First Webinar Successfully Conducted On Legal Implication of COVID-19 in Commerce and Industry. Delta Law and Technology and other organizations successfully organized an interaction on the impact of the lockdown on Industry and Commerce in Nepal. The interested participants of the webinar conducted on Zoom had to register in order to attend it.
The aim of this webinar was to analyze the legal implication of the effect of COVID-19 pandemic. Topics of discussion were the legal measures or instruments affected and the area of legal reform/intervention on the current situation.
Note: The discussions on the topic are based on the impact of lockdown in Nepal which is a change of law. It is the consequence of the pandemic and thus, the lockdown is the legal concept. (From a Q&A in the webinar)
Moderator: Advocate Babu Ram Aryal, Managing Partner, Delta Law
Panelists:
Advocate Megahraj Pokharel: Commerce and Industry
Senior Advocate Madhav Bhattarai: Public Procurement
Advocate Sharad Koirala: Labor and Employment
Conference Advisors:
Senior Advocate Upendra Keshari Neupane, Founder, Delta Law
Advocate Sunil Kumar Pokharel, Founder, Innovative Legal Service
Watch the recorded webinar on Facebook by clicking here.
Impact on Industry and Commerce
The pandemic certainly has made a huge impact on the global economy. After the nationwide lockdown in Nepal, many contracts are about to be terminated by the parties. The contract is the principal rule of business as each business stands on a contract between the parties.
Since the pandemic has squeezed the capability of the performance of the contractual party, contracts are on the verge of termination. The panelists in the webinar addressed the future of these contracts and other issues of concern of the parties.
Similarly, they also discussed a major clause of the contract called Force Majeure. It refers to events such as wars, fires, typhoons, floods, earthquakes, or other events that are regarded by both parties to be force majeure factors. This clause gives remedy during the situation similar to what we are facing now.
Other topics of discussion for today’s webinar were Public Procurement and Labor and Employment. The pandemic has caused serious effects on procurement, whether it be the supply of goods, services, or infrastructure constructions. Likewise, it has caused devastating losses in working hours and employment across the world.
The world’s largest domain registrar, GoDaddy, confirmed a data breach that started in October 2019.
The Scottsdale, Ariz.-based domain registrar giant manages more than 19 million customers and 77 million domains. It is warning customers about the data breach impacting their web hosting account credentials.
‘We blocked the unauthorized individual responsible for the breach.’ states GoDaddy. They further stated that the company is continuing investigation on the potential impact on their environment.
The company said that the breach only affected hosting accounts. That means general GoDaddy.com’s customer accounts are safe. There was also no effect on the customer data in the main accounts.
What we know on the GoDaddy Data Breach
The confirmation of the data breach reveals that the security incident in question came to light after a recent identification of suspicious activity on some GoDaddy servers. The breach itself appears to have occurred on October 19, 2019.
During the investigation, they found that an “unauthorized individual” had gained access to login credentials. This meant that they could “connect to SSH” on the affected hosting accounts.
Why SSH is so critical
SSH is an acronym for secure shell, a network protocol, and a software suite used for securely transmitting data. Privileged users such as system administrators and application developers use SSH for secure interactive and remote access.
Yana Blachman, a threat intelligence specialist at Venafi emphasizes the importance of SSH security underlining the GoDaddy data breach.
He also highlights that SSH is used to access an organization’s most critical assets. Also, it is vital that organizations stick to the highest security level of SSH access and disable basic credential authentication. He recommends the use of machine identities instead.
During the incident, as Freelance CEO Matt Barrie stated, their security team managed to talk to the hacker on the phone. For over an hour the hacker attempted to convince what he thought were domain registry operations to regain access to the account.
The hacker had unlawfully accessed GoDaddy’s registrar’s internal support systems and was using them to make changes on Escrow.com’s account.
Which GoDaddy accounts are affected?
The GoDaddy email says the breach affected only the hosting accounts and did not involve customer accounts or the personal information stored within them.
However, the company has reset all impacted hosting account logins. And, the email contained the procedure customers need to follow to regain access to the hosting accounts concerned.
GoDaddy to provide free security services
GoDaddy has said it will provide complimentary years’ worth of security and malware removal services for those customers affected, and has expressed “regret this incident occurred.”
The domain giant also recommended that customers should audit their hosting accounts.
Schools, colleges, and various institutions have been hosting webinars to make the best use of the lockdown period after the COVID-19 crisis began. Girls In Tech – Nepal, in collaboration with Genese Cloud Academy, has been hosting webinars, three each week, since the end of March 2020. Over two dozen webinars have been already organized and getting encouraging participation of around a hundred enthusiastic youths in each session.
Sadly, the webinars have started getting disturbed by spammers who participate anonymously with the sole intention of disturbing these sessions. After severe disturbances, some of the webinars hosted by Girls In Tech – Nepal had to be terminated and postponed.
Girls In Tech – Nepal is not the sole victim of such occurrences. Robotics Association of Nepal (RAN) also faced similar spammer activity in a virtual panel discussion hosted on 27 April by its Miss Tech wing. Few spammers posted comments with vulgar words in the chat thread of the session’s LIVE video making the situation awkward for all the guests and participants.
Similarly, NxtGen – a non-profit organization under the Pulchowk Engineering Campus, also faced a similar incidence on the ‘COVID-19 Preparedness for Students’ session hosted on 27 April. The meeting was hosted to prepare individuals for upcoming uncertain times due to the COVID-19 outbreak. During the event, the organizers noticed some audiences from fake emails violating cybersecurity laws, which left the audience and the speakers to misery. However, NxtGen was able to immediately fix the lack of security on the platform that the individuals exploited and promptly began working with law enforcement. Furthermore, the NxtGen team has noted all the information of these breachers by tracing their emails and plans to file a cybercrime case soon.
After experiencing disturbances by spammers in its webinars, Girl in Tech – Nepal team tracked the fraudulent people involved in the activity.
Talking about how the group was successfully tracked and what steps the team is taking to stop such incidences, Anjani Phuyal, CEO of Genese Cloud Academy and founder of Girls In Tech – Nepal shared,
“After we faced such disturbances, we tracked the users through their emails, and we came to know they were doing it in an organized way. They had formed a private Facebook group where they used to note down all the webinars that are happening in Nepal and abroad. After the webinars started, they would spam & hijack these sessions. Such activities are cybercrime and punishable by law. After we tracked them and found that they are young college students who didn’t know the consequences of such activities, we contacted and warned them that we would take action if they continue such behavior. They have promised not to repeat such activities in the future and provided a written apology, and hence we decided to forgive them as taking them with law enforcement at this stage will ruin their career and life.”
Similarly, Shova Shedai, Miss Tech Coordinator at Robotics Association of Nepal shared,
“We faced spammer activity during our virtual panel discussion live through the Facebook page. A Facebook user through an anonymous profile made multiple comments using vulgar words in the LIVE video of the virtual panel discussion. We had senior and respected speakers, so we felt bad seeing such comments and had to delete the comments at that moment. Such spammer activity is disgusting, and we don’t want to let this type of crime go as normal. We are raising our voices for controlling this kind of activity.”
Internet security and cybercrime is a growing concern all across the world. Because of the lack of knowledge about laws, many cyber-criminals don’t know what they are doing is a crime. Many of those involved in such activities are doing it thinking they can’t be tracked if they remain anonymous and can get away quickly after committing such incidents. However, such actions shouldn’t be taken lightly, and we shouldn’t let them go smoothly after doing all the harm. It’s high time we raise awareness about cybercrime and internet security.
COVID-19 is rapidly changing the context in which children live. Prevention and control mechanisms, such as school closures, disrupt children’s practice. This can leave children at risk for child protection abuse.
On the occasion of ICT Day, The “Kids, Internet and Covid-19” webinar conducted at Bharatpur, Chitwan, organized by CAN Federation Chitwan Chapter and npCert (Information Security Response Team Nepal and supported by ICT Frame Magazine.
A total of 90 individuals, professionals, policymakers, have participated in the program. A representative from the Center For Cyber Security Research and Innovation Center Milan Raj Nepali has conducted the technical webinar of the participants.
Deputy Director of Nepal Telecommunications Authority Roja Kiran Basukala shares the child online protection initiative. The primary purpose of this webinar was to make children’s awareness of using a smartphone, computer, internet, Wi-Fi, and devices safely and securely and how to be safe from cyberbullying and exploitation by hackers.
The Managing Director at Techminds Communications Kamal Raj Bastola shares his experience about how policies and procedures, staff training, student lessons, and family materials in the Child Protection Unit for Early Learning through keep children safe.
The President of Childsafenet presented topics that included: how to be safe online, mobile phone security, phishing sites, Facebook, Gmail hacking, fake email, Wi-Fi security, dangerous websites, and so on.
An undocumented botnet “VictoryGate” has been active since May 2019. This botnet has infected systems mainly from Latin America. Peru has been most affected where over 90% of the compromised devices are located.
ESET, a cybersecurity researcher on Thursday informed that they took down a portion of the malware botnet. This botnet comprises at least 35,000 compromised devices. Most of the devices have been affected due to the use of removable devices specifically USB drives.
How does this botnet affect?
ESET describes the main activity of the botnet is mining Monero cryptocurrency. Miners have to confirm the transactions of cryptocurrency in the network. They are an important part of the transaction of cryptocurrency.
The botnet has not just affected individual users but has also made organizations its victims. Organizations, both public and private sectors, including financial institutions have been affected by the botnet.
According to ESET researchers, VictoryGate propagates via USB drives. These devices, when connected to the machine, install a malicious payload into the system.
The malicious code affects the device by using a very high resource of the device. The malicious code uses available threads to perform crypto mining. This results in a 90-99% CPU load which slows down the devices. It can cause overheating and possible system damage internally or in some cases externally as well.
They stated that according to the estimation of an average hash rate of 150H/s, the authors of the campaign have collected at least 80 Monero from this botnet. This amount is approximately $6000.
Cryptocurrency
Cryptocurrency is like a digital form of currency. The asset designed to work as a medium of exchange that uses strong cryptography to secure financial transactions. It has become most popular at the time that it has ever been.
Monero is an open-source cryptocurrency with the CryptoNight Hash function. It was created in April 2014 and is popular in the digital world. The botnet has been crypto-mining this cryptocurrency.
Cryptocurrency Mining or also known as crypto mining is a process in which transactions for various forms of cryptocurrency are verified. Then they are added to the blockchain digital ledger. These blockchain serves to confirm transactions to the rest of the network while the transactions are taking place.
What is being done to monitor the botnet?
ESET in their press release informed that they are working with dynamic DNS provider No-IP to take down the malicious command-and-control (C2) servers. They have also set up fake domains to monitor the botnet’s activity.
In the ESET press release, they mentioned that the researchers have been “sinkholing” several domain names that control the botnet’s actions. Then replacing it with machines that do not send the affected computers the commands they expect. These are used to monitor botnet activity.
The sinkhole data from February to March 2020 shows that upto nearly 3,500 infected computers connected to the C2 servers on a daily basis.
What now?
ESET warns of more new infections that could occur in the future with USB drives being used as a propagation vector. The bot won’t receive secondary payload with a significant chunk of C2 infrastructure sinkhole. However, those that were compromised before the C2 servers were shut down would continue to mine cryptocurrency.
Lockdown is on and people are staying at their home. During this time, internet usage has increased a lot. Almost all age groups of people use the internet. According to NTA, 72 percent of people use the internet. In this particular situation, abuse and exploitation through the internet can increase. So, to know people’s behavior, Childsafnet conducted an online survey.
The survey was conducted with all age group of people. Using Google Forms as a survey method, Childsafenet ran a survey from 17th April to 21st April. The survey link was circulated through social media. To maintain anonymity in the survey, personal details were not collected.
A total of 1,228 respondents (648 male, 576 female, and 4 others) had participated in the survey.
Findings of the Survey:
The survey brought the fact in front of the people. The survey showed that the number of people using the internet for 6 hours a day had increased a lot.
In the same survey, people said that they use YouTube the most followed by Facebook. 79.6 percent of people said to use YouTube, while 74 percent of people said they use Facebook. Nepali News Sites with 44 percentage followed the data usage popularity. 20.8 percent of people said to browse their school/ college website.
In terms of Gaming, 9.9 percent of people said to play PUBG while 3.2 percent reported being playing Free Fire during the lockdown. Similarly, 9.9 percent of people said that they were playing other online games.
Talking about the purpose of the use of the internet, 73.9 percent of people are using the internet for entertainment and 72.6 percent are using for News and Information. 63.2 percent of people said they use the internet to connect with friends and relatives and 57.7 percent of people said to be using the internet for education while 1.06 percent said to be used for other purposes.
14.5 percent of people informed that they received sexual messages, photos, or videos from strangers and 2.4 percent of people said to have sent sexual messages, photos, or videos to others.
On the question ‘Did you ever visit porn sites?’, surprisingly, 41.7 percent of people responded ‘Yes’ although the government has banned porn websites in Nepal.
On the same survey, 71.4 percent of people said that children are at a higher risk of online abuse and exploitation during the lockdown. In the same question, 15.8 percent of people responded that they don’t know about it, while 12.8 percent of people felt this was wrong.
What does the Childsafenet President say?
Anil Raghubanshi, President of ChildSafeNet says, “We wanted to study people’s behavior in the lockdown period. We found that people are still watching porn despite its ban. During this period, children are vulnerable to sexual abuse. “
He added, “In most cases, the images captured by the victim are shared over the internet. So, we not only surveyed but also made people aware that they should not capture nude images just to keep in their phones too. If the image is uploaded to the internet, it creates a long-term impact. Being raped is definitely not good but if the images and videos are uploaded to the internet, it lasts almost forever. If anybody has faced such a problem, we help in removing the images and videos. For reporting child sexual abuse images and videos, anyone can report anonymously through the link on our website, ChildSafeNet, for the removal of such contents. We provide advice and tips on online safety through our messenger hotline. We also provide support in reporting cases.”
Considering the recent cyber hack attempts, Information Security Response Team Nepal (npCert) and Center For Cyber Security Research and Innovation (CSRI) are organizing Ethical Hacker’s Meetup Jointly on 24th April 2020. The event will be supported by CryptoGen Nepal, One Cover, and Cynical Technology. The event will be organized from 4 PM to 5 PM on Friday.
Due to the Lockdown and coronavirus concerns, the meeting will be organized virtually. However, the platform is still to be decided.
Pramod Parajuli, Ph.D. will be speaking on the event. Similarly, Ridesh Rai, Nirmal Dahal #Nittam, Alex Dhital, and Prakash Prajapati will act as the presenters. The event is set to be moderated by Suresh Bhandari.
Topics of Discussion:
The presenters and speaker will be discussing the following topics.
Methods of data breaches
Protection Methods
Insights on what suffered organizations could do after the breach
Insights on what an individual need to do after the breach
Role of ethical hackers in organizations
Event Hosts:
The event will be hosted by around a dozen hosts. Here we present the list of hosts.
According to the event page of the meeting, Meeting Details will be available on or after 3:30 PM on the meeting date.
About Organizers
Information Security Response Team Nepal (npCert) is an organization actively working for the cybersecurity in Nepal. It is actively promoting security awareness across industry, academia & public sector.
The Center for Cyber Security and Research Innovation (CSRI) was established as part of the cybersecurity domain Research Program. It is also actively working for the cybersecurity in Nepal.
One Cover Pvt. Ltd. is a private organization providing dependable security services. It has worked for various government and non-government organizations for their security.
CryptoGen Nepal consists of the professional team members who are devoted to providing professional-grade cybersecurity solutions such as IS audit, VAPT, End-Point Threat Analysis, Forensics & Malware Analysis, Incident Response, Server Assessment, and Hardening. It has been providing such services since our establishment in Nepal and even helped a number of organizations globally.
Cynical Technology is a Kathmandu-based cyber-security startup company with skillful expertise in security consulting, auditing, testing, and compliance that focuses on solving issues of concern to management in regards to cybersecurity.
ICT Frame is the event manager of the Meetup. It is the first women lead online magazine in Nepal. The chief-editor of ICT Frame, Mina Aryal completed a Master of Business Studies from Tribhuvan University in 2011. After taking various ICT training, she finally thought to contribute to the sector and started the online magazine in 2014. It is providing ICT related news in two languages; Nepali and English since then.
Data breach in a company can become a burden to the growing business. It not only damages the reputation of the company but can sometimes cost the company financial damage. A data breach can be an intentional or unintentional attack on the company. A data breach can happen due to several reasons; not a secured network is one of the main reasons hackers can get into your confidential data.
But for now, let’s not talk about the network security or prevention of data breach.
Let’s talk about what to do if you ever had a data breach. Here are some steps you can follow to tackle a data breach you have had or in case you have.
Notify the affected
As a company, holding personal information and data of various people, you must notify those who are affected by the breach and what data was stolen. They can be notified by direct messages, or via social media. An official press release is considered as the most professional way to communicate about the data breach, but you want to do it as quickly as possible. So first posting on social media and then providing a press release would be fine as well
Notify what information has been breached
As mentioned earlier, notifying the customers or employees about the data breach is necessary. Informing how much data has been compromised and what data has been compromised is essential to be informed so that they could secure their information if needed.
Request to apply protective measures
After the data breach, your customers might get affected by the data leaked. To prevent them from having further problems due to data leak from your company, request them to reset their password. Inform them to change their other confidential information as well or contact respective concerning bodies (like government office, banks) if data were compassionate.
Investigating the data breach
If the data breach was done on a considerable scale, the government body could intervene in your further actions, which can be of help. Nonetheless, you have to investigate the data breach How, when, and why it happened is necessary to understand. Contact legal authority or cybersecurity company to investigate the data breach.
Find and Mitigate Vulnerabilities
After investigation, once you find out the vulnerabilities on your software or system, you should patch them immediately. Also, inform your customers or employee that the data has been secured and the loopholes have been fixed.
Protection against future attacks
After you have secured your data, you should understand it is not over yet. These kinds of attacks can repeat shortly. To prevent such attacks perform Penetration testing of your application or system. Hire hackers or cybersecurity experts to find other possible loopholes and secure it.
As a company, holding sensitive data of many people, you need to secure your system and prevent any further data breaches.
Everything you need to know about the data breach and its prevention
What is a data breach you have been hearing about a lot this time?
The data breach is the intentional or unintentional release of secured or confidential information to the public where anyone can access the data. The data can be anything that the company has about customers or employees. It can be personal information, Date of birth, confidential documents or conversation, or in some cases, back details as well. Data Breach can cause someone emotional or financial damage, so it is a significant thing of concern in today’s digital world.
If you are an average citizen who thinks that he/she has nothing confidential or financially affecting data, data breach should not be taken lightly. If you are a more significant or small start-up company, still data breaches should not be taken lightly.
Data breach should be prevented as much as possible to ensure your company’s reputation and safeguard your customers or employee details.
So first, let’s understand who can cause data breaches.
A Malicious Insider: If someone purposely accesses or shares data with the internet or public with the intent of causing harm to an individual or a company, these are considered malicious insiders.
Lost or Stolen Device: In case of someone with the access of data losses their unencrypted and unlocked laptop or the external hard drive of a company. The sensitive data contained in it is easily accessible to others. This can result in harmful use or making public of these data.
Malicious Hacker: These are the hackers who use various kinds of attack vectors to gather information from the system. They can exploit the system to get internal access to some sensitive data.
As mentioned earlier, a data breach can cause you emotional or financial damage. It can cause damage to your company; this can affect your company for a long time in the future as well. Here are the ways which can help you to prevent data breaches.
Update software regularly
Updating software is an easy and cost-effective method to prevent attacks. Updating software regularly to fix bugs can help a lot to avoid a security breach. Make sure all the programs are patched and updated daily because the networks are sensitive if not repaired, which can cause data breaches.
Limit access to the confidential data
Limiting access to the most valuable data helps to reduce the chances of the data breach. As the data have limited access, sensitive data can be accessed through a few of the users, and that can be made secured rather than every employee in the office.
Train the employee about security threats
Training your employees about the data breach is as necessary as teaching them about office works. Despite having a strong Security team, educating the employee about the data breach and security importance can help a lot to prevent a data breach. The team should also inform the employees about the potential risks, and hacking attempts of the information can be made through them as well.
Regular Vulnerability and Compliance Management
Performing vulnerability assessment and penetration testing on your system can help to identify weaknesses inside your order. It enables you to detect the gaps and security misconfiguration. It also helps you to monitor and safeguard infrastructure continuously and protect the system by fixing the loophole
Observe the Third-party vendors
It is essential to have data and information about the people you are working with as a company. Before getting connected with any third party, check their background and reputation. Ask for transparency if you are allowing the company access to your data
Monitor the devices connected in the system
Most companies nowadays ask their employees to use their own devices at work. But this can cause a high risk to the system, as most of the employees use the tool for both office and personal reasons. Many companies have a culture of asking their employees to use their tools at work. It is crucial to monitor those devices to ensure there are no security threats that can be caused by the devices after connecting to the system.
Notify in case of an unusual act
In case someone realizes the data breach, it is necessary to inform the security team as soon as possible. If the offense is acknowledged at an early stage, it has a higher chance to control it or at least minimize the loss. Even if someone notices any sort of suspicious act or any unusual act, it is better to report to the concerned body.
By applying these steps, there can still be chances of data breaches. To ensure your customer’s data safety, consult security experts, or hire a security expert to the company to prevent a data breach.
Best Security Practices for Employees and users for making a safe and secure workplace
Recently there are many cases of data breaches and hacking are coming to the news headlines. Despite the widespread infection of COVID-19 and offices following the Work From Home system for their business, employees or any users should be aware of a data breach. A data breach is the intentional or unintentional release of secured or confidential information to the public where anyone can access the data. The data can be anything that the company has about customers or employees. It can be personal information, Date of birth, confidential documents or conversation, or in some cases, back details as well. Data Breach can cause someone emotional or financial damage, so employees should be careful while working from home.
Here are some measures to follow safe working environment:
Do not open any links or downloads and attachments on your mails: Mails related to COVID-19 or lottery can be sent to you, which can contain viruses that can affect your system.
Do not click on pop-ups: While you use a personal pc for office work, the infection in your pc can affect your office system as well. Clicking on pop-ups can also result in your pc being affected. Most of the time, they will try installing malware or adware on your device.
Do not disable the firewall: Firewall is the main line of defense in your system from malware. In-build firewalls should be kept activated to protect your pc against malicious affecting your pc.
Enable multi-factor authentication: Enabling multi-factor authentication provides an extra layer of security to your login during the system and prevents unauthorized access to the system.
Update your pc: Update your device to the latest security patches.
Use Enterprise Virtual Private Network (VPN): If needed to access organizational resources and verify it’s up to date use enterprise VPN.
Use Screen-Lock and password: You need to secure your phone by keeping a lock on your devices. This does not completely secure your device, but it is better to have to rather than having it accessible to anyone.
Enable auto-lock on your device after a short duration of inactivity.
Use End to End (E2E) Encrypted messaging: This provides security to your confidential
Have complex passwords: For your official accounts, it is better to use complex passwords. You can use a complex password in a personal social media account as well, but it depends upon you.
Be aware of the environment: Be conscious about the situation where you are using your devices. Be mindful about Shoulder surfing; other might be able to see/listen to your sensitive information
These methods do provide you a safe working environment but do not entirely prevent you from hacking or data breaches. In case you get any spam calls or phishing emails that might be suspicious, report to the police or cybersecurity body. Also, in case you find any suspicious activity in the office system, contacts your concerned official or security experts.
Security Practices that should be implemented by companies following the Work From Home System. In the middle of the imposed lock, down many of the companies must be applying for work from home methods. This has helped to continue the business during the lockdown and helped to maintain social distancing. But while many people consider work from home a best practice and should continue after lockdown as well, few are against it. The main reason people and companies refuse to work from a home method or do video conferencing is due to security threats.
But why to let your company suffer by being afraid of a preventable enemy (cybercriminals). To have a proper and secured Work From the Home system, you can follow these practices.
Things to do
Review your Business Continuity Planning (BCP) and Procedures.
Update your Organization’s Infrastructures (Jump Hosts, Firewalls, EPP, AD, Servers, etc.) to the latest available version. By doing so, you have almost secured your network by 50%.
Use Multi-Factor Authentication (MFA) where possible and strickly make your employees follow this method to log in.
Strictly Monitor user access and user roles. Prioritize the users that require most of the characters.
Define access rights for your infrastructures and allow only necessary privileges to your employees.
Enforce Communication with the use of end-to-end (E2E) Encrypted messaging applications. All confidential conversations would be safe by encrypting the messages.
Enable re-authentication access to the resource after a short duration of inactivity.
Backup and store data in more secure ways.
Ensuring the physical security measures of the employees is necessary as well. This minimizes the risk that information may be accessed, used, modified, or removed without authorization.
Only necessary organizational resources should be made available to the employee.
Things not to do
Providing more than necessary organization resources on the internet or making it accessible to every employee.
I am having a massive timeout duration for employees accessing organization resources.
They are having users even though they do not require privileges in the system for a specific time.
By applying these measures, you can have a safe and secure work environment online. There are different cybersecurity companies as well as working to make the internet a safe place for the users. If you want to add up more and more security to your system, you can contact them as well. Click Here
Recently you might have been hearing a lot about data breach and data being hacked and published. Recently, within this month, many companies’ data breaches have shocked us all. When a company’s data is breached, you will get notified about the data breach by that particular company. It can either by direct messaging or via a post on social media. Besides these, you can at least hear it from the news or any media outlet. But even though you get informed about your data being leaked, you don’t have to panic; just follow some simple steps.
Categories your stolen/leaked data
Well, the level of panic you should be in depends upon what kind of your information has been leaked. After you are aware of the data breach, you need first to categorize what type of data was stolen/leaked in the data breach to act accordingly. You can categories it in 3 group:
Least sensitive data: In confidential lease data, there lies your name and your address as these are easily accessible in any social media or on the internet, so this might not be a significant concern. Your primary care will be on sensitive data, which contains your details and security questions, which lie in the second category.
More sensitive data: In this category, there lie your details more than name and addresses. Your information like phone numbers, email addresses. Security questions, date of birth details, your Healthcare report are your more sensitive data.
Most sensitive data: The critical information that can cause you trouble both emotionally and financially lies in this category. Your bank details, which include payment or credit card information, your citizenship details, passport details, etc. lies in more sensitive data and need immediate action if these details are leaked.
Changing passwords
After you are informed about the data breach, you need to change your password as soon as possible. This should be applied in any category of the data breach. Create a new password for your account different from the previous one. If you have been using the same password for different accounts in the dream as well, having the same password for different accounts might not be a safer idea nonetheless of a data breach.
Change your credit card/ banking detail
If your banking details have been compromised, Immediately contact your respective Bank. Inform your brain about the data breach and change your sensitive information. Sensitive information includes card pin code, card verification value, etc.
Be aware of phishing attempts
After your data is leaked online, you might get many phishing attempts, spam emails, so you must be careful about the information you provide through the call/Internet. If you get any phishing calls or any spam calls, immediately report the concerned department.
What if your passport is breached?
If your passport has been breached, the best way to prevent yourself from any financial, emotional harm is to replace it with new. Renewing your visa with the new one might cost you extra money, but this sum might be worth less than the cash the previous can extract from you using your passport details.
If you have not been aware of the recent data breach or want to check ok if you have been pwned. you can check using website: https://haveibeenpwned.com/
Big or small, organizations are currently struggling with maintaining cybersecurity. It is because most security implementations are expensive to purchase and maintain that require manual integration and operation.
In fact, it holds true for most large-scale organizations. And, many IT companies in Nepal also have failed to maintain security, especially during the COVID-19 pandemic.
The data leaks of Foodmandu and Vianet are among the few data breach incidents in Nepal. The humans are facing a global threat in the form of a virus as businesses are turning a blind eye to another threat: cyberattacks. Employees are working remotely and hackers are working overtime to exploit Coronavirus disruptions.
With recent data breaches and other cyberattacks in Nepal, there is no doubt that Nepali companies lack security. “Nepalese company doesn’t invest even its 1% budget in security. As a result, even a newbie like SATAN is dumping their databases,” Alex Dhital, Cyber Security Researcher said in an interview. “Cybersecurity platforms, security training, security-related education, networking related education are not well managed in Nepal. So, the Cyber Bureau of Nepal isn’t well equipped. They aren’t well trained in the field of cybersecurity.”
The New Security Paradigm Shift
The inherent weakness in relying on manual security solutions gives rise to a new security paradigm – Autonomous Breach Protection. It is basically a technology that delivers a full protection cycle from cyber threats.
How?
Well, it enables any organization to be secure even though the security team is working remotely. However, it also facilitates on-site protection.
It may just be the need of the hour since the pandemic has imposed a strict quarantine on people and organizations.
The new insight that the security industry is looking into is the possibility of rebuilding the organization’s security on a single platform. On top of that, the required engines should work in unison to prevent and detect a wide range of attacks on endpoints, networks, and users. The security solution should deliver full protection by automating the entire security operation, without the need for human intervention. The name of this approach is Autonomous Breach Protection.
The Pillars of Autonomous Breach Protection
We can further characterize an Autonomous Breach Protection solution into three pillars:
Visibility – It refers to the ability to continuously monitor every endpoint, network, and user activity. It includes drilling down to process execution, file interaction, login activities, and internal/external communication.
Context – It refers to the ability to conduct real-time determination on each process execution, network traffic, and user login, whether it brings about any type of cyber risk.
Action – It refers to the ability to enforce a precise response action with respect to the disclosed risk.
As we can understand that all three pillars are essential. The security technology that is capable of providing the solution of all these pillars autonomously will have a better chance of protecting an organization against breaches.
In fact, the potential of data breach prevention and increment in the security level globally is maximum.
Do you think the Autonomous Breach Protection is the need of the hour in Nepal? Comment below to share your views about this article.
Most of you are aware of the latest data breach cases in Nepal. From 50K user’s data leaks from Foodmandu’s database and more than 175K Vianet user’s data leaks to hackers entering Mercantile’s database, we’ve faced frightening situations.
Whether the hacker is Mr. Mugger or he’s ‘Narapichas’, no matter if he’s SATAN too. All these hackers frighten the general public regarding their data safety. So, to provide you more information on Data Breach, we’re presenting you with the exclusive interview with Cyber Security Researches actively working to protect the digital systems in Nepal.
Interview with Alex Dhital, Cyber Security Researcher, and CTF Player:
Q. What do you mean by ‘Data Breach’?
A: Data breach means an incident where an attacker or group of attackers access and publicly disclose the data accessing the critical/unauthorized part of a server to extract the personal and private data of users or the company itself.
Q. What do you think about SATAN? Is he a newbie or an experienced hacker?
A: SATAN is a newbie hacker who is dumping data of various Nepalese sites finding SQL (Structured Query Language) vulnerability injecting queries to drop the tables, columns, and other multiple contents from an unauthorized server. This doesn’t mean he is a professional hacker since this breach looks like he has been using automated tools and scripts which can be found via GitHub and other sources on the internet. If he would have been a professional hacker, he would instead report the company regarding the issue so they can fix it, he would have used his skills in playing CTF, bug bounty (to earn money)and so on rather than causing havoc among the company and the public.
Q. Do you think if he’s a single person or there’s a group behind him?
A: In my opinion, it is probably a single person who is just doing these for attention.
Q. Based on his tweets, most probably he’s a Nepalese. But, do you think he’s doing all these from Nepal or is he residing in the other countries?
A: I believe he is doing all these from Nepal.
Q. In his so-called data of Prabhu Pay, there were duplicated data. Is he leaking data from the servers, or he’s just using the data available anywhere just to grab attention?
A: In Prabhu Money Transfer, he probably might have used the same technique SQL injection to drop the sensitive information from the server, whether from its primary domain fuzzing the potential vectors which were vulnerable to SQLi or one of its subdomains.
Q. In these recent days, the number of data breaches has raised in Nepal. Don’t Nepalese companies invest in security?
A: No, Nepalese company doesn’t invest even its 1% budget in security. As a result, even a newbie like SATAN is dumping their databases.
Q. Are Nepalese companies providing the bounty to bug finders?
A: No, not at all, they aren’t providing the bounty to the bug finders. Soon, Cynical Technology is launching Bugv, a bug bounty platform. I suggest all Nepalese companies partner with it. This will help whitehat hackers and bug hunters to report the vulnerabilities easily and make the system more secure.
Q. If a person finds his data in a breached dump of data, what should he do?
A: If a person finds his data in breached dumps ma if an individual finds his/her data, then they should change their password immediately and enable 2FA (Two Factor Authentication). Similarly, he should avoid providing his information to third party websites in the future.
Q. What do you say about the Cyber Bureau of Nepal? Is it well equipped?
A: I don’t think they are well equipped. Cybersecurity platforms, security training, security-related education, networking related education are not well managed in Nepal. So, they aren’t well equipped. They aren’t well trained in the field of cybersecurity.
Q. As a security researcher, what do you suggest to the companies in Nepal?
A: As a security researcher who also worked in the Onecover Nepal, I suggest Nepalese company invest at least 10% of their total revenue in security. If they do so, they don’t need to worry much about breaches and all. Prevention is better than cure.
Q. Finally, what would you suggest to the general public?
A: I would like to suggest the general public, if you hear the term ‘hacker’, don’t think they are bad guys. There are white hat hackers who are protecting multinational companies from being infiltrated. And don’t put your personal data/information in any untrusted third-party sources and keep an eye on individual privacy.
Interview with Nabin KC, OWASP Chapter Leader, Nepal:
Q. Please tell us something about the data breach.
A: First, we should understand what data means to an individual, anything that represents some kind of information about any individual can be considered data; it can be digital or written in a thick paper. The data may include anything from general information like name, email, phone number, etc. to credentials like password and credit card information. If anyone gets unauthorized access, we can call it a data breach.
Hackers are not only responsible for data breaches. The data can also be breached from the insider employee with the right access but bad intentions.
Q. What do you say about SATAN? Is he a newbie or an experienced hacker?
A: Rather than going towards the identity rather than we should focus on his deeds in my personal view. Many hackers previously have breached similar Nepalese websites and leaked data multiple times. This is worldwide trend and will happen in future too, but how company have prepared to respond to such breach and handle such incidents reflect company security capability. Well planned response will decrease the breach impact to organization as well to customer. Talking about him, the data he published doesn’t seem to be completely accurate, and few seem to be old, but also, if leakage has happened, we should accept and respond accordingly. He seems to be doing these to get everyone’s attention about his findings but in the wrong way.
The organizations themselves are not able to tell that the leaked data is their real data, what portion of the information is there, which reflects that they don’t have any principle of data collection(Need to know basis). In this scenario, we need to talk on the topic of what the organization is doing to protect it from more data breaches. We need to think actually how can we minimize the impact as it is already a breach.
Q. What are the possible ways person can utilize the Breach data to harm company and customer questions should be brainstorm?
A: General people are also downloading the data. They are searching for their crush details such as home GPS location name and number too, which I recently for my close circle too, this seems fascinating but right.
So, we need to focus on what response is going to be done after any breaches and how the organizations are responding to the incident. We need to focus on the loopholes before searching for the person who harmed it.
Q. What should the organizations do to be protected from data breaches?
A: Talking about the current laws of Nepal, the hacker is punished if the data is breached. If a company is missing basic security things, the organizations should be liable, shouldn’t it? If person puts his money as well some community collected fund in his house and leaves it unlocked and if money is stolen . the first thing community people would ask the money owner is why don’t they lock the house which a basic security, due to this is he lost his money as well community money too.
So, at first, there should be regulation similar to GDPR in foreign countries which govern the company if they had worked on basic security maintenance or it hadn’t. Punishing the hacker is still there but if the company wasn’t maintaining basic security mechanisms, it also should be liable too. If a person gets its data breached from any data holding company, he/she faces the loss and that can’t be compensated. But, other people like him should not face it again. The law should interrogate it.
Since the startups can’t invest much in their security, they can ask for suggestions in security communities without the cost like OWASP NEPAL, PENTESTER NEPAL, as I understand the pain during startup. We are always ready to help. If a person reports the bugs, they should take it seriously and fix it rather than going after who report it. The main thing is, all the organizations should maintain their basic
standards. They can follow the OWASP Application Security Framework during development and do pen-testing on a regular interval basis. They should have information security go side by side with development. As human are the weak points and breach with employee interaction are highest around world. Hence employees information security awareness program should be conducted on regular intervals. One of main thing any organizations should follow to prevent data breaches is monitoring, what we see can only be stopped hence “Monitoring is key for defense”.
Q. What do you say about the Cyber Bureau of Nepal’s action?
A: Cyber Bureau is doing its job well based on the resources they have. They may have thousands of pending cases, and if a situation appears, all the funds shouldn’t be used in the same case. Tracking someone in the digital world is tough. A person living in a foreign country can commit a crime using IP of some other country. The Bureau is doing its work.
They also have find the criminals who committed crime years ago. We can’t judge the efficiency of their work. Based on the current performance, the Bureau is more proactive than before. Different departments have been separated from cybercrime. They’re organizing various awareness programs too, but some things need to be also improved and increase there resources.
Q. Should the government increase its investment in the cybersecurity sector?
A: Yes, that is necessary. Since the government is saying to digitize every sector, they need to focus on security too. They need to increase investment in cybersecurity. If it doesn’t invest in protection, it’ll harm the public. For instance, the database of driving licenses is breached, and a person uses the breached data and creates a license. If he creates an accident and leaves his fake driving license, the next person will get punished. So, the government should allocate a certain percentage of the budget for cybersecurity. Currently, I heard the government has shared people’s license number and citizenship number in some Facebook page of the people who didn’t come to claim for a few months, should we consider it a data leakage too.
Q. If a person finds his data in a breached dump of data, what should he do?
A: Generally, a person can’t completely protect himself from a data breach as it is not all his/her control. What I suggest is using Sudo names (nicknames or some random name ). Almost all websites let users use Sudo names while signing up, excluding banking websites, as they won’t allow it.
Usually, people keep two phones nowadays or have two SIMs. If a person uses two phones, he should use the phone number followed at the primary telephone to receive OTPs. Various applications in smartphones can read the SMS. So, basic feature phones are better to receive OTPs or utilize there two sim, one for financial transactions and other for day to day using web apps like ride-sharing, online delivery, etc.
Similarly, if you use services that require GPS location for any delivery, ride-sharing, don’t provide that exact location of your house instead offer a place you can reach within 2 to 3 minutes. Using different email addresses for various services can reduce the causes after the data breach. We can use our Gmail address by adding as many dots in the middle of our Gmail address. For example, we can use ab.cd@gmail instead of [email protected] for signing up on one website and [email protected] for signing up on the next site. Doing this will reduce the consequences of breach. Current breach data will be utilized by scammers in the future similar to Viber lottery scam now. If scammers have your name, phone number, address, and GPS pinpoint will be easier to scam. This just one of the impact of data Breach there can be many. Hence, we need to be careful about that too.
Problem Statement: You know, at recent, cyber-attacks in Nepal has exposed the personal information from the database of different organizations via the breaches, and similar results are seen. You can explore the cases recently from the message in your cell phone, so forth, as detailed by media.
In my research, case studies, present happenings in the case of Nepal and the global scenario, APT groups, cybercriminals are targeting different clusters. They have the following circumstances: (These are the generalized cases, whose detail can be explored in various study reports).
Phishing (Email, SMS, so forth), using the subject of coronavirus or COVID-19 as a lure. Malware distribution using coronavirus or COVID-19 themed lures. Attacks against newly (and often rapidly) deployed remote access or remote working infrastructure. They are using video conference platform because some video conference platforms are seen with vulnerabilities (E.g., Zoom cases). Filter the email messages whose subject areas enlisted below, cautiously examine the content inside it: 2020 Coronavirus Updates, Coronavirus Updates 2019-nCov: New confirmed cases in your City, Stuffs to do at Corona, working online at home, Stay Safe are some of the email subjects.
Precautions: Utilize Risk Management and Vulnerability Management Techniques where necessary. Suggest you all be alert while using the Internet space and Safely Browse the Internet. Think twice before you click on a link. Also, take care of the children who are using the Internet is also doing it safely.
The speakers of the event were Naresh Lamgade, Nabin KC, Subha Kayastha, and Vivek S. Rana while the webinar was moderated by Chiranjibi Adhikari. All the speakers are actively working for the cybersecurity of Nepal. Naresh Lamgade is the founder of Cynical Technology Pvt. Ltd, Nabin KC is the Leader of OWASP Nepal Chapter, Subha Kayastha is the co-founder of Body and Data whereas Vivek S. Rana is the Principle Consultant at InfoAssure. Similarly, the Moderator of the event, Chiranjibi Adhikari is the Executive Director at One Cover Pvt. Ltd.
In the webinar, participants accused the government institutions of not keeping the citizen’s privacy. As an example, one of the participants accused Transport Department of publishing the citizen’s data along with Driving License number, date of birth and other private details publicly.
Speakers answered the questions of participants. They discussed the trend of cybersecurity in Nepal, data breach, its consequences and the possible ways of minimizing the number of data breaches in the country. The speakers also told about the ways to reduce the consequences of a data breach for a general person. They even informed about the trend of data security in foreign countries. They showed the necessities of separate laws for cybersecurity in Nepal.
The program was ended by concluding such events should be taken seriously and should be able to make a change in the field of cybersecurity.
Around 100 people attended the webinar in Zoom and the event was live-streamed by the official Facebook page of TechPatro. You can watch the recorded version of the webinar on the official youtube channel of ICT Frame.
The way transactions and payments work is changing at a rapid pace with new providers, platforms, and tools. The payment industry has evolved from coins to paper, and from bank accounts to e-wallets. The world we live in today is accepting a more convenient way of making payments – the cashless way.
With this shift, it becomes necessary for retailers to adapt to fast, simple, and secure mobile payments. This facilitates various merchants around the globe to sell their products. At the same time, it assists customers to buy goods from anywhere in the world without being present physically.
How do we make payments?
By using the Internet! The advancement in the global business platform has triggered almost every business house to convert to the e-payment system.
The workflow of the Online Payment System (Source: http://mqs.gtpl.net/)
Payment Channels
Here are the three major payment channels based on market participants:
Business-to-Consumer (B2C)
Consumer-to-Consumer (C2C)
Business-to-Business (B2B)
Among these, C2C payments are proving to shape most actively while B2C and C2B have not been left behind with its use in banks, enterprises, startups.
C2C payments have the highest potential to evolve in the future. According to MEDICI, this is due to several factors:
Convenience and ease of use
Lack of entrenched counterparties such as businesses that are typically much slower to adopt new business processes
Lack of stickiness for incumbent service providers such as offers, and rewards
Now, processors for the payment systems can use different channels for a transaction. Each of them has different operating characteristics, rules, and settlement mechanisms.
All the payment systems operate on one of the following payment channels:
A paper-Based system, such as checks or drafts. This is the standard way to make a deposit and withdraw funds in/from the bank. These are the oldest forms of non-cash payment systems. Many countries still widely use checks for payment.
RTGS (Real Time Gross Settlement) or High-Value Payments, commonly called wire transfers. Even though wires came into existence in the late 1800s with the invention of the telegraph, they weren’t widely used until the early 1900s.
RTNS (Real-Time Net Settlement) or Automated Clearing House (ACH) batch payments, which came out in the early 1970s. They were designed to replace checks with e-payments. Unlike wires, the ACH payments are processed in batch. But, they would initially facilitate payments under $100,000, such as payroll or customer transactions.
Cards are a payment channel that includes credit and debit cards along with stored value cards. Nowadays, it is the most popular payment channel and pretty sure you already have one.
Mobile Payments is the use of mobile applications to pay for the purchase of goods and services. It might be at a retail POS terminal (using QR code or other means) or through the Internet. You can initiate payments via SMS, mobile browser, mobile app, or QR codes. With the increase in sales of smartphones, mobile payment services have the potential to overgrow and become the primary means of payment.
Lord Buddha Education Foundation (LBEF) published a report on a study from a customer’s perspective on the challenges in the electronic payment system in Nepal. The report includes the analysis from questionnaires presented to 113 respondents. The result of this analysis showed age group, gender, education qualification makes a significant difference in performing the electronic payment.
The research shows that 100% of people use an alternative way of payment system over cash payment. This means the usage of the e-payment method has already taken over in Nepal.
Also, 67% of people are using mobile banking, while 49% use internet banking to make payments.
It’s a good number for a country like Nepal, but only if there were lesser challenges in our electronic payment system.
Some threats or issues include:
Low Customer Awareness about the electronic money transaction procedure. The research shows that 47% of people had difficulties while performing transactions. Eventually, this leads to the same people abandoning the channel or shifting to other platforms.
Lack of Proper Legal Provision regulating the e-payment system. There are legal issues in the e-payment system in Nepal which have no proper regulation and practiced law. However, a legal framework has also been stated to be formed and applied soon to streamline the modes of electronic and online payment in Nepal (Nepal Rastra Bank, 2016).
Security Issues and Privacy Concerns are increasing, and we lack the proper countermeasures to tackle any cyberattack. Banks and financial institutions have to rely on themselves to search for a supplier to maintain security regulation and framework. Moreover, third-party service providers like NEPS or SCT run most ATMs in Nepal. Since the banks are so dependent on the service providers, they should establish proper compliance and security.
Prone to Cyberthreats is a rising issue for service providers and customers. Customers need to provide personal detail, including card information, to process payment. This sensitive data could be easily hacked if transferred via insecure lines or malicious links. Sometimes, hackers may launch phishing campaigns or malware attacks on customers to steal their data. Due to a lack of proper security, users have faced issues like suspicious transactions and cash deduction without withdrawing.
Final Say
The digital payment systems in Nepal have simplified the way we make payments for goods and services. They are convenient and quick methods of transaction. Meanwhile, there is always the question of security when it comes to digital cash.
There is an utmost need to upgrade the security of banks, financial institutions, and service providers. User data is the most vulnerable when it comes to cyberattacks.
According to the report by LBEF, about 70% of the respondents think the threats and vulnerability are due to user unawareness.
There are many cases of data breaches like the recent Foodmandu and Vianet incidents. At such a time, people need to be made aware of the potential threats of internet usage. Also, proper countermeasures should be implemented by service providers to prevent a data breach or at least the harm due to data breach.
Apple has always been a leading technology market. In the history of nearly 45 years, the company has gained a lot of good reputation and bad ones. A recent one being that the company brand is being used for phishing attacks. As per the Brand Phishing report by Check Point Research, the brand emerged as the most-imitated brand for phishing.
According to the report, the brand was on the seventh spot last year, but the number jumped within this year’s first four months, making it at number one. The report indicates the sudden rise in branch name in phishing after the launch of the Apple Watch and included “criminals exploiting the online buzz to launch several credential theft attempts.”
What is phishing?
Phishing is known as tricking people by making them give their identity, confidential details, and use their features. Their details can be further used to steal money from them. Brand phishing is quite similar to other phishing attacks. Here attackers imitate the official website of a famous brand by creating a same domain name or URL of the original site. These links are then sent to targeted individuals via email or SMS to get their sensitive information.
Apple was also mostly used in a web-based phishing scam.
Is Apple only one being used for brand phishing?
Not just technology but banks and media can also be used for brand phishing attacks. After Apple, there are different platforms like Netflix, Yahoo, Whatsapp, Facebook, etc. used by attackers for brand phishing. According to the report, Apple tops the chart with 10% of brand phishing attempts globally. About 9% of the total were using Netflix and 6% using Yahoo.
The research indicated that web phishing was reported as the most common attack. About 59% of phishing attempts in Q1 of 2020 are using web phishing. After web phishing, mobile phishing is second, with 23% of attempts. Email phishing comes in third with 18% of attempts. The report also states that this surge has been the result of the increase in the usage of smartphones. After the lockdown implementation in most of the countries, people are busy using their smartphone and browsing over the internet. This has become an excellent time for phishing attackers to get their victim details. During this time, we should be aware of phishing attempts and be cautious about personal data theft.
Coronavirus has become a hot subject right now. People are continually searching on COVID-19 information online. As coronavirus has become a sensitive topic and small misinformation can create chaos, authorities are trying their best to minimize it.
On the same note, Police have arrested two men from Dang and Surkhet on charges of spreading rumors about COVID-19 through Facebook. Twenty-eight years old Deepak Neupane from Ghorahi Municipality residing in 14-Ghorahi Bazar and 36 years old Dharmaraj Acharya, residing in Birendranagar Municipality, 8 Kalinchowk were arrested.
Neupane was arrested from the District Police Office, Dang, when they found out, he was spreading false rumors through Facebook. Neupane posted that a coronavirus patient was found in Dang, which was not just misinformation but created panic among people of Dang.
Similarly, Dharmaraj Acharya of Surkhet has also been accused of spreading rumors through Facebook. The reason being that he was spreading rumors about a new case of coronavirus was found in Surkhet. Acharya was arrested from the District Police Office, Surkhet, on Tuesday, on the same day when Neupane was arrested.
According to the secretariat of the Inspector General of Police, the local Police are conducting necessary investigations on both the accused. We, as the public, should also be aware of what we take from social media and report the news that is fake and misleading.
A rumor is like a wildfire, and we have to prevent it from spreading before it is too late. Be safe and away from suggestions.
SATAN, an anonymous Nepalese hacker, is now revealing the bugs of websites publicly through his Twitter handle @satan_cyber_god. Recently, he tweeted, saying he was in the system of Mercantile. Soon after it, he uploaded the image claiming the database.
Mercantile responded to the incident on 14 April. Releasing a statement, Mercantile said that it has taken the incident seriously and is improving its security. The company also informed that new .np domain registration is temporarily stopped until significant developments are made on the case.
It made clear that the majority of the data in its server is public information available through ‘whois’ and other personal information is uncompromised.
The statement also requested people who are trying to breach the security of the company to destroy the data without making it public. Mercantile Communication is managing .np domain registration for 25 years without any cost. The company has also requested the users to keep patience.
Here’s what the statement says,
NOTICE
Date: 14 April 2020
This notice is to confirm that on 13 April at 10:37 PM, we became aware of a security breach to Mercantile’s .np domain registration server. The majority of the data in this server is public information available via the “whois” query. Our preliminary investigations suggest that all other .np domain services remain uncompromised and, as such, continue to operate without any further breaches.
We are taking this incident seriously. Please note that this is a developing situation, and we will notify customers if there are any significant developments. We will be implementing additional security measures designed to improve the overall security of the server. Until such time, new domain registrations will be temporarily halted.
We urge those who are attempting to breach the protection of the server not to publicize any information and destroy any data so obtained.
Mercantile has been managing the .np domain for 25 years. We are currently providing this facility to over 83,000 individuals and businesses completely free of charge with the mission to facilitate and support the digitization of Nepal.
We understand that a situation like this, at a time when our country is already dealing with a pandemic and lockdown, creates additional stress and anxiety. We ask for your tolerance and understanding as we do our level best to respond to this incident and get our domain registration service up and running again.
Vianet reported that many customers have been getting unusual calls, messages, and e-mails after the data breaching incident of Vianet Communications.
Last week, Vianet suffered a data breach and more than 160,000 users’ data was hacked and published on twitter. The data included the customer’s name, address, email address and phone number. After this incident, Vianet confirmed that the information was stolen by unauthorized access to the customer’s system.
Vianet had also requested its customers to not accept any calls, SMS from any unauthorized numbers and unsolicited emails as well. Similarly, customers were also requested not to provide any personal information.
Vianet now officially requests its users to follow some security measures.
“It has come to our attention that many of our users are getting unusual phone calls and messages. As a precaution we request our customers to be aware of unknown calls/SMS. Also, do not respond to Viber activation messages or links,” said the post on the official Facebook page of Vianet Communications.
Some Viber Security Tips Provided by Vianet.
Check the associated device with your Viber account. For this, go to Viber Setting>Account>Desktop and Tablet.
Deactivate unauthorized devices.
Change Viber number without losing data. For this, go to Viber Setting>Account>Change Number.
You can also delete personal data. For this, go to Setting>Privacy>Personal Data>Delete Your Data [Note: while following the given procedures, beware of the list of data being deleted before moving forward as it cannot be restored.]
After three days of unavailability on Twitter, SATAN (@satan_cyber_god) tweeted a tweet yesterday. After his return to Twitter, he started posting the website bugs and warning them to fix it as soon as possible. He also leaked the login credentials of some government websites through his twitter handle.
He tweeted threatening Kantipur Daily, a pioneer news media in Nepal. In his tweet, he stated that Firebase JSON file’s permission is not set properly in Kantipur Daily’s website. He added, if they don’t fix it, he has to.
In his other tweet, he informed Daraz that its site is vulnerable to XSS and possibly more attacks. He then warned them to fix it soon else he would make them fix it.
The things got worse when he tweeted the picture saying he was in Mercantile’s system then. He challenged it to do whatever it wanted to do. In case you didn’t know, Mercantile is the official registrar of .np domains. It registers all .np domains.
After a short time, he again tweeted on the same case. He tweeted saying, “woops! Did i just got access to each and every .np domains of Nepal?” In the same tweet, he uploaded the picture of the database of .np domains.
Then, he retweeted the tweet of TechPatro, a tech news portal of Nepal, in which it had said that SATAN was threatening Kantipur Daily, Daraz and Mercantile by saying that he didn’t threaten anyone. He added he was just informing the companies before a black hat exploits the loopholes and harms the website and was doing for fun. He then warned to think before posting such things again.
TechPatro responded to its tweet saying that he leaked CTEVT information which can harm a lot of people and recent data breaches triggered phishing attempts to many Viber users recently. After some time, TechPatro noticed a login attempt to its system with a fake IP address of Beijing.
He then added a photo saying, “See some more internal images of Nepal’s official domain registrar! GB’s of data! But it’s all safe.”
After some time, he shared the login credentials of some government websites and asked if people still take him as a joke.
The last tweet of the day threatened Nepal Electricity Authority, an electricity supplier of Nepal. He said, “Nepal electricity authority <3 you will be notified tomorrow!”. He added, “Thanks for the support! Hope we can bring the change together <3”. His tweet ended with “ Operation #Justicefornirmala soon” which suggests people associated with the Nirmala Pant rape and murder case are his next targets.
What do people say about his activities?
Currently, people in social media are divided into two groups. The first includes people who are criticizing his deeds. They say that the path followed by him is completely wrong. They believe he should better inform the management team about the bugs than posting it public online. They believe he’s a newbie to hacking and should use his skills legally.
The next sort people are appreciating his activities. Some of them even publicly say that he’s their hero. According to them, he’s doing what he’s supposed to. They say that he’s showing how fragile our IT sector is.
Whatever people say, the path he’s followed is definitely wrong. He needs to understand that his activities are illegal. He should inform the website developers about the bugs. He shouldn’t post these things on social media. He even shared the login credentials of some government sites through his tweeter handle. We’re against his ways of expressing website vulnerabilities. He should stop doing these things and turn himself as a white-hat hacker helping websites fix their issues.
We also suggest Nepalese websites introduce bug bounty so that ethical hackers get motivated to report the website about the vulnerabilities. They must fix the vulnerabilities as soon as possible to decrease possible attacks on the site.
Following the event, the Nepal Telecommunications Authority (NTA) has requested everyone not to make the leaked data public by any means. They informed, the cyber attacker is being sought, and the public should not disclose such unauthorized data.
The authority also requested to immediately report if someone tends to use those data or tries to make it public. They also warned that if someone is found disobeying the notice, and if data was made public by any means, the person can face legal actions.
Bijay Kumar Roy, the director of the authority, said that the investigation is being carried out, and soon they will track down the hacker. He reported that a separate research team has been formed to study the data leaks.
Vianet had earlier said that the data was stolen by unauthorized access to its system.
Meanwhile, Managing Director of the company, Binay Bohara, said the vulnerability of system security was removed, and the officials concerned, including the Nepal Police had been contacted about the hacking.
We all know about recent data breaches in Nepal. Recently, two big data breaches took place leaking 50K personal details of ‘Foodmandu’ customers and more than 170K personal details of ‘Vianet’ customers. As all the data from these leaks were publicly posted, many people got access to the data. As a result, some people with bad intension are already using the data to harm others. Among such activities, the Viber hack attempt is the one.
Since all the data from the recent breaches were publicly accessible, many people with bad intentions are using the data in the wrong way. In recent days, people are reporting of getting SMS with a verification link in their phone, getting calls from foreign numbers and opening a QR scanner suddenly.
Viber only sends verification code and links when someone tries to activate the Viber in a new device. Similarly, Viber also allows verifying login by receiving a call. The verification call from Viber starts from ’+33’ So, if you receive calls from numbers starting with +33 or such messages, be sure that someone is trying to use your Viber account in his device and avoid responding to those calls and clinking on the link received.
Signs of someone trying to ‘Hack your Viber Account’
We’ve already mentioned the signs that someone is trying to hack your Viber account. We’re going to summarize the same thing here in points.
Receiving SMS from Viber with Verification Code and Verification Link.
Receiving calls from unknown foreign numbers. (Usually number starting with +33)
Randomly opening a QR scanner in your Viber App. (When someone tries to access your account from Viber Desktop Software)
What happens if someone clicks the link sent in the message?
When someone clicks the link within 30 minutes of requesting the verification code or link, the login attempt will be authorized. As a result, the one who tried to log in to your account will be granted access. So, we request you not to click the link received to your device, if you hadn’t tried to log in yourself.
What should you do if you observe these things?
If you observe the above-mentioned things, don’t respond to any of those things. The main thing you need to do is avoiding responding to the call and the link sent through the SMS.
How to delete your Viber data?
The next thing you would like to do after observing such things is deleting your Viber data. It is necessary to delete your Viber data if you’ve something confidential in your Viber account. To delete your data from Viber servers, please refer to the following steps.
Open your Viber Account.
Click on the ‘More’ button at the bottom right corner.
Click on the ‘Settings’.
Click on the ‘Privacy’ option.
Click on the ‘Personal data’.
Then, click on the ‘Delete your data’ option.
Finally, click on ‘DELETE DATA’.
After following these steps, you’ll be said that your data will be deleted in some time. Once your data is deleted, you’ll receive SMS on your phone informing the deletion of your data.
Our Suggestions:
If you are one of the victims of a data breach, you may observe unusual things.
These things include getting unwanted emails, receiving phone calls from unknown numbers, receiving fake promotion offers, etc. Some people may even try to act as a representative of the data breached company. What should you do to these kinds of stuff?
Follow our suggestions and be safe from scams.
Never open an email from unknown sources.
Never respond to calls and SMS from unknown people.
Never fall for offers offered through phone calls, SMS and emails.
Always verify company representative details before trusting him/her.
Never share OTP received to your phone to anyone.
Always check if the email looking to come from a company is coming from the company email address.
Never provide any confidential details if someone asks by calling you as a company representative.
There’s always a negative side to something good. Using two-factor authentication, or 2FA also has a downside. You might risk getting codes over SMS or text message.
The coronavirus pandemic has given a golden opportunity for hackers and scammers to prey on people’s fears. The threat actors have tried it all – from SIM swapping to phishing campaigns and stimulus check emails. As a result, it would be a very good time to look out for any suspicious activities on your account and email.
You would be wise to use two-factor authentication (2FA) to secure your personal information. And, you’d be even wiser to use an authentication app over SMS or text to receive codes.
But why? We will explain it in this article.
The authentication apps have their own perks. It is a more secure way to receive codes than in texts. The login process is also quicker. So basically, it’s a win-win situation.
What is two-factor authentication?
That is actually a good question. Don’t you want to know what the fuss is all about?
Well, here it goes.
2FA is an extra layer of security that makes sure that people trying to gain access to an online account are who they claim to be. How it works is first, a user will enter their username and password. Then, instead of immediately logging in, they will have to verify their identity.
How? That’s where 2FA comes in!
They will be required to provide another piece of information, e.g., a code sent on their SMS.
Even this piece of information can be one of the following:
Something you know
This could be a PIN, a password, an answer to a security question, etc.
Something you have
You can gain access to your account with something in your possession, like a credit card, smartphone, or a hardware token.
Something you are
This is somewhat an advanced category. It requires a biometric pattern of a fingerprint, an iris scan, or voice authentication.
Why Stop Using SMS?
Let’s just say that SMS is by far the least secure way of gaining access to your account via 2FA. Hackers have been able to trick your SIM carriers into porting a phone number to a new device – SIM swap. Now, once the hacker has redirected your phone number, they no longer require your physical cell phone to gain access to your 2FA codes.
Think of it as phone cloning, except your SMS will be redirected to the hacker and you will not know anything about it.
That’s not the end of it!
In fact, if you sync text messages with your laptop or tablet, the hacker could gain access to SMS codes by walking off with such a device of yours.
Hmm, that sounds troubling…
Well, it is troubling considering the weaknesses in the mobile telecom system itself. In something called an SS7 attack, a hacker can spy via the cell phone system, listening to your calls, intercepting text messages and viewing your phone location.
We hope you get how bad it could turn out to receive 2FA codes via SMS or text.
What to use instead?
Well, there are a couple of authentication apps for you such as Google Authenticator, Microsoft Authenticator or Authy. These apps make sure you don’t rely on your carrier, thereby lifting off the risk of an SMS swap. Moreover, the codes expire quickly, usually after 30 seconds or so.
Most people that have enabled 2FA on Facebook might know what we are talking about. It’s the same concept.
In addition, the authentication apps are faster, and you may get access by simply tapping a button to verify your identity. No codes, no password needed to enter.
In fact, if you have an Android phone or iPhone with the Google search or Gmail app, you can set up Google prompts to receive codes without having to install a separate authenticator app.
You will receive push notifications on your phone that require a simple tap to approve.
So much quicker, reliable, and convenient!
Isn’t it?
Do I really need two-factor authentication?
If you want to secure your online account and data, you sure do need it. Using stronger passwords and security questions is one thing. And, setting up 2FA can be the best move you make to secure your online privacy.
We would choose two-step verification over one-step any day. After all, our online data and activities are on the line. Hackers target the weak accounts and it’s almost sure that without 2FA, your account could be next.
It might sound like a hassle but compare it with the hassle of getting hacked.
We’ve seen lots of data breaches and threats of data breaches in recent days. Due to these incidents, all the companies, and people are feeling unsafe. By considering the increment on the number of data breaches in Nepal, Information Security Response Team Nepal (NPCERT)and Center for Cyber Security and Research Innovation (CSRI) are organizing a webinar on ‘An Interaction on Data Breach Rise in Nepal’ in association with Open Web Application Security Project (OWASP)Nepal Chapter and Pentester Nepal Community. The webinar will be organized on 16th April from 2 pm to 5 pm via Zoom.
Cyber Security Professors, Cyber Security Entrepreneurs, Cyber Security Experts, Policymakers, Government and Non-government Officials, etc. will be discussing on the scheduled Webinar. The slogan of the event is kept, “If you suspect it, report it”
The main topics of discussion will be;
What is a personal data breach?
What types of events could be a personal data breach?
How do I report a personal data breach?
Why is reporting a personal data breach important?
What happens if I send personal data to the wrong recipient?
All the organizers and Supporters are actively working for cybersecurity in Nepal. The webinar is being organized to discuss the ways to minimize data breaches in Nepal.
People interested in Cyber Security can register for the Webinar for free. The registration process will be posted on the Facebook Page of theICT Frame. So, keep visiting the Facebook Page for more information.
If you want to get informed on the topic ‘Data Breach’, don’t miss this unmissable opportunity.
Due to lockdown, many people are staying at their home and scrolling over the Internet. Small children whose schools are shut down are feeding over what they get to see on the Internet. While you may find many productive/ useful things online, there is no doubt you can come across some pornographic contents. These contents can affect the young viewers’ mindset.
Taking this in concern Nepal Telecommunication Authority has requested everyone to detach access to pornography websites. The authority wants to promote a safe internet service, so they are taking these steps. The NTA urges the powers to be vigilant as the lockdown can lead to Internet use against children. They emphasized on preventing online abuse of children from the Internet. And they want to remove access to pornographic sites for safe internet service.
Attempts to remove pornography contents
Porn sites have been banned in Nepal for the past one and a half years. However, people are accessing these contents using different methods. The authorities have warned everyone that the children can get access to these contents through these various means and to monitor them.
These sneaking methods are the loopholes that have made the Internet not safer for children. Monitoring these methods and reducing its use can help to reduce children ending up in these sites.
How to safeguard your children from these contents?
Engage them in creative and engaging work rather than letting them use the Internet.
You can also limit internet use during the time of lockdown.
I was spending more time with your children.
Besides these, teaching your children about private body parts and the particular importance of sexual relationships between parents is also necessary. These bits of help be aware of what sexual relationship is and prevents them from searching them on websites that can lead them to pornography sites. This also prevents these topics from being taboo, and children hide these things from their parents.
If someone calls you on your phone introducing himself/herself as your bank employee and asks you for your OTP, will you give him?
Not right? Cause we know that they might be a fraud and might probably be phishing us. But now it is time to aware of your loved ones about it, maybe your parents or neighbor are unaware of it. With the increase in numbers of hacks in these big companies, it is most likely that your loved ones can be victims of phishing.
With the increasing use of social networking sites, ‘Phishing’ has lately been emerging as a new form of cybercrime. Phishing is known as tricking people by making them give their identity, confidential details, and use their features. Their details can be further used to steal money from them.
This is an illegal way of accessing others’ information, OTP, and credit card numbers to steal money.
Division’s Cyber Section Chief Police Inspector Leelaraj Dangi said the risk of email phishing has increased. He added it is due to an increase in payment through email for purchasing goods from abroad. He is also concerned about emails of travel and tour companies coming under phishing scams.
Reports on Phishing
The Metropolitan Crime Division informed that around 10 -15 complaints about phishing attempts are received daily.
They informed me that there were about 452 cyber-crime related complaints registered in the past three months.
These criminals have tricked the public into giving them Rs 10 million through the social network in the name of the lottery. People ranging from 20 to 30 age groups make up the highest percent (39.92 identified as having been associated with cyber-crime.
The Division has filed cases under cyber-crime against 11 people so far in the current fiscal year.
How to protect yourself from a phishing scam?
Well, it is simple to know that someone is performing a phishing attempt on you. No bank employee would ever ask for your credit card details and OTP on the phone.
Banks well describe OTP and your important confidential details; you can visit your bank to understand about it. Phishing attempts can be made from several ways, calls, or messages or pop-ups; you need to be aware of it.
What if you receive a phishing email?
Firstly if you receive any suspicious emails, don’t click on any links attached to the email or reply to them.
For emails, it is simple. You just ignore it. It is impossible to win the one crore lottery you never applied for. You can just ignore the emails and report the email for scam/ phishing.
If the email claims to be from some companies or banks, you can check on the website and call them to confirm the email.
But still, there is no reason to give them your information. You can visit them personally to understand what the email was for and self analyzes if it is passable enough to provide them with details.
What if you receive a phishing call?
If you have received a call and found it suspicious, don’t panic. You can easily hang up the call if you find it unnecessary.
If the caller claims to be from banks or some agencies vital to you, you can tell them that you will visit the office.
It is a better way to say, “I will hang up now because I don’t trust you on the phone. I would rather meet you in person.”
And finally, report a phishing attempt to the police or any concerned government agencies. This might help them to track down these criminals and improve that one possible victim of phishing.
Doing everything online might be the easiest and efficient way of life, but it surely is not the safest. With the increasing number of cybercrimes, there are significant concerns on what we do online. Due to lockdown, there is an emergence in the number of people using digital payments. But this has also led to a rise in criminal groups targeting online payment systems.
Attack on Payment Processing System
Researchers from global cybersecurity and anti-virus brand Kaspersky have warned us about the possible increase in cybercrime related to online payment processing systems in 2020. According to them, JS-skimming has gained immense popularity among attackers. JS-skimming is a kind of cybercrime where payment card data from online stores is stolen.
Kaspersky researchers said they are currently aware of at least ten different actors involved in JS-skimming. They predicted it to increase in 2020. Companies that provide services such as e-commerce as-a-service are at more risk.
Yuriy Namestnikov, Security Researcher at Kaspersky, said cybercriminals are shifting their focus onto data that helps to bypass anti-fraud systems in their attacks. Namestnikov added, “Behavioural and biometrics data is on sale on the underground market. Additionally, we expected JS-skimmer base attacks to increase, and they did. With 2020 on the horizon, we recommend security teams in potentially affected areas of the finance industry to gear up for new challenges.”
Attack on Mobile Investment Apps
With the increasing popularity of mobile investment apps, they are also more likely to be attacked by these criminals. Some of these apps are weak in their security and protection of the app connection. These loopholes can make them more vulnerable to hackers.
Kaspersky’s research suggests that the source code of some popular mobile banking Trojans was leaked into the public domain. Due to similar cases of malware source code leakage, there was an increased number of new variations of these Trojans. According to the research, it is most likely to repeat this year.
They also expect an increase in the activity of groups specialized in the criminal-to-criminal sale of network access to banks. These types of cases will increase in the African and Asian regions, as well as in Eastern Europe.
Their prime targets are small banks, as well as financial organizations recently. They are rebuilding their cybersecurity system following the standards of their parent companies, which makes them easy targets of these groups.
It is also highly expected that the same types of banks may become victims of ransomware virus attacks. It is because the banks are among those organizations that are more likely to pay a ransom than accept the loss of data.
SATAN (@satan_cyber_god), a twitter sensation hacker has leaked data of Tribhuwan University Teachers and Staffs. Recently, through a Twitter handle with username @satan_cyber_god, the hacker made public the names, departments and email addresses of teachers of Tribhuvan University and CTEVT. Blood groups with their designations have also been made public.
The hacker has also warned CTEVT to secure its data.
Greetings,everyone@tu_information Tribhuvan university and @CTEVTNepal
CTEVT you shouldn’t make the information regarding your employees and teachers free for everyone!
~just a remainder https://t.co/4v4G1VQLQI
🙁 i don’t want to harm any property of nepal and not doing it ??
He leaked data of 69 people through Pastebin. The link to the Pastebin had been shared to Twitter. Although the data of different departments have been leaked, leaked data contains data from Medicine Department the most.
Earlier, the hacker claimed to have leaked the data of Prabhu Money Transfer under Prabhu Group as a demo data. The leaked data included 406 people’s data including, Name, Email Address, Phone Number and IP Address.
As i said this is just a demo!
I am just informing everyone how weak or system is!
This is not a breach!https://t.co/wU9dDyNp8x
The same person has also warned Nepali Congress to secure its system else he’d leak the data along with donations received.
If you think we are doing wrong,let us know!@Nepali_Congress Please secure your data including all the donations and other information,don’t weaken your citizens. Don’t make us do it again
He also said that he’s leaking 150K people’s data and made it clear that it’s not a Nepali data. He said, ”I love my country! Just tried to alert everyone about bugs.”
Those who are making fun of SATAN don’t have common sense that people can create accounts with random email addresses.#shit_really_gonna_get_real_now
150M users data coming tomorrow!
Not Nepali data though!
I love my country! Just tried to alert everyone about bugs??
Since the outbreak of Coronavirus, hackers and scammers are leaving no attempts on exploiting the panic among people. The cyber attackers are capitalizing the fear among the people and patients.
Unfortunately, it is working to some extent, and there are a few reasons behind it. With most people staying home, businesses are taking a shift to online activities. Even education and formal meetings are now shifting online. Without enough preparation, people are just exposing themselves to more potential threats.
Misinformation and fake news have fueled most of the recent cyberattacks. The motive of threat actors is to distribute malware via Android apps, scam emails, malicious links, and execute ransomware attacks.
7 Coronavirus-themed Cyber Attacks
“Every country in the world has seen at least one COVID-19 themed attack,” said Rob Lefferts, corporate vice president for Microsoft 365 Security.
Let’s take a look at a few of the full range of threats arising during the Coronavirus panic.
1. Smartphone Malware
Hackers are seeking this opportunity to include malware in different mobile apps. To bring the apps on top of the search results, they are using coronavirus-related keywords.
Reports by Check Point Research suggests at least 16 apps, which claimed to offer information about the COVID-19 outbreak, contained malware. These included adware (Hiddad) and banker Trojans (Cerberus). The malware would steal the user’s credentials or generate fraudulent revenues from premium-rate services.
All these apps have seen a considerable download rate over the past few weeks.
2. Email Phishing
Cybersecurity firm Group-IB claims to have found that most COVID-19 related phishing emails came embedded as attachments. These campaigns allow the attacker to steal personal and financial data.
Sent emails between February 13 and April 1, 2020, disguised as health advisories from the World Health Organization (WHO), UNICEF, and other agencies.
Most online shopping companies have now started delivering to your doorsteps. They are serving even in the lockdown after acquiring permission from the government.
Exploiting the current situation, hackers are promoting their exploit tools on the darknet with ‘COVID19’ or ‘coronavirus’ as discount codes.
Group IB’s research also found over 500 posts on underground forums that offered coronavirus discounts and promotions on DDoS, spamming, and other malware services.
4. SMS Phishing
Thought Email Phishing was worse? Wait till you hear about SMS Phishing.
There is a lot of misinformation, as well as false news circulating during the pandemic. CISA and NCSC issued a joint advisory about fake SMS messages from “COVID” and “UKGOV.”
Yes! Hackers and spammers have become creative.
The sender’s names sent fake SMS messages containing a link to phishing sites.
Image source: The Hacker News
Moreover, people are receiving such texts over WhatsApp and other messaging platforms.
5. Face Mask and Hand Sanitizer Scams
By this point, every person is aware of the shortage of essentials and the reason behind it. But did you know that hackers are advertising the sale of face masks and hand sanitizers?
Europol recently arrested a 39-year older man from Singapore for allegedly attempting to launder cash from a business email scam (BEC). Furthermore, the man was posing as a legitimate company that advertised the fast delivery of FFP2 surgical masks and hand sanitizers.
An unnamed pharmaceutical company in Europe was defrauded out of €6.64 million after buyers never got the items. And, the supplier became unreachable.
6. Malicious Software
Since the ‘work from home’ and social distancing practice, platforms like Zoom and Microsoft Teams have become popular. These crucial applications have helped a lot of people to connect for business and make formal decisions.
Exploiting this, threat actors are sending phishing emails that include malicious files with names like “zoom-us-zoom_##########.exe” and “Microsoft-teams_V#mu#D_##########.exe.” Of course, its a trick to make people download the malware on their devices.
Unfortunately, a few people have fallen for the trick.
7. Ransomware Attacks
Interpol warned member countries that cybercriminals are attempting to target significant hospitals and health research centers.
Why health centers?
Well, these institutions have sensitive information on the fight against COVID-19. Threat actors aim to steal this information to ask for ransom.
“Cybercriminals are using ransomware to hold hospitals electronic record system and medical services digitally hostage, preventing them from accessing vital files and systems until a ransom is paid,” Interpol said.
How Can I Protect Myself From Threats
Hackers are getting very creative in designing new malware and threats. “Malicious cyber actors are continually adjusting their tactics to take advantage of new situations, and the COVID-19 pandemic is no exception,” CISA said.
We need to be careful while working from home and monitor our children’s online activity as well. The NCSC has offered guidance on what to look out for when opening coronavirus-themed emails and texts.
For the employees that are working from home, want some tips? Make sure your organization data doesn’t fall on the wrong hands. Check out our recently published article on tech mistakes to avoid while working from home.
And, make sure you have antivirus software and firewall settings that can track any suspicious activities on your device.
Saying the demo, SATAN (@satan_cyber_god) has leaked data of 406 people’s data including IP address, email, phone number, and name. The data is claimed to be of Prabhu Money Transfer Employees.
In his tweet, he says, ” As I said this is just a demo! I am just informing everyone how weak or system is! This is not a breach! “.
Previously, the same person had threatened Prabhu Money transfer with the username @Cyber_hell_god that he’d leak the data of Prabhu Money Transfer as a demo if the loopholes are not fixed.
The data has been leaked from Pastebin. Although there are 406 people’s data, the authenticity of the data is unknown. Once the data is verified to be real or fake, we’ll update you. Keep visiting the ICT Frame.
The hacker is now warning Nepali Congress to secure its data
The hacker has now requested Nepali Congress to secure its data including all the donations and other information. He added not to weaken its citizens. After warning not to make him do it again, he ended the tweet with ‘Justice will now be served.’
Series of cyber-attacks has now made everyone worried regarding one’s personal data safety. The government now needs to take serious action to protect its citizens’ personal data.
Prabhu Money Transfer Receives Threat On Twitter: Click Here
![406 Prabhu Money Transfer Employee's Data [Claimed] Leaked Online](https://ictframe.com/wp-content/uploads/Prabhu-Money-Transfer-Employees-Data-Claimed-Leaked-Online.png "Prabhu Money Transfer Employee's Data Claimed Leaked Online")
