquaintances, spouse, partner, or co-workers or in public domain. 

Sextortion is an online crime that can be understood as, when an bad actor coerces a young person into creating or sharing a sexual image or video of themselves and then uses it to get something from such young person, such as other sexual images, money, or even sexual favours. Reports highlights that more and more kids are being blackmailed in this way. Sextortion can also happen to adults. Sextortion can also take place by taking your pictures from social media account and converting those pictures into sexually explicit content by morphing such images or creating deepfake by miusing deepfake technologies.

Sextortion in the age of AI and advanced technologies:

AI and deep fake technology make sextortion even more dangerous and pernicious. A perpetrator can now produce a high-quality deep fake that convincingly shows a victim engaged in explicit acts — even if the person has not done any such thing. 

Legal Measures available in cases of sextortion:

In India, cybersecurity is governed primarily by the Indian Penal Code (IPC) and the Information Technology Act, 2000 (IT Act). Addressing cyber crimes such as hacking, identity theft, and the publication of obscene material online, sextortion and other cyber crimes. The IT Act covers various aspects of electronic governance and e-commerce, with providing provisions for defining such offences and providing punishment for such offences.

Recently Digital Personal Data Protection Act, 2023 has been enacted by the Indian Government to protect the digital personal data of the Individuals. These laws collectively establish the legal framework for cybersecurity and cybercrime prevention in India. Victims are urged to report the crime to local law enforcement and its cybercrime divisions. Law enforcement will investigate sextortion cases reports and will undertake appropriate legal action.  

How to stay protected from evolving cases of sextortion: Best Practices:

‍

• Report the Crime to law enforcement agency and social media platform or Internet service provider. 
• Enable Two-step verification as an extra layer of protection.
• Keep your laptop Webcams covered when not in use.
• Stay protected from malware and phishing Attacks.
• Protect your personal information on your social media account, and also monitor your social media accounts in order to identify any suspicious activity. You can also set and review privacy settings of your social media accounts.

Conclusion:

Sextortion cases has been increased in recent time. Knowing the risk, being aware of rules and regulations, and by following best practices will help in preventing such crime and help you to stay safe and also avoid the chance of being victimized. It is important to spreading awareness about such growing cyber crimes and empowering the people to report it and it is also significant to provide support to victims. Let’s all unite in order to fight against such cyber crimes and also to make life a safer place on the internet or digital space.

References:

• https://www.ic3.gov/Media/PDF/AnnualReport/2022_IC3ElderFraudReport.pdf
• https://octillolaw.com/insights/fbi-ic3-releases-2022-internet-crime-report/
• https://www.iafci.org/app_themes/docs/Federal%20Agency/2022_IC3Report.pdf

‍