#FactCheck: Viral video claims Ahmedabad plane crash but actually a Hollywood Movie Clip

Introduction

In order to effectively deal with growing cyber crime and threats the Telangana police has taken initiative by launching Law Enforcement Chief Information Security Officers (CISO) Council, an innovative project launched in Telangana, India, which is a significant response to the growing cyber threat landscape. With cyber incidents increasing in the recent years and concerning statistics such as a tenfold rise in password-based attacks and an increase in ransomware attacks, the Council aims to strengthen the region's digital defenses. It primarily focuses on reducing vulnerability, improving resilience, and providing real-time threat intelligence. By promoting partnerships between the public and private sectors, offering legal and regulatory guidance, and facilitating networking and learning opportunities, this collaborative effort involving industry, academia, and law enforcement is a crucial move towards protecting critical infrastructure and businesses from cyber threats, the Telangana police in partnership with industry and academia, has launched the Law Enforcement CISO (Chief Information Security Officers) Council of India on 7^th October 2023. Chief of the Central Crime Station Stephen Ravindra said that the forum is a path-breaking initiative and the Council represents an open platform for all the enforcement agencies in the country. The upcoming inititiative inculcate close association with different stakeholders, which includes government departments, startups, centers of excellence and international collaborations, carving a nieche for a sturdy cybersecurity envirnoment. 

Enhancing Cybersecurity is the Need of the Hour:

The recent launch of the Law Enforcement CISO Council in Hyderabad, India emphasized the need for government organizations and industries to prioritize the protection of their digital space. Cyber incidents, ransomware attacks, and threats to critical infrastructure have been on the rise, making it essential to take proactive cybersecurity measures. Disturbing statistics regarding cyber threats, such as password-based attacks, BEC (Business Email Compromise) attempts, and vulnerabilities in the supply chain, highlight the importance of addressing these issues urgently. This initiative aims to provide real-time threat intelligence, legal guidance, and encourages collaboration between public and private organizations in order to combat cybercrime. Given that every cyber attack has criminal elements, the establishment of these councils is a crucial step towards minimizing vulnerabilities, enhancing resilience, and ensuring the security of our digital world.

International Issue & Domestic Issue:

The announcement by the Telangana State Police, is a proactive step to form a first-of-its-kind Law Enforcement CISO Council (LECC), as part of an initiative from the State government to give a further impetus to cyber security. Jointly with its law enforcement partners, the Telangana Police has decided to make cyber cops more efficient and shape them on par with the technology advancements. The Telangana police have proved its commitment for a secure cyber environment by recovering INR 2.2 crore and  INR 6.8 crore lost by people in cyber frauds which is industry’s highest rate of helping the victims. 

The Police department complemented efforts by corporate executives for their personal interest in the subject and mentioned police officers’ expertise and inputs from professionals from the industry need to work cohesively to prevent further increase in the number of cyber crime cases. Data indicates that the exponential increase in cyber threats in recent times necessitates an informed and prudent action with the cooperation and collaboration of the IT Department of Telangana, centers of excellence, start-ups, white hats or ethical hackers, and international associations.

A report from Telangana commissioner states the trend of a surge in the number of cyber incidents and vulnerabilities of Government organizations, Critical Infrastructure and MSMEs and stressed that every cyber security breaches have an element of criminality in it. The Law Enforcement CISO Council is a progressive step in this direction which ensures a reduced cyber attacks, enhanced resilience, actionable strategic and tactical real-time threat intelligence, legal guidance, opportunities for public private partnerships, networking, learning and much more.

The Secretary of SCSC, shared some alarming statistics on the threats that are currently rampant across the digital world. To combat it in today’s era of widespread digital dependence, the program launched by the Telangana Police stands as a commendable step or an initiative that offers a glimmer of aspiration. It brings together all the heroes who want to protect the digital spaces and counter the growing number of threats.

Contribution of Telangana Police for carving a niche to be followed:  

The launch of the Law Enforcement CISO Council in Telangana represents a pivotal step in addressing the pressing challenges posed by escalating cyber threats. As highlighted by the Director General of Police, the initiative recognizes the critical need to combat cybercrime, which is growing at an alarming rate. The Council not only acknowledges the casual approach often taken towards cybersecurity but also aims to rectify it by fostering collaboration between law enforcement, industry, and academia.

One of the most significant positive aspects of this initiative is its commitment to sharing intelligence, ensuring that the hard-earned lessons from cyber fraud victims are translated into protective measures for others. By collaborating with the IT Department of Telangana, centers of excellence, startups, and ethical hackers, the Council is poised to develop robust Standard Operating Protocols (SOPs) and innovative tools to counter cyber threats effectively.

Moreover, the Council's emphasis on Public-Private Partnerships (PPPs) underscores its proactive approach in dealing with the evolving landscape of cyber threats. It offers a platform for networking and learning, enabling information sharing, and will contribute to reducing the attack surface, enhancing resilience, and providing real-time threat intelligence. Additionally, the Council will provide legal and regulatory guidance, which is crucial in navigating the complex realm of cybercrime. This collective effort represents a promising way forward in safeguarding digital spaces, critical infrastructure, and industries against cyber threats and ensuring a safer digital future for all.

‍Conclusion:

The Law Enforcement CISO Council in Telangana is an innovative effort to strengthen cybersecurity in the state. With the rise in cybercrimes and vulnerabilities, the council brings together expertise from various sectors to establish a strong defense against digital threats. Its goals include reducing vulnerabilities, improving resilience, and ensuring timely threat intelligence. Additionally, the council provides guidance on legal and regulatory matters, promotes collaborations between the public and private sectors, and creates opportunities for networking and knowledge-sharing. Through these important initiatives, the CISO Council will play a crucial role in establishing digital security and protecting the state from cyber threats.

References:

• http://www.uniindia.com/telangana-police-launches-india-s-first-law-enforcement-ciso-council/south/news/3065497.html
• https://indtoday.com/telangana-police-launched-indias-first-law-enforcement-ciso-council/
• https://www.technologyforyou.org/telangana-police-launched-indias-first-law-enforcement-ciso-council/
• https://timesofindia.indiatimes.com/city/hyderabad/victims-of-cyber-fraud-get-back-rs-2-2-cr-lost-money-in-bank-a/cs/articleshow/104226477.cms?from=mdr

‍

Introduction

All citizens are using tech to their advantage, and so we see a lot of upskilling among the population leading to innovation in India. As we go deeper into cyberspace, we must maintain our cyber security efficiently and effectively. When bad actors use technology to their advantage, we often see data loss or financial loss of the victim, In this blog, we will shine light upon two new forms of cyber attacks, causing havoc upon the innocent. The “Daam” Malware and a new malicious app are the two new issues.

Daam Botnet

Since 2021, the DAAM Android botnet has been used to acquire unauthorised access to targeted devices. Cybercriminals use it to carry out different destructive actions. Using the DAAM Android botnet’s APK binding service, threat actors can combine malicious code with a legitimate application. Keylogging, ransomware, VOIP call records, runtime code execution, browser history collecting, incoming call recording, PII data theft, phishing URL opening, photo capture, clipboard data theft, WiFi and data status switching, and browser history gathering are just a few of the functions offered by the DAAM Android botnet. The DAAM botnet tracks user activity using the Accessibility Service and stores keystrokes it has recorded together with the name of the programme package in a database. It also contains a ransomware module that encrypts and decrypts data on the infected device using the AES method.

Additionally, the botnet uses the Accessibility service to monitor the VOIP call-making features of social media apps like WhatsApp, Skype, Telegram, and others. When a user engages with these elements, the virus begins audio recording.

The Malware

CERT-IN, the central nodal institution that reacts to computer security-related issues, claims that Daam connects with various Android APK files to access a phone. The files on the phone are encrypted using the AES encryption technique, and it is distributed through third-party websites.

It is claimed that the malware can damage call recordings and contacts, gain access to the camera, change passwords, take screenshots, steal SMS, download/upload files, and perform a variety of other things.

Safeguards and Guidelines by Cert-In

Cert-In has released the guideline for combating malware. These were issued in the public interest. The recommendations by Cert-In are as follows-

Only download from official app stores to limit the risk of potentially harmful apps.

Before downloading an app, always read the details and user reviews; likewise, always give permissions that are related to the program’s purpose.

Install Android updates solely from Android device vendors as they become available.

Avoid visiting untrustworthy websites or clicking on untrustworthy

Install and keep anti-virus and anti-spyware software up to date.

Be cautious if you see mobile numbers that appear to be something other than genuine/regular mobile numbers.

Conduct sufficient investigation Before clicking on a link supplied in a communication.

Only click on URLs that clearly display the website domain; avoid abbreviated URLs, particularly those employing bit.ly and tinyurl.

Use secure browsing technologies and filtering tools in antivirus, firewall, and filtering services.

Before providing sensitive information, look for authentic encryption certificates by looking for the green lock in your browser’s URL information, look for authentic encryption certificates by looking for the green lock in your browser’s URL bar.

Any ‘strange’ activity in a user’s bank account must be reported immediately to the appropriate bank.

‍

New Malicious App

From the remote parts of Jharkhand, a new form of malicious application has been circulated among people on the pretext of a bank account closure. The bad actors have always used messaging platforms like Whatsapp and Telegram to circulate malicious links among unaware and uneducated people to dupe them of their hard-earned money.

They send an ordinary-looking message on Whatsapp or Telegram where they mention that the user has a bank account at ICICI bank and, due to irregularity with the credentials, their account is being deactivated. Further, they ask users to update their PAN card to reactivate their account by uploading the PAN card on an application. This app, in turn, is a malicious app that downloads all the user’s personal credentials and shares them with the bad actors via text message, allowing them to bypass banks’ two-factor authentication and drain the money from their accounts. The Jharkhand Police Cyber Cells have registered numerous FIRs pertaining to this type of cybercrime and are conducting full-scale investigations to apprehend the criminals.

Conclusion

Malware and phishing attacks have gained momentum in the previous years and have become a major contributor to the tally of cybercrimes in the country. DaaM malware is one of the examples brought into light due to the timely action by Cert-In, but still, a lot of such malware are deployed by bad actors, and we as netizens need to use our best practices to keep such criminals at bay. Phishing crimes are often substantiated by exploiting vulnerabilities and social engineering. Thus working towards a rise in awareness is the need of the hour to safeguard the population by and large.

Introduction

India & Bangladesh have adopted proactive approaches, focusing on advancing cyber capacity building in the region. Bangladeshi and Indian cybersecurity experts have emphasised the importance of continuous technology training to protect the digital space from growing cyber-attacks and threats. They call for greater collaboration to share knowledge and expertise in cyber resilience, network vulnerability, and cyber risk assessment. The Cyber-Maitree 2023 event held in Dhaka aimed to enrich and build capacity to counter cyber-attacks and threats. The senior director of India's Computer Emergency Response Team acknowledged the growing dependence on cyberspace and the need for increased preparedness as critical infrastructures, energy systems, banks, and utilities are connected to the internet. Recently, Bangladesh Cyber ​​Security Summit 2024, organised by Grameenphone, was held in Dhaka on March 5th, 2024. Such collaborative dialogues between the countries serve as a shining example of cooperation between the governments of Bangladesh and India, serving as a platform for knowledge sharing, capacity building, and international cooperation in cyber security.

Cyber Maitree held in 2023

In 2023, India and Bangladesh held  'Cyber Maitree 2023', an initiative hosted by the ICT Division of the Bangladeshi Government, to address cybersecurity challenges in a rapidly globalising world characterised by digitisation. The event, which translates to "Cyber Friendship," was an interface for cybersecurity experts and aspirants from both nations, creating an avenue for extensive training, practical exercises, and a dynamic exchange of information. We need to emphasise the importance of bolstering digital safety as both nations grapple with the rapid digitisation of the world.

India-Bangladesh joint efforts aim to fortify cyber resilience, pinpoint potential network vulnerabilities, bolster rigorous risk assessments, and illuminate the landscape of cyber threats. It encompasses various sectors, including cybersecurity, artificial intelligence, ICT, and IT-driven human resource expansion. The growing camaraderie between India and Bangladesh has been evident through strategic engagements, such as the India-Bangladesh Startup Bridge and the establishment of 12 High Tech Parks in Bangladesh.

Highlights of the India-Bangladesh MoUs for Cyber Security Cooperation

In 2017, India and Bangladesh signed a Memorandum of Understanding (MoU) focused on cyber security cooperation. 

In 2022, Both nations crafted a Memorandum of Understanding (MoU), highlighting collaboration in spheres such as e-governance, e-public service delivery, research, and development. A separate agreement was also inked focusing on mutual information sharing pertaining to cyber-attacks and incidents. The first MoU aims to provide a framework for training Bangladesh Railway employees at Indian Railways' training institutes, including field visits. The Indian Railways will coordinate with officials from the Ministry of Railways, Government of Bangladesh to improve training facilities in Bangladesh. The second MoU focuses on collaboration in IT systems, for the Bangladesh Railway. The Ministry of Railway, Government of India, will offer IT solutions for passenger ticketing, freight operations, train inquiry systems, asset management digitisation, HR and finance infrastructure. The MoUs aim to strengthen the friendship bond between India and Bangladesh and promote friendly cooperation in the railway sector.

Way Ahead

Zunaid Ahmed Palak, State Minister for Posts, Telecom and ICT, Bangladesh, has announced that Bangladesh and India will collaborate to ensure the safety of the cyber world. The two countries are expected to sign a final agreement within the next three to six months. He stressed the importance of attracting investments in the postal, telecommunication, and IT sectors. He also highlighted the strong ties between Bangladesh and India. He also announced that 12 high-tech parks will be constructed in Bangladesh with an Indian Line of Credit, starting operation by 2025. He further referred to the Indian Cyber Emergency Response Team (CERT), and said "We are very much enthusiastic in fighting against the cyber attacks and crimes as the team is now working with us". 

Bangladesh Cyber ​​Security Summit 2024

The Bangladesh Cyber Security Summit 2024, organised by Grameenphone, was held in Dhaka on 5th March 2024, focusing on cybersecurity issues and opportunities, fostering collaboration between government, private organisations, industry experts, and sponsors investing in Bangladesh's digital future.

Conclusion 

India and Bangladesh share a common vision for a secure digital future, focusing on cybersecurity collaboration to safeguard shared aspirations and empower nations to thrive in the digital age. We must emphasise the need to fortify digital defenses, leveraging expertise, innovation, and collaboration to secure interconnected futures. Collaborative relations in Information and Communication Technology and Cyber Security will strengthen digital defense and establish cyber resilience. 

References:

• https://caribbeannewsglobal.com/bangladesh-and-india-call-for-more-cyber-security-training/?amp=1
• https://www.indianewsnetwork.com/en/20231005/bangladesh-and-india-strengthen-ties-through-cyber-maitree-2023
• https://www.bssnews.net/news-flash/150763
• https://digibanglatech.news/english/bangladesh-english/125439/
• https://www.mea.gov.in/Portal/LegalTreatiesDoc/BG17B3024.pdf
• https://digibanglatech.news/english/bangladesh-english/125439/
• https://www.tbsnews.net/tech/ict/bangladesh-india-work-together-cyber-security-palak-712182

‍