Nepal Police has urged everyone to stay vigilant informing about the increasing trend of SMS misuse through applications.
Lately, false information has been circulating through SMS saying that you have been in contact with a person who is positive for Coronavirus. Also, you would be fined for not undergoing a PCR test.
Addressing the fake SMS, the Central Bureau of Investigation (CBI) has recently issued a press release. According to the press release, the police investigation has revealed that such misleading SMS’s are sent to mobile phones through applications.
Furthermore, it states that such SMS’s are cheap and accessible. People with criminal mindsets can misuse these applications for fraudulent activities.
There’s no running away from the fact that the security of our systems and applications can be quite vulnerable.
In fact, it is evident from the incidents of cryptocurrency mining, data breaches, and website defacing around the world.
With this, more individuals and organizations are realizing what they lack which ultimately results in the change in cybersecurity landscape as we know it.
According to a report by the Australian Cybersecurity Growth Network, the global market of cybersecurity may rise to $270 billion by 2026.
This signals to the inclusion of cybersecurity as a major priority in organizations.
In most ways, COVID-19 has become a trigger to take serious measures for safety or both health and cyberspace.
So, let’s see how the digital shift will bring upon the global change in the cybersecurity landscape.
How will the Cybersecurity Landscape Change in the Near Future?
Biometric Security and Authentication on the Rise
Two-factor and multi-factor authentications have become an integral part of protecting data privacy. These methods rely on usernames and passwords, which means hackers target individuals in order to exploit their weaknesses.
Thus, identity protection needs to be the topmost priority with authentication systems focusing on “who you are”.
This means that soon enough, organizations may roll out advanced biometric solutions to protect the identity of employees. These include fingerprint/handprint, retina/iris scan, voice, and facial recognition.
Adoption of Virtual Desktop
With remote working likely to become the new normal, companies need to ensure the security baseline and management standards.
Adopting a virtual desktop could help prevent cyber risks while accessing work resources from the home network and computer.
Firstly, it is important to understand the concept of a virtual desktop.
A virtual computer basically emulates another device. This means that you can access your work computer remotely and avoid the risk of mixing personal and professional data.
With remote workers operating outside the safety of a corporate network, the adoption of virtual desktops could be a befitting solution.
The surge in Decentralized Cybersecurity
Traditionally, cybersecurity controls followed a centralized approach for consolidating data from different sources. The centralized system was used to perform analysis and investigation.
However, the swift digitalization will likely shift the security controls to data sources. This trend is heavily practiced in IoT.
To keep the cyber threats at bay, greater emphasis will be given to decentralized cybersecurity.
Likewise, the data sources such as actual remote employees will get more attention since they are the greatest assets of an organization.
Greater Priority to the Cloud
Cloud storage always has been a seamless and convenient way to store and access data and applications.
With security challenges emerging from all directions, concerned authorities are likely to invest more in securing the cloud platforms.
New Wave of Innovative Technologies
Many countries still have a strict order for maintaining social distancing. In fact, it is unlikely to change in the near foreseeable future.
Technologies like Artificial Intelligence and Machine Learning will see greater adoption. Similarly, AR/VR is more likely to thrive in the post-pandemic world.
Video conferencing will still be preferred.
Furthermore, any technology that minimizes physical interaction will gain popularity.
Cybersecurity Job Demands on the Rise
It’s not surprising that companies are now driving their attention and investment towards cybersecurity.
No matter how secure systems we make, or how much safety measures we follow, hackers find a way to exploit our weaknesses.
In such times, we need frontline defenders!
With more people gaining awareness, their interest in the cybersecurity domain has also peaked.
According to Cybersecurity Ventures, there will be 3.5 million unfilled cybersecurity jobs globally by 2021.
This means that companies are hiring! They also need to strengthen and enhance data privacy, which is one of the greatest accomplishments of the pandemic in the cyberspace.
Malware is pretty much everywhere these days. It’s in mobile applications, websites, or our emails. In fact, threat actors are targeting remote workers across the globe by redirecting them to malicious websites.
The travel industry may have started to ease up around the world, but other industries still remain affected due to the ongoing pandemic. The work from home routine has pressured IT and security professionals to ensure productivity from employees. At the same time, they have to secure the organization data and follow necessary cyberthreat preventive measures.
An analysis of over a month showed that employees clicked on 76,440 links that redirected them to malicious websites.
NetMotion, a software company, collected and analyzed a sample of anonymized network traffic data. The objective was to search for evidence regarding attempts to access risky content.
Image Source: NetMotion
Furthermore, all the clicks on these sites (or links) come from office laptops while working from home. Remote workers may have used home or public WiFi, or a data network.
Key Findings
The research identified several primary risk categories using “machine learning and based on the reputation scores of over 750 million known domains.”
These include more than 4 billion IP addresses and in excess of 32 billion URLs.
As a matter of fact, the research assumes that these risks could’ve been easily avoided if remote workers were connected to protected internal networks.
Let’s have a look at other notable findings from the analysis.
Employees encounter 5 risky URLs per day, or 59 per week (on average).
Remote workers also access around 31 risky sites per month containing malware, and 10 phishing domains. That means one malware site every day and every 3 days, one encounters a phishing domain.
As seen on the piechart above, the category of high-risk URLs in order of their prevalence were botnets, malware sites, spam and adware, and phishing and fraud sites.
Botnets are on top of the risk chart with over a quarter of high-risk URLs.
Almost 1 in 5 risky links redirected to websites containing adware, malware, or spam.
The ‘other’ category comprises of ‘low-severity’ risky content such as sites that use proxies, translations, and other methods. This category represents 51% of the total data.
Attempted Clicks on Risky URLs Increased by 25K
With the rapid shift to remote work, cybercriminals and threat actors are targetting employees. Moreover, there’s an enormous threat to the organization’s data that’s been evolving since the beginning of the pandemic.
A similar analysis for the month of January 2020 shows that the number of attempted clicks on risky URLs were 51,302. Thus, there has been a sudden rise in the volume of clicks, which threat actors are capitalizing on.
Malware and phishing campaigns remain to be major threats to enterprises with active work from home policy.
Security experts are doing their bit in securing the organization’s system. But it is also the responsibility of remote workers to stay vigilant.
The Indian Government on Monday evening decided to ban 59 apps developed by Chinese firms saying their activities threaten the sovereignty and integrity of the country.
The list of apps includes TikTok, UC Browser, Weibo, and others. The decision comes as the latest standoff between China and India after the Ladakh clash where 20 Indian soldiers lost their lives.
Among the banned apps, ByteDance’s TikTok, Video Call apps from Xiaomi, and Alibaba Group’s apps have one of the biggest overseas markets in India.
This is the first time that a highly populated country like India has ordered to ban so many foreign apps.
“The compilation of these data, its mining and profiling by elements hostile to national security and defense of India,” said the nation’s Computer Emergency Response Team.
How it affects the App Market?
According to the research firm Counterpoint, the ban order would impact roughly one in three smartphone users in India. Reports suggest that the banned apps put together had more than 500 million monthly users in May alone.
In fact, 27 apps among the list were India’s top 1000 Android apps last month, according to a top mobile insight firm.
Google confirmed that it is yet to receive the official order from the Ministry of Electronics and Information Technology, New Delhi.
Likewise, Apple said that it is reviewing the order.
It is most likely that the companies will comply with such app removal requests. Although, it is still unsure how the Indian government expects mobile OS makers and internet service providers to comply.
List of banned apps in India
An Insight to TikTok’s Popularity
TikTok’s owner ByteDance claims that the app has the biggest overseas market share in India. In the first Quarter of 2020, TikTok was downloaded 315 million times – which surpassed Facebook and WhatsApp.
India accounts for 30% of the app’s total downloads with download numbers reaching 611 million from the nation.
There’s no doubt about its popularity, engagement, and equitability. However, the app has previously been a subject of a class-action lawsuit filed in the US. The lawsuit accused TikTok of illegally collecting personally identifiable user data and sending it to China.
In fact, India had briefly banned the app last year for encouraging inappropriate content.
The app also suffered a huge blow among Indian audiences when YouTube vs TikTok was trending in the country. It’s rating briefly went as low as 1.3 on Google Play Store.
Following the feud, #BanTikTokIndia was trending in India and has been among the top three trends in the country. With the standoff between the two highly populated nations, #Boycottchineseapps and #Boycottchineseproducts also have been trending for a few days.
Do you think it was a good decision banning the app which was also a source of income for influencers?
Cybersecurity training and courses in Nepal have become a highly sought after opportunity for stepping inside the information security domain. There’s absolutely no doubt that the entire world is seeking cybersecurity experts who can ensure the security of organizations.
So, why not learn what it takes to become a security expert with OWASP Training? The Open Web Application Security Project (OWASP) offers free security tools and resources to help mitigate the risks and protect critical system operations.
Nepal’s one-week OWASP training combines expert instructions with hands-on secure coding lab activities. The core objective is to provide IT professionals and experts with a complete solution package for most critical web application security risks.
Organizing the OWASP Training in Nepal are Information Security Response Team Nepal (NPCERT) and Center for Cyber Security Research and Innovation (CSRI).
You get nothing but the state-of-the-art security solutions at OneCover. It places itself as the provider of dependable security services in the country. Also, it promises to fulfill the cybersecurity needs of every organization in Nepal. It is located at the center of K-town, New Baneshwor.
The company provides some of the essential services such as Security Consulting, Incident Response, Security Assessment, and Managed Security. OneCover presents itself as one of the best cybersecurity service providers in the country with a top clientele profile.
The company consists of devoted team members to provide high-grade cybersecurity solutions. The services consist of IS Audit, VAPT, Threat Analysis, Incident Response, etc. Truly made4security, CryptoGen Nepal is located at Nagpokhari, Kathmandu.
If your business is looking for a unique approach to Risk assessment and Compliance, CryptoGen can be the right choice for you.
Cynical Technology
Cynical is a Nepal based cyber-security startup company with skillful expertise in application penetration, network penetration, security auditing, and compliance that focuses on solving issues of concern to management in regards to cybersecurity.
Training Detail:
Date – Starting from July 14, 2020
Duration – 1 Week
Morning Shift (7 AM – 9 AM)
Evening Shift (6 PM – 8 PM)
Platform – Zoom (Webinar)
What is the OWASP Training?
The emerging impact on information security around the world has most certainly inflicted chaos. First started in 2001, the OWASP training help organizations and IT experts better manage these impacts on application security.
With the rapid advancement in technology, organizations leap forward every day to use critical applications. In fact, it’s more critical for the experts to understand the current risk landscape and tackle emerging security threats.
Necessity is the mother of invention. That’s exactly why the scope of OWASP training will only get bigger and better.
After the completion of this course, you can pursue a career path in information security as a Penetration Tester. In fact, it is deemed as one of the 3 most in-demand jobs in the cybersecurity job market.
Ethical Hacker vs Penetration Tester
Let’s be clear that there are some significant differences between Ethical Hacking and Penetration testing. However, we often assume that these subjects are one. In fact, most cybersecurity professionals also seem to make the same mistake.
An ethical hacker, also known as a white-hat hacker, is a security professional who knows how to find and exploit vulnerabilities in systems. Indeed, it sounds just like a malicious or black hat hacker but an ethical hacker uses their skills in a lawful manner. Their job is to find vulnerabilities and fix them before the ‘bad’ guys start exploiting them.
Meanwhile, the aim of a penetration tester is to find vulnerabilities, malicious content, and risks in an application. It is an official procedure that makes helpful attempts on strengthening and defending the IT infrastructure. In fact, it can be understood as a part of an ethical hacking process that specifically focuses only on penetrating the information system.
A penetration test helps to determine the preparedness against potential threats. Furthermore, it shows the strengths and weaknesses of any IT infrastructure at a certain point in time.
What will be Covered in OWASP Training?
In the span of one-week OWASP Training, we will learn about the different system vulnerabilities and how can they be exploited. We will then learn the defense techniques that can fix vulnerabilities such as Inject Flaws, Open URL redirects, and Broken Authentication – and mitigating the risks.
Here’s the list of topics that we shall cover in the training:
Injection Flaws
Cross-Site Scripting
Insecure Direct Object References
Open URL Redirects
Cross-Site Request Forgery
Command Injection
Broken Authentication
Security Misconfiguration
Sensitive Data Exposure
API Testing
The OWASP training is ideal for IT professionals to improve their insight into the current security threats. Furthermore, it will help them improve their job outlook and also help strengthen operational security.
Learning Outcomes
After the completion of this training, you will be able to:
Firstly, describe major online security regulations and vulnerabilities.
Implement the best security practices to safeguard systems against common attacks.
Apply strategies to protect critical application’s security.
You can also send your query our way at [email protected] for more details.
Web application security is one major component in web application development that often gets overlooked.
Let’s get a better insight into the cybersecurity sector from the executive member at npCert (Information Security Response Team Nepal) and Manager at Cryptogen Nepal, Mr. Ashok Gurung.
How can hackers use news and posts related to the Corona Virus to breach user security?
Coronavirus has become a global pandemic, so, everyone is keeping a close eye on the updates about its effect across the world. People want themselves to stay updated through news portals searching news headlines of all over the world.
Well, hackers, on the other hand, are always for trending and breaking news. This time, the trending news headings of Corona Virus have become one of the secure methods for them to lure users and get them into a phishing attack. Also, hackers can build their malicious website to show the latest updates on Coronavirus with beautiful cosmetics on which people fall and lead themselves to become the victim.
“For instance, several organizations have made dashboards to keep track of COVID -19, but the hackers can misuse those dashboards to inject malware into computers or mobile phones. Some of the cases indicate that hackers are using this map to steal information of users, including user name, password, credit card number, and other information stored in a browser”.
Suppose you use mobile phones for checking office emails along with other apps. This mobile phone becomes one of the leveraging points to steal your credentials. In this case, hackers can slightly change the link and route the user’s data, which we become unaware of. For example, the original link, i.e., https://cybersolution.com, can be modified somewhat as https://cybers0lution.com, and after clicking it, the hackers can do many dangerous tasks in your device.
Why has Coronavirus and information related to it become a wide-spread lure used by cybercriminals?
As we know that the Cybersecurity firm Proofpoint first noticed a strange email being sent to a customer in February. The message was purposed to be from a mysterious doctor claiming to have details about a vaccine being covered up by the Chinese or UK Governments. The Firm said that the people who click on the attached document are taken to a spoof webpage designed to harvest login details. It says up to 200,000 of the email are being sent at a time. Hackers need many years of study to hack or breach data. They need a massive investment of money, time, and dedication to cut information of a company or a user.
But this pandemic situation has become a honeypot for hackers because, with a small effort, people are easily trapped. In this situation, due to increased hacker activity, phishing attempts have gone up by three times, and the work from home infrastructure is also not much secured and mature. As the virus spreads across the globe, people are searching online for the latest information and updates on how it might affect them, and what they can do to protect themselves and their families. Cybercriminals are quick to take advantage of these concerns for their gain in this situation. It has been over 4,000 coronavirus-related domains registered globally since January. Out of these websites, 3% were found to be malicious, and an additional 5% are suspicious. Coronavirus- related fields are 50% more likely to be malicious than other areas registered in the same period.
What are the most common internet platforms that are vulnerable in this matter?
Most of the common internet platforms that are most vulnerable in this time might be social media sites, news portals, Online Portals, online payment gateway applications, websites, etc. Such web applications can be exploited for below vulnerabilities:
SQL Injections
SQL injection is a type of web application security vulnerability in which an attacker attempts to use application code to access or corrupt database content. If successful, this allows the attacker to create, read, update, alter, or delete data stored in the back-end database. SQL injection is one of the most prevalent types of web application security vulnerabilities.
Cross-Site Scripting (XSS)
Cross-site scripting (XSS) targets an application’s users by injecting code, usually a client-side script such as JavaScript, into a web application’s output. The concept of XSS is to manipulate client-side scripts of a web application to execute in the manner desired by the attacker. XSS allows attackers to execute scripts in the victim’s browser, which can hijack user sessions, deface websites, or redirect the user to malicious sites.
Broken Authentication & Session Management
Broken authentication and session management encompasses several security issues, all of them having to do with maintaining the identity of a user. If authentication credentials and session identifiers are not protected at all times, an attacker can hijack an active session and assume the identity of a user.
Insecure Direct Object References
The insecure direct object reference is when a web application exposes a reference to an internal implementation object. Domestic implementation objects include files, database records, directories, and database keys. When a claim presents a reference to one of these objects in a URL, hackers can manipulate it to gain access to a user’s data.
Security Misconfiguration
Security misconfiguration encompasses several types of vulnerabilities, all centered on a lack of maintenance or a lack of attention to the web application configuration. A secure configuration must be defined and deployed for the application, frameworks, application server, web server, database server, and platform. Security misconfiguration gives hackers access to private data or features and can result in a complete system compromise.
Cross-Site Request Forgery (CSRF)
Cross-Site Request Forgery (CSRF) is a malicious attack where a user is tricked into performing an action he or she didn’t intend to do. A third-party website will send a request to a web application that a user is already authenticated against (e.g., their bank). The attacker can then access functionality via the victim’s already confirmed browser. Targets include web applications like social media, in-browser email clients, online banking, and web interfaces for network devices.
What are the hazards of opening malicious links or sites related to Coronavirus, how can it affect the users?
The hazards of opening any malicious sites or links specially built to delude with coronavirus information can be anything. The links can simply redirect you to other malicious sites or URL’s which might not be harmful but annoying. However, if the website itself is dangerous, then it can be built in such a way that some malware, adware, trojan, or any other infectious applications will be downloaded and installed automatically in the user’s end-device.
They can do many of the harmful things like acting as a bot and communicate with command and control (CNC) servers which can take control of the user’s device, install keyloggers which can record all the keys being typed in the keyboard which only hackers can see, mine cryptocurrency, imitate legitimate site, steal sensitive information, encrypt the files in the system, paralyze the whole system not to let it operate normally and many more.
What kind of precautions can users take to save themselves from falling victims to such hazards during this pandemic time?
Well, during this Coronavirus pandemic time, all we are doing is to look for the latest news and updates about it around the world via online news portals and different websites. Often, we browse new sites that are beautifully designed, the exciting headlines, and any URLs sent by people over email or social media instant messages. And, we become the prey of the malicious acts of the hackers.
So, during this time, we should only follow the legitimate and authentic news portals and websites for the updates, check the complete URL carefully before opening, shouldn’t go to any link/site mentioned in email or messages even if known people send it, shouldn’t download applications from unknown websites, keep the security options like firewall enabled in the device and also have a good endpoint protection software (anti-virus) installed, updated and working against viruses and malware every time.
On top of every measure to prevent yourself from being victims, you must have the awareness about the cybersecurity things. If you are aware then, even if any malware or virus enters into your device, you can quickly respond to it appropriately before it does any harm or exfiltrate your data. So, being aware and having knowledge about it is the primary thing one should have.
Telegram, a Cloud-based messaging app, has suffered a data leak after anonymous hackers exposed personal details of its users on darknet forums. According to a Russian Publication, the exposed database contains phone numbers,unique Telegram user IDs, and other sensitive information.
However, the exact number of users affected by this incident is still unclear. The size of the leaked database is about 900 megabytes.
In its defense, Telegram said that it is a built-in contact export vulnerability which is a primary concern for all such contact-based apps.
According to reports, 70% of the leaked accounts were from Iran, while the remaining 30% were from Russia.
Moreover, it said that the leaked data is out of date. Telegram claims that 84% of the data were collected before mid-2019 and at least 60% of it is inaccurate.
Common Vulnerability Among Apps
“Like other phone-based messengers (Facebook Messenger, WhatsApp, Viber), Telegram allows you to see which of your contacts are also using the app,” a Telegram spokesperson informed Cointelegraph.
The spokesperson added that most contact-based apps face the challenges of malicious users attempting to upload multiple phone numbers and build databases that match them with user IDs – similar to this incident.
Not the First for Telegram
While most claim that Telegram is a privacy-focused and secure app, it is not its first data leak incident. In August 2019, Hong Kong activists reported a vulnerability that exposed their phone numbers to allow law enforcement to track them.
Similarly, it also faced a DDoS (Distributed Denial of Service attack) in June 2019. Telegram revealed that this attack affected users in the US, Hong Kong, and in other countries.
Telegram had to release an apology on Twitter following the incident.
After such unpleasant experiences, the company introduced new privacy measures that hid the user’s phone numbers from everyone.
Recently, Russia also lifted a two-year ban on Telegram after many unsuccessful ban attempts.
Nepal’s one-week OWASP Training cum workshop includes combinations of expert instruction and hands-on secure coding lab activities designed to provide website developers, app developers, information security managers, information security officers, information security professionals, business analysts, software testers, IT Project managers, students, information security enthusiasts with a complete package of most critical web application security risks.
Open Web Application Security Project (OWASP) training is all set to be organized by Information Security Response Team Nepal (npCert) and Center For Cyber Security Research and Innovation (CSRI). Three dedicated cybersecurity company conducted the training from Nepal Onecover.
We are proud to announce the first OWASP training in Nepal to be held at Webinar (Zoom) on July 14th, 2020. Nepal’s Biggest software security webinar for technology professionals.
The world is experiencing a surge in internet and data traffic with stay-at-home orders in most countries. Specifically, there has been a rise in the consumption of online video. A recent report from security solutions provider McAfee reveals the potential risks of browsing online video stream content, especially the ones available for free.
Obviously, more users tend to look for free and accessible content online. Be it online TV series or books, and even games.
McAfee analyzed over one hundred most popular entertainment titles across the leading streaming service providers today. As a result of the analysis, it identified a list of top 10 television and movie content with most web risk.
Brooklyn Nine-Nine grabs the top spot in the list of television web risk titles while the top spot in the movie goes to Warrior.
Top 10 Web Risk TV List
Brooklyn Nine-Nine
Elite
Harlots
Letterkenny
Poldark
Lost
You
Gentefied
PEN15
Skins
Top 10 Web Risk Movies List
Warrior
Zombieland
The Incredibles
Step Brothers
Bad Boys
Aladdin (2019)
The Lion King (1994)
Swingers
Frozen 2
The Invitation
Based on the list, it is clear that almost half of the top movie titles are of the children’s category.
“With cybercriminals regularly tracking changes in social trends like school closures, parents need to be extra vigilant when it comes to searching online for content for their children to watch,” McAfee said.
According to Baker Nanduru, VP of Consumer Endpoint Segment at McAfee, the increasing trend of going online during lockdowns has created the perfect storm for web crime. History is proof that cybercriminals follow consumer trends and behaviors in order to come with scam strategies.
“It’s important that consumers stay alert while online and avoid malicious websites that may install malware or steal personal information and passwords,” says Nanduru.
Similarly, most targeted TV shows are the original TV series of the leading streaming platforms. McAfee found that the streaming platforms were investing more in their original TV series to attract and retain new customers.
Moreover, the popularity of these original content drove unsubscribed users to search for free access to specific content online.
Regardless of how risky the cyberspace is, there are ways for users to enjoy online streams while staying safe. McAfee has also advised certain mitigating measures to secure yourself online.
These include:
Look out for what you click – The users looking up to watch trending TV or movie content should be cautious of what they click. Therefore, make sure to watch entertainment content directly from a reliable source.
Refrain from streaming from illegal or untrusted sites – Many illegal sites attract users based on the trend and popularity of entertainment content. That’s exactly how they bait you into downloading malware or adware on your device. So, you would be doing yourself a favor by subscribing to a streaming site and avoiding free content.
Securing your online privacy with a security solution – While McAfee recommends their security solution tools, it is totally up to you. In fact, there are many cybersecurity solution tools and applications that can secure your online realm.
Use parental control software – The kids these days don’t need your help to search for their favorite TV shows or movies. But, what you can do to ensure their safety is set up parental lock or control software. This will keep you updated on their online activities and minimize exposure to potentially harmful websites.
Final Say
With cyber threats on the rise, it comes down to us for securing ourselves. Every day threat actors come up with new strategies to scam us, and why? It’s because there’s no anticipating what goes trending these days.
Staying updated and spreading awareness is our first line of defense against such threats. So, start early and educate your kids about the potential harm of online activities.
A hacker or group of hackers by the name ‘Deadly Weapon’ has defaced the website of the Supreme Court Bar Association. The website shows the text:
‘HACKED BY DEadLY WeApon ‘.
In fact, it looks like the defacing is not limited to the index page, unlike some previous incidents.
Also, there are neither any mentions of motive nor any threats from the hacker(s).
The Supreme Court Bar Association is a Nepali bar association that comprises the practicing lawyers of the Supreme Court.
By the likes of it, the website contained information regarding lawyers’ profiles, the organization’s profile, and other materials. However, it is still unknown if the defacer has gained access to any sensitive data that could possess a major threat to the association.
This May Not Be the First Defacing of the Website
Since the beginning of the nationwide lockdown in Nepal, the growth rate of cybercrimes are off the charts. Major incidents include website defacing and data dumps of service providers in Nepal.
Likewise, there have been multiple successful attempts of website hacks by Indian hackers on Nepali websites. In fact, this went back and forth between Nepali and Indian hackers for quite a while.
Now, we suspect the defacing of the Supreme Court Bar Association website may not be its first hack.
The website description on Google mentions the hack by an Indian hacker. However, this piece of information is missing on the defaced website. So, there’s a chance that it might be showing the info from the previous hack.
Thus, we suspect that it might not be the first defacing of this particular website.
Meanwhile, we still don’t have any information on when exactly the site was defaced by the anonymous hacker.
We will update you as soon as we have any further information.
What are your views on this? Let us know in the comments!
The Delhi Police Cyber Crime Department has warned WhatsApp users. The new type of fraud has to hijack WhatsApp accounts. In a series of tweets that frauds are trying to lock out users, by using WhatsApp two-factor authentication. The scam is to get someone’s WhatsApp account so that they can talk to the victim’s friends and family about financial transactions.
The hacker creates a fake account and sets the official WhatsApp logo as a screenshot, which acts like the WhatsApp technical team’s account. The hacker asks the user to provide a six-digit confirmation PIN to verify their identity since the text message appears as from the professional side by the official logo of WhatsApp.
The target deceives and shares a six-digit confirmation PIN. Hackers use the information from their device to log in to the target’s WhatsApp account. Attackers can then use their access to the hijacked account. They use accounts to send messages to the target’s friends and family members. They may request money, PIN, OTP, and more.
Nepal’s cybersecurity is at risk, integrated development of information technology is required. Experts in the field of information technology have said that Nepal’s cybersecurity is under threat.
Nepal E-Governance Society (NEGS), Speaking in a webinar on e-governance and data security organized by. Dr. Purushottam Kharel said that strong security cannot be guaranteed in the area.
According to him, no concrete work has been done on how to bring such service to the doorsteps of people in the context of e-governance. Lack of infrastructure is the main challenge. However, he said that the development of infrastructure and increased awareness will help in its development.
Dr. Kharel said that the government needed to develop policies and strategies with the help of experts.
Making the right decisions about what kind of infrastructure is needed is equally important. He said that an integrated framework should be created covering the central, state, and local levels as well as the private sector.
He said that such policy and work has not yet been done in an integrated manner and despite suggestions to the government, it has not been implemented. He said that people should work in such a way that they can feel.
Likewise, Ram Krishna Pariyar, ICANN SSR2 Member, said that the cybersecurity situation in Nepal is at risk.
He said that online services and e-governance require agile and reliable cybersecurity, but the government policy is good but implementation is slow.
However, he said the situation was not very sensitive and the situation in Nepal was good, especially in South Asia.
Ramesh Prasad Pokharel, Assistant Director of the National Information Technology Center, said that some government portals had been hacked and security was weak.
According to him, some of these acts from abroad have been done through applications, which would have been riskier if done through the network.
Problems can sometimes arise when software and operating systems are not updated. He said that there is a need to raise awareness.
The IT Digital Nepal Framework encompasses the development strategy of the entire IT sector of Nepal. It envisages a paperless government under the Digital Foundation Policy and plans to establish national cybersecurity and provincial data center, ”he said.
The Nepal e-Governance Society has organized a webinar on e-governance services, infrastructure, and security in Nepal in the context of the increasing use of information technology after blocking the movement of people.
At a time when the coronavirus is attacking the whole world, the use of electronic systems in various fields including governance is becoming more and more important.
The program was conducted by Deepesh Ghimire and Deepender Paudel. NEGS aims to build an information-based society and assist in the expansion, use, and development of information technology.
It may be difficult to believe but the light is watching you and in this case, quite literally. With something known as the Lamphone attack, spies can listen to your conversation watching a light bulb in your room.
Yes, it is based on the hypothesis that you are in a room with a light bulb hanging in there. And, it should be visible from a window.
A team of cybersecurity researchers has found out a novel side-channel attacking technique being used to eavesdrop on conversations. This attack recovers full sound from a conversation by measuring the amount of light the bulb emits.
The credit of the findings of this technique called “Lamphone” goes to researchers at Ben-Gurion University of the Negev and the Weizmann Institute of Science.
How does Lamphone Attack Exploit Light Bulbs?
Basically, eavesdroppers capture sound waves optically through an electro-optical sensor directed at the light bulb. These minuscule sound waves are used to recover speech and also recognize music.
So, the main premise of this attack is to detect vibrations from the hanging bulbs as a result of air pressure fluctuations. This phenomenon occurs naturally when the sound waves hit the bulb surfaces which we can’t normally observe.
By measuring the tiniest changes in the bulb’s output due to the vibration in its surface, threat actors can recover snippets of conversations.
God is in the details!
Except for this time, it’s a privacy threat that is.
The assumptions are based upon the presence of a victim inside a room or office that contains a hanging light bulb.
According to the researcher, the eavesdropper is a malicious entity that is interested in spying on the victim. By retrieving the victim’s conversation, the malicious entity can misuse the information provided in the conversation.
Threats to the victim include identity theft, extortion, and so on.
So, what are the tools that can achieve the Lamphone attack?
Firstly, an attacker would need a telescope to focus on the target which is the hanging bulb.
Another thing is an electro-optical sensor mounted to the telescope. This sensor’s job is to transform the captured photons from the light source (bulb) into electric current.
Also, an analog-to-digital converter to convert the sensor output to a digital signal.
Finally, they would need a sound recovery software that converts the input optical signals into audio signals.
Lamphone Attack Demonstration
The researchers managed to recover an audible extract of POTUS Donald Trump’s speech. Furthermore, they reproduced a recording of Coldplay’s “Clocks” and the Beatles’ “Let It Be”.
On top of that, the attacker doesn’t have to be within the close vicinity of the victim. In fact, this approach enables the initiation of the eavesdropping at least 25 meters away from the target. Thanks to the telescope.
What’s more concerning is that attackers don’t require a malware that attacks the victim’s device. It’s an entirely external scenario.
Preventing the Attack
The research clearly mentions that the attack is more possible in a real-time scenario. Moreover, the efficiency of the attack is based on spying from a long distance.
However, some limitations of this attack can help implement effective countermeasures.
As mentioned earlier, this attack only works if the target light bulb is in sight. So, covering the bulb with a decorative cover should do the trick.
Likewise, dimming the amount of light emitted from the bulb can also counter the attack.
Secondly, since detecting vibrations of the bulb has a vital part in this attack, it can’t detect lower volumes. This means that the conversation or sound in the rooms should be loud enough to generate vibrations.
If you have a bulb with thick glasses or the one that controls light emission capability, you are immune to this attack.
Google has recently deleted more than 70 of malicious extensions from the Chrome Web Store.
Security researchers at Awake Security unraveled this massive Google Chrome malware campaign. It involved the download of more than 70 malicious extensions over 32 million times. The motive of this malware campaign was to harvest data as per a Reuters report.
Aware Security also highlighted the failure of Google to protect its browsers as they are widely used for email, payroll, and other sensitive operations.
According to a Google spokesperson, Google takes action immediately when they receive an alert of policy violations in the Web Store. They use such incidents as training material to improve their automated and manual analyses.
Based on the number of downloads, it was the biggest malicious spying attack on Chrome according to the firm.
The massive malware campaign operated by disguising malicious extensions as file converters. And ironically, as extensions that flagged bad or toxic websites.
After the users download and install such malicious Chome extensions, these extensions start gathering user information. In the background, they funnel the browsing history and user credentials from the compromised browsers.
Gary Golomb, Co-founder and Chief Scientist at Awake Security, said that attackers designed these extensions to avoid antivirus detection.
The researchers found that the compromised browsers would connect to a series of websites and transmit information when surfed on a home computer.
Meanwhile, browsers in a corporate network would not transmit sensitive information if security services are intact.
“This shows how attackers can use extremely simple methods to hide, in this case, thousands of malicious domains,” Golomb said.
Who is Behind this Massive Malware Campaign?
It is unclear who was behind this spy attack on chrome users which means the attackers are still at large. Awake researchers said that the contact information on the malicious extensions was fake.
Furthermore, it was found that various extensions transmitted data to over 15K domains. In fact, it showed that Communigal Communication Ltd, an Israel-based domain registrar sold those domains.
However, the company denied having any part in this malware campaign.
Final Say
Google holds the biggest browser market share and that’s why this incident is so much more concerning. What also makes it concerning is the fact that such incidents come into light from a third-party security firm rather than Google itself.
This is not the first time Google had to remove Chrome extensions owing to their unsafe behaviors. It’s surprising how Google has turned a blind eye to this recent incident even after been notified long ago.
What are your views on this incident?
How do we really know that extensions in our browser don’t spy on us?
We’ve all been using Mobile Banking in 2020. It has made life more comfortable; however, with luxury sometimes come risks as well! We use mobile banking to ease our daily lifestyle, but have we been taking proper steps to keep our accounts safe?
Recently, the hot topic has been Cyber Crime. The hackers and malware software developers are targeting unaware people with fake mobile banking applications. It’s surprising how so many banking customers can be a victim to these malware activities. These criminals send a notification through the app to access the login data of the customers. Moreover, they get access to mobile security as well!
It is also reported that in 2018, America’s Central Bureau of Investigation (CBI) found out around sixty-five thousand fake applications that can enter into your mobile device without any suspicion.
So how does the virus affect us?
While we are using our Mobile Banking, these malware viruses enter our device without us having any clue of it. After that, these malware viruses replace your mobile banking’s login screen with a fake login setup. This is where we get tricked into disclosing our banking information to the fake login screen and making our data accessible to the malware.
The best way to keep your device safe from these fake banking apps and Trojan attacks is to be cautious yourself. Here are some tips we have that will help you keep your device malware-free.
Download mobile banking applications only from trusted sources. Moreover, download banking apps only from the official website of the bank.
Do not click or open unknown emails, attachments, or links that look suspicious.
There is an option of two-factor verification in your bank account, enable it. Also, set a strong password for your banking app.
Your bank will not ask your passwords, pin, or other sensitive data. Therefore, stay alert if any apps are asking you such information.
Also, if you are in conversation with the representative of a bank and you find them suspicious, double-check such incidents and report to the bank.
With these tips and conscious activity, your account can remain unaffected by these Trojan attacks.
We hope you take this attack on mobile banking seriously, and we hope you share this knowledge with your friends and family as well.
Research suggests a rise in cyberattacks related to video games by more than 50% in April 2020. Kaspersky Lab reports that threat actors have tried to direct users to dangerous sites through video games have increased by 54% compared to January 2020. So, it is essential to address the importance of Cyber Security in Gaming.
The video gaming industry has been in the frontier of entertainment worldwide. PRNewswire suggests that the video game market might reach an estimated $179.1 billion by 2024, with a CAGR of 6.4% from 2019 to 2024.
And yet, this industry remains the most targetted in case of security breaches. The gaming industry suffered 12 billion cyberattacks in 17 months (November 2017-March 2019).
The situation of Cyber Security in Gaming: Why is the Gaming Industry an Easy Target?
Hackers tend to look for the weakest link that is easier to crack. Meanwhile, industries with higher financial risk, such as banking and e-commerce, use hashing algorithms to store passwords. This makes their system challenging to break.
The easiest / fastest way to breach systems is credential stuffing attack. It is a type of cyberattack in which hackers use violated username/password pairs to gain access to user accounts.
According to a report by Akamai Technologies, 67% of credential stuffing attacks target organizations based in the US. A security researcher at Akamai hints towards the financial status of gaming platforms for it to be a tempting target for hackers. “Criminals can easily exchange in-game items for profit,”; the researcher said.
When a data breach occurs, the credentials of compromised users can be readily available on the internet and the dark web. When the bots used by cybercriminals gain access to an account, its logged.
Did You Know?
Google identified that 65% of users reuse the same password for multiple or all accounts.
So, the primary reason why gaming is prone to breaches is the use of low-friction authentication.
Why?
Simply because it could put the revenue in jeopardy if customers get fed up with increasing friction in the authentication.
Likewise, the use of less secure passwords is another reason for the flaw in cybersecurity in gaming. Customers don’t take the financial risks in gaming too seriously. The fact that a majority of video gamers are not adults could support this theory.
Also, game developers tend to avoid security factors by focusing on delivering products at a faster pace. This means there could be bugs and vulnerabilities for cybercriminals to exploit.
Therefore, cybercrime in online games is especially at an increasing trend.
How to Play Video Games Safely?
In today’s world, each individual needs to be aware of the risks of cyberattacks. In doing so, they can remain vigilant and adopt the necessary security measures.
Whether you are a gamer yourself, or a parent who worries about the gaming habits of their children, you can ensure cybersecurity in gaming by taking a few precautions:
● Use Strong and Unique Credentials for Gaming
Using the same password for all online accounts is a bad cyber practice. This makes you an easy target for hackers through credential stuffing attacks.
Make sure to use strong passwords and two-factor authentication (2FA) to secure your gaming accounts.
● Keep an eye out for Pirated Gaming Sources.
Obtain your games from verified sources as far as possible. Try resisting the urge to get games at lower prices through unauthorized means.
The attackers may bait you into downloading ransomware. Moreover, you could also be indulging in piracy by doing so.
● If you think the virtual world is better than reality, think again.
You can’t quickly put your faith in someone you came across a gaming platform. So, beware of any link or offers of obtaining coins or in-game money.
● Look out for Phishing Attacks
Scam emails from threat actors disguising as gaming companies is not a new trick. So, make sure you know how to detect scam emails.
Check if the company has an official website and never indulge in providing personal data through email.
● Use a security solution.
Trustable security solutions can help detect unlicensed programs and even block phishing attacks.
Make sure to enable your security solution while you play. Do not turn it off just so the game consumes fewer resources.
The Home Office’s Short Message Service (SMS) system has been hacked. The Internet offers easy access and other facilities, but with the same technology threatens a country that lacks the appropriate mechanisms and policies to be researched and implemented.
The Cyber Bureau of Nepal Police has mobilized a team to find out the hackers. Cybersecurity professionals have been commenting on the Nepal government for its inadequate security measures.
Due to little management and the lack of adequate mechanisms and measures to respond to emergencies, Nepal faces a significant challenge to overcome online threats. Government officials and IT security specialists have seen a considerable increase in Internet problems and server scans. As cybercrime increases, more cybercrime is introduced to the government agency.
According to a spokesman for the interior ministry, Kedarnath Sharma, the SMS system was hacked at 2 p.m. on Ashar 3. Hacker unofficially accessed the Home Ministry SMS system and sent a false message on Wednesday at around 2 p.m. According to Sharma. The department made it clear that false and misleading messages are not being spread.
The global population is suffering from a rise in cybercrimes amid the COVID-19 pandemic. Cybersecurity Ventures, a research group, predicted a $6 trillion annual cost on global cybersecurity by 2021.
The report collected data from employment or job portals suggesting the largest jump between February and May in cybersecurity and related job.
Moreover, postings for cybersecurity-related jobs have increased by 6 percent from February-May 2020, according to the report.
Similarly, the job postings in software development increased by 13% in the same time period.
Breaking down the age group for the job searches, the 25-29 age group ranked higher in terms of cybersecurity-related searches. Likewise, 20-24 years and 30-34 years of age group also rank on top.
It’s not surprising that companies want to strengthen their security following several setbacks in the lockdown. With more people working from home, these companies aim to create a more secure environment to guard against data breaches.
“As one of the emerging areas that businesses across industries are focusing on, cybersecurity-related roles see a lot of interest from millennials as well as entry-level talent” – Venkata Machavarapu, Head of Engineering, India, and Site Director at Indeed India.
According to the report, the average annual salary of a security specialist is INR 8,89,265. Similarly, IT security specialists can earn INR 8,07,170 and information security analysts can earn INR 4,59,304.
Importance of Secure Workplace Environment Past Pandemic
Most consumers may not trust companies that lack proper cybersecurity practices or have a data breach history.
No, we aren’t saying that. According to research by PCI Pal (Secure payments provider), 33% of consumers in the U.K. will avoid businesses that have poor data security practices. Meanwhile, only 11% admitted that security incidents would not impact their loyalty towards a business.
Similarly, 45% of consumers in Spain admitted to being concerned about how businesses will handle their personal data. Working remotely, 86% of Spanish consumers felt anxious about sharing their financial detail with companies working from home. 83% of consumers in Canada, 76% in France, and 80% in Australia showed the same concern.
These findings are based on responses from 3,501 respondents belonging to the U.K., Canada, Germany, France, Italy, Spain, and Australia.
54% of Organizations Lack Proper Data Security Practices
Netwrix surveyed nearly 1,045 decision-makers in the security field and released a report “2020 Data Risk & Security”. This report suggests that 54% of organizations do not follow best security practices for reviewing access rights to data on a regular basis.
Furthermore, 91% of respondents believe that their sensitive data is stored safely. However, 1 in 4 organizations admitted that they had discovered such data outside of designated secure locations in the past year.
The CEO fo Netwrix, Steve Dickson, says that data breaches continue to increase even as cybersecurity budgets grow.
As cybersecurity is slowly gaining priority among several organizations around the world, data breaches still continue to become a major threat. At such times, it would be unwise to think that existing resources and workforce can keep the threats at bay.
Cybersecurity Ventures predicts that there will be 3.5 million unfilled cybersecurity jobs globally by 2021, up from one million positions in 2014.
It is quite remarkable that cybersecurity jobs are rising in demand. With most Nepali companies being highly vulnerable to cyberattacks, this trend is extremely important in Nepal.
Hopefully, Millenials and Gen-Z come forward in Nepal as well and take interest in the cybersecurity domain.
No matter how many social media or chat platforms thrive, emails still remain the primary means of communication in most organizations. It always has been the most professional way of sharing confidential data like customer personal information, account information, work planning, reports, and so on. That is why we are going to look at how to detect scam emails to prevent any unauthorized access to sensitive data.
Cybercriminals have been very active since the beginning of the COVID-19 pandemic. We continue to see phishing scams, data breaches, and other types of cyberattacks. Phishing attacks trick mail recipients into opening malicious links and attachments.
The latest phishing email examples include a scam where people received mails from addresses disguised as “WHO”. For instance, the words “WHO” and “community” in the email address can trick certain users into believing that the mail is from the World Health Organization (WHO).
Such phishing scams target users who are most likely to click on the malicious links. In doing so, the links and attachment download Trojan and viruses into the device which will cause enormous security issues.
Moreover, it could also download ransomware into your computer that locks the device files and demands a ransom in exchange for the data.
Thus, we need to constantly remain vigilant when it comes to downloading email attachments or clicking on links.
Let’s discuss how to detect scam emails to raise phishing email awareness.
5 Ways How to Detect Scam Emails
1. Crosschecking the Sender’s Email Address
The first thing to keep in mind is that no legitimate organization will send an email from a public email domain such as Google. This means that you are most likely to receive suspicious emails from addresses that end with ‘@gmail.com’ or other public email domains.
Not even Google sends you an email using the Gmail address.
However, it may not be true in all cases since small operations may still be using public emails. So, the best way to verify the email address is by checking the organization’s domain name in a search engine.
Here is an example of a phishing email disguising as PayPal:
Image: WeLiveSecurity
It is almost believable and most users would not notice the flaw here.
Now, here’s how to identify spam emails in such cases. Take a look at the sender’s address.
Clearly, ‘[email protected]’ looks suspicious since ‘PayPal’ is not used as the email domain but the email id of the sender.
Even though it uses a PayPal logo on the top, it still is a scam.
Pay attention to the details!
1. Looking at the File Extension
Checking out the file extension is also a way how to detect scam emails. When you receive a file attachment, make sure to pay closer attention to the file extension. For instance, a file with .jpg extension is an image file and the one with .doc is a text document file.
Now, the extension that you don’t want to see in an email is the .exe, which is an executable file. So, these files can install malware into your device and compromise your privacy.
Furthermore, these types of files skip antivirus detection and email attachment protection software.
In fact, some threat actors may also use it.Doc and.Docx extension to infect devices.
Filenames that end with an m may contain malicious macros that execute a task through a series of instructions. For example – .docm, and .xlsm.
Other file extensions that you might want to avoid are .jar, .cpl, .bat, .msi, .js, .com, and .wsf.
2. Legit Emails Do Not Ask You To Confirm Personal Information
As authentic as an email looks, if it asks you to confirm your personal information via attachment, it’s a dead giveaway.
Threat actors will try everything up their sleeves to make the email look like the real deal. By keeping an eye out for such emails that ask for your personal information, you can avoid major security risks.
Simply, don’t click on any link or download attachment. In fact, don’t even reply.
1. Check the Content of the Mail
If everything checks out, try taking a closer look at the content. Sometimes, you have to read between the lines.
You can often tell if an email is a scam by just going through the content of the email. It usually contains poor spelling and grammar.
In fact, legit companies usually call you by your name if you hadn’t noticed.
Take a look at this email from Daraz online shopping:
An important thing to notice here is that the email domain name checks out. Likewise, it has the company’s logo and email format.
But, did you notice how it calls the recipient (or customer) by their name?
Phishing emails generally address recipients using “Dear account holder”, or “Dear valued member”. The reason is quite obvious! Phishing scams often target multiple accounts and so the emails go out in bulk.
1. Scammers want you to Panic
The scammers can only benefit when you click on a malicious link or download an attachment. For this, they try to generate fear or a sense of urgency.
However, taking time out to think and observe might just save you a fortune.
What if someone emails you saying that your account may have been compromised? Or, your account will be closed if you do not act immediately?
That would definitely inflict panic to some extent. And, in that moment of panic, you might skip the obvious and do whatever the mail instructs you to do.
You might notice something like “WARNING!” or “HURRY UP!” in your mail which is most likely a scam.
Why?
It’s because legitimate companies tend to inform you calmly and professionally even when it’s an urgent matter.
However, some phishing scams can be as subtle as possible. So, you might want to keep an eye out for every small detail that we mentioned above in this article.
So, makes sure you take the time out to think reasonably. Don’t act on panic.
And, if you are unsure about what to do, try contacting a friend or an expert.
Final Say
When in doubt, throw it out – that’s what to do with suspicious emails. If you suspect a foul play in your email with suspicious links or attachments, just delete it.
Or, have it checked out by an expert.
It is not uncommon for cybercriminals to capitalize on your fear. They know how a normal person would react to certain circumstances.
Therefore, seek expert advice and avoid opening any suspicious emails.
A step further would be to spread this piece of info, especially to employees who are working from home. Awareness among employees will ensure data and privacy security of an organization.
A Memorandum of Understanding (MOU) was signed between two parties – One Cover Pvt. Ltd. and TechCERT to collectively work as consultants for carrying on the business of providing cybersecurity assessments, consultancy and managed security services.
One Cover Pvt. Ltd. is a security company based in Kathmandu that provides dependable security solutions. In fact, it places itself at the frontier of the cybersecurity needs of organizations. Its expertise is in the domain of risk management, security solutions, IT audit, and security research & innovation.
TechCERT is Sri Lanka’s finest and largest Computer Emergency Readiness Team (CERT). It provides fully integrated information security services to organizations across the globe. Furthermore, it works in collaboration with several national and global information or cybersecurity organizations.
What does it mean for One Cover?
One Cover has expertise in domains that cover a complete cybersecurity framework required for an organization. Collaboration with TechCERT will enable the company to offer enhanced solutions to its clients.
Moreover, it will help to sustain a global standard that One Cover promises to provide. It also ensures reliable and consistent services as per the need of organizations.
Mutual Benefit for TechCERT
TechCERT, as an industry leader, will make resources and expertise available to projects with One Cover. Likewise, an active partnership with One Cover to provide Cyber Security services are on the table.
How this Collaboration Benefits Cybersecurity in Nepal?
One Cover provides state-of-the-art security solutions with experts on deck. This collaboration brings along a complete solution to help prepare, protect, and secure network and IT infrastructure in Nepal.
TechCERT will work collaboratively with One Cover in projects as an opportunity to provide Cyber Security services in Nepal.
Insight and technical assistance from an industry leader will help take the necessary steps to improve security processes and operations at every step.
Interview with Suman Thapaliya (Cyber Security Specialist, IT Security expert, Lead Auditor, Cyber Security Speaker and Secretary at Center For Cyber Security Research and Innovation)
We want to know about yourself
I am Suman Thapaliya. I am a Ph.D. Scholars from Lincoln University College, Malaysia. I have done Msc.IT and MBA. I am the First Academic Certified Ethical Hacker Instructor in Nepal, Certified Information Systems Auditor (CISA), ISO 27001:2013 Certified Lead Auditor, Academic Cisco Instructor, Mentor at Cybrary.it and Instructor at Udemy, Secretary at (CSRI) Center for Cyber Security and Research Innovation Nepal. IT auditor at Ds Accountant and Advisors.
I have been working and contributing to Cyber Security and IT Security for 5 years.
Currently, I am Head of the IT Department at Texas International Educational Network and Head of IT Department at Ds Accountant and Advisors.
What are the IT Courses that Texas College is providing?
Texas College is offering various IT and Management courses like BBA, MBA, BBS, BA, BSW, MBS, BCA, BSC. Csit, BCS (Cyber Security and Network Technology), BIT, and other programs taking from Montessori to Masters.
Do you run any IT Services in Nepal?
Yes, we do run Ds Accountant and Advisors as IT Services in Nepal and in Australia.
How easy is it to establish and sustain IT Audit Firm in Nepal?
It is easy to establish but very hard to sustain IT Firms in Nepal. As it is not in our practice to have an IT Audit. Recently Nepal Government has regulated some news but it is not again easy to convenience the general audience regarding the Audit Process. Still, we think that this is a huge investment for some unproductive tasks. But the fact is this is only one treatment to make assure that the infrastructure meets the compliance of security. IT audit helps to know the vulnerability, loopholes. Technically speaking IT ensures the CIA of data and IT Audits cover a wide range of IT processing and communication infrastructure which includes Web Services, Software Applications, Security Systems, OS, and Client-Server Network and Systems are free of errors with your IT system, leaving you vulnerable for an attack. IT Audit reduces risks related to IT, improves data security, and enhances IT Governance. We suggest and request all IT Companies to have one level of IT Audit.
What are the challenges to start and run such types of Security firm in Nepal?
Well, Ds Accountant and Advisors in currently running in Australia and in Nepal. This Firm provides a lot of solution related to Account and IT few name to mention:
Management:
Bookkeeping Services
Taxation Services
Payroll Management Services
Business Services
Loan Management Services
IT Audit:
Technological Position Audit
Systems and Applications Audit
Information Processing Audit
Management of IT and Enterprise Architecture Audit
External Audit
Forensic Audit
IT Audit
Compliance Audit
Integrated Audit
Special Audit and much more
Simply saying in each and every step there is a challenge, risk, and entertainment. You take your motorbike to the road now you are full of challenges, you hit someone, someone hit you, you slip, break fail, and so on. The same goes for Technology also. And we become an expert we enjoy every single challenge and till date, we have successfully made our client happy and satisfied. In Australia, everything goes with the system so there is less chance of getting customer dissatisfaction as everything is mentioned in SRS and no changes are demanded later whereas complete professionalism is not expected in the context of Nepal.
How often do you use/ engage in Social Media?
This is my favorite question and my favorite answer is I love to hang out in Social Media. I am active on Facebook, Instagram, Viber, Linkedin, Twitter, Smule, Tiktok, and so on.
How secure do you feel using such Social Media?
They are safe until you provide your personal keys to someone else. Use two-way authentication, do not click on the spam, enable security features, take good control of privacy and security, accept friend request wisely, you are safe. If your lock system is unique and confidential then you are safe.
So Social Media is safe to use and there is no risk in using it?
I don’t mean to say that. No, any Technology is 100% Safe and secure. We can prevent it at the highest point. There are a lot of cases in which we are listening to every day about the fraud happening around. But if your aware and can maintain basic security concerns then yes you are safe to use. For example, you can refer to the above statements.
What is the best solution to get rid of these issues?
One and only one simple solution is general public awareness. Each and every user should be aware of these incidents, basic guidelines of the cybersecurity act of Nepal should be aware to the general public. The government should come up with some heavy penalties in such cases, the special and trained bureau should be formed to trace and punish such activities. On top of these, all first and foremost thing is single user should be updated and aware.
What is the status of ICT in Nepal?
Nepal is a small market but is full of heavy challenges. Nepal is growing and expanding its network. So I can see the status of ICT in Nepal is broad and horizon. The newcomer students in Cyber Security you are full of loaded package. Get certified with CEH, Penetration testing, forensic testing you have a handful of jobs in Nepal as well in Globe.
What is your participation in the IT policy of Nepal?
I am one of the active members, I show my interest and take participate in each and every event happening in this topic. As being an active member of npCert Nepal I am highly updated with this IT policy of Nepal. I was an active member during the event of the IT Bill Act 2018. Also, I am one of the active members of the Global Cyber Security Summit that happened in 2018. We take the base of ETA and act accordingly.
Lastly any messages via this forum?
Thank you so much for your wonderful time provided to me. Via this interview, I guess that I tried to cover a lot of importance of IT Audit in IT Services in Nepal. Be aware and use technology wisely this will give you pleasure else Technology is armed forced which can destroy a lot.
On April 24th, Nintendo confirmed a hack of over 160,000 gamers’ accounts as hackers exploited the Nintendo Network ID (NNID) login system. The Japanese video game giant stated in an official release that attackers illicitly gained access to users’ login IDs and passwords. Furthermore, this led to a series of unauthorized logins and purchases.
Now, it has confirmed the breach in another 140,000 user accounts upon further investigations. This boosts up the breach tally to a total of 300,000 accounts.
A Nintendo Network ID (NNID) is like a user ID and is unique to each Nintendo user. Users can access their Nintendo account through it and also optionally use it for login purposes.
NNIDs are mostly used for online features that include online multiplayer or interactions. In fact, users can purchase downloadable software through Nintendo eShop on Wii U and Nintendo 3DS using NNIDs.
By now it’s pretty much clear that hackers gained access to NNIDs or the Nintendo accounts linked to it. However, cybercriminals also gained access to users’ nicknames, email addresses, dates of birth, countries, and other personal information.
It was just enough to pose a major identity theft threat. In fact, some users filed complaints of suspicious activities on their accounts. One of the users took on to twitter (@vexonym) and said, “Someone hacked my PayPal and spent $200 on Nintendo games?!”
Nintendo also confirmed that less than 1% of all NNIDs around the world that may have been illegally logged in, been fraudulently traded.
It claims that it has contacted the customers separately and is implementing additional security measures. Although it may have finished refunding for most customers, it is still in the process of refunding in each country.
The company expresses its sincere apologies for the inconvenience and concern caused to its customers.
Following the incident, Nintendo has officially abolished the function to log in to a Nintendo account via NNID. Moreover, it has requested the customers to reset their passwords and integrate a two-step verification process to prevent such mishaps in the future.
Honda Motor Company has stopped production after a cyberattack that security researchers suspect to be ransomware.
The company said that it has affected its ability to access computer servers, use emails and internal systems. “There is also an impact on production systems outside of Japan,” it added.
Due to this, Honda faced a setback in manufacturing at some of its plants around the globe on Tuesday.
The Japanese vehicle manufacturing company is one of the largest in the world. In fact, it employs over 200,000 staff with plants in the U.K., North America, and Europe.
The company confirmed the cyberattack adding that there is no evidence of loss of ‘personally identifiable’ information. Moreover, Honda claims that it has resumed production in most plants.
But its main plant in Ohio, as well as its plants in Turkey, India, and Brazil, are still closed. Currently, it is working towards resuming the production of its auto and engine plants in Ohio.
SNAKE Ransomware Might Be the Culprit
Reports suggest that the incident may be related to a SNAKE Ransomware cyber-attack. The company declined to provide detailed info only revealing that its IT network isn’t operating properly.
A company spokesperson also confirmed that there is no impact on Honda customers. “In Europe, we are investigating to understand the nature of any impact,” Honda said.
How does SNAKE ransomware work?
This ransomware is like any other file-encrypting malware. It basically scrambles files and documents and holds them hostage for a ransom.
As a matter of fact, the ransomware is expected to be paid in cryptocurrency.
However, Honda claims that there was no evidence supporting the fact that data had been pulled out.
A security researcher, Milkream has found a sample of the SNAKE (EKANS) ransomware uploaded to VirusTotal. And, it references an internal Honda subdomain, “mds.honda.com”.
Moreover, security researcher Vitali Kremez said that the ransomware also contains a reference to the US IP address 170.108.71.15.
This particular IP address resolves to the hostname, ‘unspec170108.amerhonda.com’.
Thus, this evidence serves as indicators that Honda faced network outrage due to the SNAKE ransomware attack.
SNAKE Ransom Note from the Samples (credit: milkream)
BleepingComputer got in touch with SNAKE ransomware operators to further investigate the incident. “While they did not admit to the attack, they did not deny it either” – BleepingComputer
The operators did not share details about the attack in order to “allow target some deniability”. However, they told that it will change as time passes.
A cyberattack on the Chartered Professional Accountants of Canada websportal has compromised the personal information of over 329,000 members and stakeholders.
Reports say that a group of unknown hackers attacked the CPA website and got access to information related to the distribution of its magazine.
The data breach has exposed information, including names, home addresses, email addresses, and other sensitive data. CPA Canada said that passwords and credit card numbers were protected by encryption.
“There is no evidence that the encryption keys were affected in this incident, and we have no reason to believe the encryption was compromised,” the company said.
CPA Canada is a national organization that represents the Canadian accounting profession. It has over 210,000 chartered accountants around the globe. It researches business issues, assists businesses, non-profits, and the government in accounting, auditing, and assurance standards.
How is CPA Canada Handling the Incident?
According to CPA Canada, the cyberattack occurred somewhere between Nov 30, 2019, and May 1, 2020.
Moreover, the company warned about the risks of potential email phishing scams following the breach. It also encouraged affected users to “remain vigilant.”
Following the incident, CPA Canada claimed to have beefed up its security measures. It has contacted the Canadian Anti-Fraud Centre and privacy authorities for getting more hands-on-deck investigating the incident.
The company states that it worked closely with cybersecurity experts to investigate the cyberattack further. “In addition to notifying potentially affected individuals directly, we have contacted law enforcement, the Canadian Anti-Fraud Centre, and privacy authorities where applicable,” the company said.
Furthermore, it has issued a notice warning users not to indulge in providing personal information if they receive a phone call, email, or text message. “Please exercise caution and ensure that you are speaking to a CPA Canada representative. If you have received a fraudulent, please report it to the Anti-Fraud Centre through its online portal,” the company said.
Survey Shows Canadians Refuse to Divulge Personal Data
A survey report shows that Canadians refuse to share personal information to access free online services.
Only 26 percentage of respondents admitted that they are willing to provide personal information for a better video streaming service.
Similarly, around 23% of Canadians revealed that they disclose personal details to use social media platforms.
How to Protect Yourself as Individuals?
Former IS Audit Manager at Biz Serve IT Pvt. Ltd, Raman Gautam says that information security professionals are always trying their best to prevent such type of attacks.
However, he believes that there are specific responsibilities as individuals to protect ourselves from such attacks. “As an individual, we should also follow some basic information security hygiene to protect ourselves,” Mr. Gautam said.`
As users and customers, we can always ask ourselves if we are protected enough. But. There are certain precautions that we can adopt to secure ourselves.
While we work from home, there are inevitable tech mistakes to avoid scams and other cyber threats. The most basic precautions include updating passwords and applications.
Thus, one should never hesitate to seek help from experts. Raising awareness and seeking advice are critical factors in avoiding the risks of cyberattacks.
A Webinar on cyber Security Awareness and Digital Safety is hosted on the 7th of June, 2020. Sthir Yuwa in association with Information Security Response Team Nepal and Center For Cyber Security Research and Innovation conducted successfully.
Amid the coronavirus pandemic, the global population also has to worry about increasing cybercrime. In fact, research group Cybersecurity Ventures predicts that cybercrimes will cost the world around $6 trillion annually by 2021, up from $3 trillion in 2015.
The Middle East and North African societies have advanced in Big Data, blockchain, and the Internet of things (IoT). These technologies have helped grow the economy and industry sectors.
However, the pandemic has welcomed greater cyber risks than ever.
In fact, the UAE launched its first national fraud awareness campaign in April. The campaign was in light of the growing use of digital banking services during the pandemic.
Moreover, threat actors have managed to harm some residents through SIM-jacking, identity theft, and data privacy breaches.
Rise of a National CERT in UAE
In order to safeguard the UAE’s IT infrastructure from violations and risks, authorities established the UAE’s National Computer Emergency Response Team (CERT). This team is responsible to protect citizens and organizations from threats, risks, and improve cyber safety for residents.
The body responded to around 34,000 cyberattacks on federal entities in April alone. Reportedly, the attacks ranged from malware to phishing.
Mohammad Al Zarooni, TRA’s Executive Director of Policies & Programs spoke on raising awareness and preventing cybercrimes. He said that there was an increment in the number of fake and fraud websites that trick people into sharing their credentials, such as bank accounts, passwords, and so on.
Furthermore, he mentioned that awareness campaigns are important to ensure the ability to separate real websites from fake ones.
Safety Programs for Children and Youth
Youngsters seem to be particularly vulnerable to cybercrime. And, it’s the same during the pandemic when remote learning and working is being prioritized. In response to this, Al Zarooni highlighted the UAE’s government’s dedicated safety programs.
He told Inspire Middle East that Child Digital Safety Programme is a great initiative, especially for parents and guardians. To educate children early on will help avoid common threat practices such as cyberbullying. Likewise, education parents will help keep the kids safe when browsing the internet.
Data Protection in the UAE
The UAE government takes data protection very seriously. In fact, Abu Dhabi’s Hub71, a tech company shares a similar enthusiasm towards investing in data protective infrastructure. US data residency hosting platform, InCountry, has selected Hub71 as its Middle East Headquarters.
The organization currently operates in more than 80 countries including Egypt and Saudi Arabia. It is responsible for storing and protecting data in its country of origin or citizenship.
Now, what it aims to achieve is differing security regulations to its own by avoiding a nation’s data sitting in external jurisdiction. Like the US, China, or Europe.
Furthermore, the UAE is continuously revisiting its data protection laws to expand its knowledge and initiatives.
The Vice President of Mena – InCountry told Euronews that implementing this strategy was wise.
“I think there’s always risks whenever you start to move from an offline type of economy, towards an online economy,” said Khaled Lababidi. “We’re trying to start to understand a little bit more about the cybersecurity risk, but also about the data residency risks that are involved.
He also claimed that the UAE government has been making sure to protect their citizens by understanding where the data sits.
InCountry predicts an increasing trend in investments in protecting the UAE’s populations’ data. Labadidi believes the numbers are going to go up constantly as investments in terms of IT seems to be on a rise worldwide.
“In the UAE, we’ve seen about Dh23 billion ($6.26bn) worth of spending on technology and IT spend over the last year,” says Lababidi. “And I think the latest figures that we’ve noticed, is somewhere in the range of about 12 percent.”
While InCountry may be newly established in the UAE, it is still well-positioned to capitalize on the regional sector’s evaluation.
Information Security Response Team Nepal (npCert) in association with the Center For Cyber Security Research and Innovation (CSRI) hosted an open discussion on “Role of Ethical Hackers For National Security“. Participants in the Role of Ethical Hackers For National Security included the likes of Joint Secretary of Ministry of Communication & IT, DIG at Nepal Police Dr. Rajib Subba, CEO at Baburam Aryal, Information Security Officer at Siddhartha Bank Limited Saroj Kafle, Founder Board Member at Information Security Response Team Nepal (npCert) Dr. Dilli Prasad Sharma, Deputy Director at Nepal Telecommunications Authority (Vice President at Center For Cyber Security Research and Innovation) Roja Kiran Basukala and IT Assitant Director at Nepal Information Technology Center Ramesh Pokharel.
Cybersecurity Experts suggested some points addressing the recent hacks and defacing of Nepali government websites by Indian hackers. Some Nepali hacker(s) also tried to hack Indian websites in response. This started after Nepal unveiled a new political map and Indian hackers began to protest by defacing Nepali websites.
Moreover, Nepal has faced a lot of cyberattacks in the past including ATM hacks, and data breaches of Foodmandu, Vianet. It was also found that Indians used the photos of Nepali celebrities as obscene material using deep fakes.
In the Role of Ethical Hackers For National Security, speakers reflected on Nepal’s preparedness in the Cyber Defense domain and the way forward. Experts suggested that cyber defense preparation for the country should progress with the cooperation of all parties. This is achievable by strengthening the security system of websites, web applications, systems, and banking systems.
Discussions from ‘Nepal’s preparedness in Cyber Defense’
Anil Kumar Dutta, Joint Secretary at the MoCIT, said the government has given priority to cybersecurity in this year’s budget. Dutta said that the ministry would coordinate towards developing a cyber-infrastructure and setting up a security center along with a forensic lab.
Dutta also said that he would move ahead with the implementation by arranging various CERTS in coordination with security experts and government agencies. Furthermore, he admitted to the lack of preparation for cybersecurity and defense in Nepal. However, he said that they will now move forward with the necessary cooperation and coordination.
Similarly, Mr. Ramesh Pokharel, Assistant Director at National Information Technology Center (NITC) gave his input on Nepal’s readiness for cyber defense.
Suggestions to Prepare for Cyber Defense in Nepal
Several participants with backgrounds in Cybersecurity, pentester engineers, ethical hackers, experts, professionals presented their views and suggestions. To be clear, cyber defense is not the same as cybersecurity. Cybersecurity is related to the state of being free from threats or cyberattacks while cyber defense refers to the state of defending from or resisting attacks. Here we present some crucial suggestions from the discussion.
The government should invest in cybersecurity by expanding the necessary infrastructure, labs, security centers, and forensic labs. Similarly, collaboration among experts is necessary to prepare thousands of skilled manpower every year. The government should prioritize related courses in colleges and universities for this purpose.
The formation and management of CERTS or cybersecurity response team in different areas under the supervision of a high-level committee should be a priority. At the same time, an effective implementation should be emphasized by introducing necessary policies, rules, and guidelines. The nation needs to be ready with task forces keeping in view the possibility of a cyberwar.
The government should motivate the experts and contributors in cybersecurity by rewarding them. In contrast, it should bring threat actors to justice using appropriate laws and penalties.
Audit of government websites, web applications, and systems of financial institutions is a must. To move forward with the Digital Nepal Framework, a tripartite balance of security, data privacy, and innovation is necessary.
In the discussion, digital literacy is something that came in the limelight. Experts suggested that digital literacy should be run as a campaign to make users more aware and conscious. Likewise, the government should move forward as cybersecurity governance.
Centre for Legal Literacy, Advocacy, and Research (CLAR) hosted an online discussion on ‘Cyber Security: Are we protected enough?’ The webinar was successfully conducted today (June 2) on the Zoom video conferencing platform.
This session focused on emerging cyber-related issues in Nepal along with technical and legal aspects of cybersecurity.
The guest speakers, Mr. Babu Ram Aryal and Mr. Chiranjibi Adhikari presented their points on the concept of cybercrime, its mitigating measures, and opportunities for ethical hackers.
Click here to know more about the webinar and the guest speakers.
Discussions from the Webinar
Mr. Chiranjibi Adhikari, Founder President at NPCERT, believes that there are many cyber incidents that we are not aware of. Some hackers or threat actors choose to publicly share the information or data, and that’s how we come to know of an incident. In Nepal’s context, it is also seen that victims hide the fact that they have been hacked.
Reflecting on the roles of a CERT (Computer Emergency Response Team), he said that it handles cybersecurity incidents related to hacks, breaches, etc. He mentioned that a CERT has 4 pillars in international practice. And, NPCERT hasn’t operated as a fully functioning CERT. Also, it will still take time for NPCERT to build up infrastructure since most of the members hold full-time jobs in other companies and only volunteer in NPCERT as a social service.
Likewise, Mr. Adhikari presented his views on the recent cyber incidents and defacing of Nepali sites by Indian hackers. He said that we shouldn’t take it lightly as it may be a spark that starts a wildfire.
Adding to this discussion, Mr. Babu Ram Aryal, CEO at Delta Law Pvt Ltd, schooled the participants on cyber terminologies. “A cyberwar is when one or both parties are a state or, either of them is a state-sponsored party that attacks other country’s resources”, he said. “So, if any private groups or companies from the two countries cause cyberattacks, we can’t call it cyberwar.”
How can situations get better in Cybersecurity in the context of Nepal?
Mr. Adhikari proposes that the government needs to develop a national cybersecurity strategy and Multistakeholder approach. “We often operate outdated devices, applications, and software”, he said. Similarly, he spoke with experience as he mentioned top-level management has a mindset that cyber-related or issues don’t concern them.
Cybersecurity needs to occupy a significantly huge part of the company’s investment. Similarly, a company needs guidelines, frameworks, and policies regarding cybersecurity. Awareness and staff training are also equally necessary. Furthermore, frameworks and systems require certain customization based on compatibility since a system used by a small organization may not suit large-scale requirements.
“The first line of defense is awareness in this domain”, Mr. Adhikari said. “Organizations must secure 4P’s – People, Process, Product, and Partners. Similarly, vendor dependency has also increased cybersecurity risks in the context of Nepal.”
Meanwhile, Mr. Aryal reflected on the lack of data protection standards in Nepal. He said that this is the core reason why we haven’t been able to get any remedy to cyberattacks or data breaches. “Cybercrime has a cross-border jurisdiction as well,” he said. “Thus, cross-border collaboration is important but it is difficult at present.”
Views on Ethical Hackers
Mr. Aryal says hacking is not truly unlawful. If someone hacks without bad intention to help find vulnerabilities and suggest further measures, then it is whitehat hacking. And, it’s completely legal as long as there is no misuse of resources.
Likewise, Mr. Adhikari believes that blackhat hackers can also come in aid for strengthening national security. However, there are certain procedures to it. Ethical hackers should get more exposure from the government and private companies to find vulnerabilities. Moreover, they should be rewarded to find bugs and notify the concerned authorities. These are called bug bounties.
The new EAL 6+ certified-SE chip and dedicated software is a standalone security solution for mobile devices and other applications.
Samsung Electronics, a world leader in advanced semiconductor technology, today introduced a standalone turnkey security solution comprised of a Secure Element (SE) chip (S3FV9RR) and enhanced security software that offers protection for tasks such as booting, isolated storage, mobile payment, and other applications. The latest security chip is Common Criteria Evaluation Assurance Level (CC EAL) 6+ certified, the highest level acquired by a mobile component.
“In this era of mobility and contact-less interactions, we expect our connected devices, such as smartphones or tablets, to be highly secure to protect personal data and enable fintech activities such as mobile banking, stock trading, and cryptocurrency transactions,” said Dongho Shin, senior vice president of System LSI marketing at Samsung Electronics. “With the new standalone security element solution (S3FV9RR), Samsung is mounting a powerful deadbolt on smart devices to safeguard private information.”
Samsung’s new security solution is an enhanced turnkey that follows the first-generation solution (S3K250AF) announced in February. The new security solution is a state-of-the-art component that offers higher assurance levels than its predecessor’s CC EAL 5+ with an industry-leading CC EAL 6+ certified-hardware secure element, S3FV9RR, and robust security software. CC EAL 6+ is utilized in applications that demand the most stringent security requirements in the market, such as flagship smartphones, e-passports, and hardware wallets for cryptocurrency.
With twice the secure storage capacity, the new security solution also supports the hardware-based root of trust (RoT), secure boot, and device authentication that brings mobile security to the next level. Especially for service providers, manufacturers, and organizations, secure device authentication is enhanced with the RoT when running proprietary applications on a mobile device. As a bootloader initiates, a chain of trust is activated through which every firmware with approved keys is sequentially validated. This secure booting process is handled by the RoT, guarding the device against any possible malicious attacks or unauthorized software updates.
As a standalone solution, the new security solution can work independently from the security performance of the device’s central processor. This makes the solution extremely versatile, expanding the security capabilities of mobile devices, IoT applications, and other devices in all performance levels. In addition, manufacturers can be assured that devices produced at an off-site location are not tainted with non-authorized firmware. The solution also meets the hardware security module requirements for cryptographic operations outlined by an upcoming mobile operating system version.
Samsung’s new security solution, S3FV9RR, is expected to be available within the third quarter of this year.
The Department of Information Technology (DoIT), Nepal has issued security guidelines for websites and apps.
Cyberattacks in Nepal is in an increasing trend. So, the department issued these guidelines keeping in view the increasing incidents of cyberattacks in recent times.
From the very beginning of the lockdown in Nepal, there have been cases of data breaches and website hacks. Examples are Foodmandu – online food delivery service and Vianet – Internet Service Provider. Similarly, threat actors also targeted the website of the Nepal Aviation Authority.
Furthermore, the recent border dispute between Nepal and India triggered a cyberwar between the hackers of the two countries. Indian hackers defaced many government websites easily while hackers from Nepal also defaced several Indian websites.
As the hackers continue to exploit the weakness of government websites, the department issued a notice on Sunday (May 31) urging to be vigilant by following the security guidelines for the safety of websites and apps.
What Does the IT Department Recommend?
Firstly, the department urges to store both online and offline backups of website/web application files. These backup files will help to restore the website in case of any data loss or compromisation. Similarly, it recommends removing unwanted and unused files, databases, or applications hosted on the server.
The department also promotes the use of a strong & encrypted password and SSL encryption for websites and web applications. Likewise, multifactor authentication is recommended.
Usually, keeping applications updated removes existing vulnerabilities. Thus, the department urges to update the server, environment, framework, platform, and script. At the same time, the hosting should restrict the upload of just any type of file.
Take a look at the security guidelines issued by the DoIT:
