#FactCheck: Misleading Clip of Nepal Crash Shared as Air India’s AI-171 Ahmedabad Accident

Introduction

The US national cybersecurity strategy was released at the beginning of March this year. The aim of the cybersecurity strategy is to build a more defensive and resilient digital mechanism through general investments in the cybersecurity infrastructure. It is important to invest in a resilient future, And the increasing digital diplomacy and private-sector partnerships, regulation of crucial industries, and holding software companies accountable if their products enable hackers in.

What is the cybersecurity strategy  

The US National cybersecurity strategy is the plan which organisations pursue to fight against cyberattacks and cyber threats, and also they plan a risk assessment plan for the future in a resilient way. Through the cybersecurity strategy, there will be appropriate defences against cyber threats.

US National Cybersecurity Strategy-

the national cybersecurity strategy mainly depends on five pillars-

1. Critical infrastructure- The national cybersecurity strategy intends to defend important infrastructure from cyberattacks, for example, hospitals and clean energy installations. This pillar mainly focuses on the security and resilience of critical systems and services that are critical.
2. Disrupt & Threat Assessment- This strategy pillar seeks to address and eliminate cyber attackers who endanger national security and public safety.
3. Shape the market forces in resilient and security has driven-
4. Invest in resilient future approaches.
5. Forging international partnerships to pursue shared goals.

Need for a National cybersecurity strategy in India –

India is becoming more reliant on technology for day-to-day purposes, communication and banking aspects. And as per the computer emergency response team (CERT-In), in 2022, ransomware attacks increased by 50% in India. Cybercrimes against individuals are also rapidly on the rise. To build a safe cyberspace, India also required a national cybersecurity strategy in the country to develop trust and confidence in IT systems.

Learnings for India-

India has a cybersecurity strategy just now but India can also implement its cybersecurity strategy as the US just released. For the threats assessments and for more resilient future outcomes, there is a need to eliminate cybercrimes and cyber threats in India.

Shortcomings of the US National Cybersecurity Strategy-

• The implementation of the United States National Cybersecurity Strategy has Some problems and things that could be improved in it. Here are some as follows:

• Significant difficulties: The cybersecurity strategy proved to be difficult for government entities. The provided guidelines do not fulfil the complexity and growing cyber threats.
• Insufficient to resolve desirable points: the implementation is not able to resolve some, of the aspects of national cybersecurity strategies, for example, the defined goals and resource allocation, which have been determined to be addressed by the national cybersecurity strategy and implementation plan.
• Lack of Specifying the Objectives: the guidelines shall track the cybersecurity progress, and the implementation shall define the specific objectives.
• Implementation Alone is insufficient: cyber-attacks and cybercrimes are increasing daily, and to meet this danger, the US cybersecurity strategy shall not depend on the implementation. However, the legislation will help to involve public-private collaboration, and technological advancement is required.
• The strategy calls for critical infrastructure owners and software companies to meet minimum security standards and be held liable for flaws in their products, but the implementation and enforcement of these standards and liability measures must be clearly defined.

Conclusion

There is a legitimate need for a national cybersecurity strategy to fight against the future consequences of the cyber pandemic. To plan proper strategies and defences. It is crucial to avail techniques under the cybersecurity strategy. And India is increasingly depending on technology, and cybercrimes are also increasing among individuals. Healthcare sectors and as well on educational sectors, so to resolve these complexities, there is a need for proper implementations.

Introduction

26th November 2024 marked a historical milestone for India as a Hyderabad-based space technology firm TakeMe2Space, announced the forthcoming launch of MOI-TD “(My Orbital Infrastructure - Technology Demonstrator)”, India's first AI lab in space. The mission will demonstrate real-time data processing in orbit, making space research more affordable and accessible according to the Company. The launch is scheduled for mid-December 2024 aboard the ISRO's PSLV C60 launch vehicle. It represents a transformative phase for innovation and exploration in India's AI and space technology integration space. 

The Vision Behind the Initiative

The AI Laboratory in orbit is designed to enable autonomous decision-making, revolutionising satellite exploration and advancing cutting-edge space research. It signifies a major step toward establishing space-based data centres, paving the way for computing capabilities that will support a variety of applications. 

While space-based data centres currently cost 10–15 times more than terrestrial alternatives, this initiative leverages high-intensity solar power in orbit to significantly reduce energy consumption. Training AI models in space could lower energy costs by up to 95% and cut carbon emissions by at least tenfold, even when factoring in launch emissions. It positions MOI-TD as an eco-friendly and cost-efficient solution.

Technological Innovations and Future Impact of AI in Space

This AI Laboratory, MOI-TD includes control software and hardware components, including reaction wheels, magnetometers, an advanced onboard computer, and an AI accelerator. The satellite also features flexible solar cells that could power future satellites. It will enable the processing of real-time space data, pattern recognition, and autonomous decision-making and address the latency issues, ensuring faster and more efficient data analysis, while the robust hardware designs tackle the challenges posed by radiation and extreme space environments. Advanced sensor integration will further enhance data collection, facilitating AI model training and validation.

These innovations drive key applications with transformative potential. It will allow users to access the satellite platform through OrbitLaw, a web-based console that will allow users to upload AI models to aid climate monitoring, disaster prediction, urban growth analysis and custom Earth observation use cases. TakeMe2Space has already partnered with a leading Malaysian university and an Indian school (grades 9 and 10) to showcase the satellite’s potential for democratizing space research. 

Future Prospects and India’s Global Leadership in AI and Space Research 

As per Stanford’s HAI Global AI Vibrancy rankings, India secured 4th place due to its R&D leadership, vibrant AI ecosystem, and public engagement for AI. This AI laboratory is a step further in advancing India’s role in the development of regulatory frameworks for ethical AI use, fostering robust public-private partnerships, and promoting international cooperation to establish global standards for AI applications. 

Cost-effectiveness and technological exercise are some of India’s unique strengths and could position the country as a key player in the global AI and space research arena and draw favourable comparisons with initiatives by NASA, ESA, and private entities like SpaceX. By prioritising ethical and sustainable practices and fostering collaboration, India can lead in shaping the future of AI-driven space exploration.

Conclusion

India’s first AI laboratory in space, MOI-TD, represents a transformative milestone in integrating AI with space technology. This ambitious project promises to advance autonomous decision-making, enhance satellite exploration, and democratise space research. Additionally, factors such as data security, fostering international collaboration and ensuring sustainability should be taken into account while fostering such innovations. With this, India can establish itself as a leader in space research and AI innovation, setting new global standards while inspiring a future where technology expands humanity’s frontiers and enriches life on Earth.

References

• https://www.ptinews.com/story/national/start-up-to-launch-ai-lab-in-space-in-december/2017534 
• https://economictimes.indiatimes.com/tech/startups/spacetech-startup-takeme2space-to-launch-ai-lab-in-space-in-december/articleshow/115701888.cms?from=mdr 
• https://www.ibm.com/think/news/data-centers-space ‍
• https://cio.economictimes.indiatimes.com/amp/news/next-gen-technologies/spacetech-startup-takeme2space-to-launch-ai-lab-in-space-in-december/115718230

Overview:

After the blackout on July 19, 2024, which affected CrowdStrike’s services worldwide, cybercriminals began to launch many phishing attacks and distribute malware. These activities mainly affect CrowdStrike customers, using the confusion as a way to extort information through fake support sites. The analysis carried out by the Research Wing of CyberPeace and Autobot Infosec has identified several phishing links and malicious campaigns.

The Exploitation:

Cyber adversaries have registered domains that are similar to CrowdStrike’s brand and have opened fake accounts on social media platforms. These are fake platforms that are employed to defraud users into surrendering their personal and sensitive details for use in other fraudulent activities.

Phishing Campaign Links:

• crowdstrike-helpdesk[.]com
• crowdstrikebluescreen[.]com
• crowdstrike-bsod[.]com
• crowdstrikedown[.]site
• crowdstrike0day[.]com
• crowdstrikedoomsday[.]com
• crowdstrikefix[.]com
• crashstrike[.]com
• crowdstriketoken[.]com
• fix-crowdstrike-bsod[.]com
• bsodsm8r[.]xamzgjedu[.]com
• crowdstrikebsodfix[.]blob[.]core[.]windows[.]net
• crowdstrikecommuication[.]app
• fix-crowdstrike-apocalypse[.]com
• supportportal-crowdstrike-com[.]translate[.]goog
• crowdstrike-cloudtrail-storage-bb-126d5e[.]s3[.]us-west-1[.]amazonaws[.]com
• crowdstrikeoutage[.]info
• clownstrike[.]co[.]uk
• crowdstrikebsod[.]com
• whatiscrowdstrike[.]com
• clownstrike[.]co
• microsoftcrowdstrike[.]com
• crowdfalcon-immed-update[.]com
• crowdstuck[.]org
• failstrike[.]com
• winsstrike[.]com
• crowdpass[.]com

In one case, a PDF file is being circulated with CrowdStrike branding, saying ‘Download The Updater,’ which is a link to a ZIP file. The ZIP file is a compressed file that has an executable file with a virus. This is a clear sign that the hackers are out to take advantage of the current situation by releasing the malware as an update.

‍

‍

‍

In another case, there is a malicious Microsoft Word document that is currently being shared, which claims to offer a solution on how to deal with this CrowdStrike BSOD bug. But there is a hidden risk in the document. When users follow the instructions and enable the embedded macro, it triggers the download of an information-stealing malware from a remote host. This is a form of malware that is used to steal information and is not well recognized by most security software. Also it sends the stolen data to the samesame remote host but with different port number, which likey works as the CnC server for the campaign.

• Name New_Recovery_Tool_to_help_with_CrowdStrike_issue_impacting_Windows[.]docm
• MD5 dd2100dfa067caae416b885637adc4ef
• SHA-1 499f8881f4927e7b4a1a0448f62c60741ea6d44b
• SHA-256 803727ccdf441e49096f3fd48107a5fe55c56c080f46773cd649c9e55ec1be61
  
• URLS http://172.104.160[.]126:8099/payload2.txt, http://172.104.160[.]126:5000/Uploadss

‍

Recent Outage Impact:

On July 19, 2024, CrowdStrike faced a global outage that originated from an update of its Falcon Sensor security software. This outage affected many government organizations and companies in different industries, such as finance, media, and telecommunications. The event led to numerous complaints from the users who experienced problems like blue screen of death and system failure. Although, CrowdStrike has admitted to the problem and is in the process of fixing it. 

Preventive Measures:

• Organize regular awareness sessions to educate the employees about the phishing techniques and how they can avoid the phishing scams, emails, links, and websites.
• MFA should be used for login to the sensitive accounts and systems for an improvement on the security levels.
• Make sure all security applications including the antivirus and anti-malware are up to date to help in the detection of phishing scams.
• This includes putting in place of measures such as alert on account activity or login patterns to facilitate early detection of phishing attempts.
• Encourage employees and users to inform the IT department as soon as they have any suspicions regarding phishing attempts.

Conclusion:

The recent CrowdStrike outage is a perfect example of how cybercriminals take advantage of the situation and user’s confusion and anxiety. Thus, people and organizations can keep themselves from these threats and maintain the confidentiality of their information by being cautious and adhering to the proper standards. To get the current information on the BSOD problem and the detailed instructions on its solution, visit CrowdStrike’s support center. Reported problems should be handled with caution and regular backup should be made to minimize the effects.

References:

• https://app.any.run/tasks/2c0ffc87-4059-4d6f-8306-1258cf33aa54/
• https://app.any.run/tasks/48e18e33-2007-49a8-aa60-d04c21e8fa11
• https://www.virustotal.com/gui/file/19001dd441e50233d7f0addb4fcd405a70ac3d5e310ff20b331d6f1a29c634f0/relations
• https://www.virustotal.com/gui/file/803727ccdf441e49096f3fd48107a5fe55c56c080f46773cd649c9e55ec1be61/detection
• https://www.joesandbox.com/analysis/1478411#iocs

‍