cyberattacks

CERT-In Directions dated 28 April 2022

March 23, 2023 Leave a comment

The Directions issued by CERT-In on April 28, 2022, for ensuring better cyber security measures in India as it focuses on the collection and storage of user’s sensitive information. As per the directions issued, VPNs in the country will have to keep customer names, validated physical and IP addresses, usage patterns, and other forms of personally identifiable information. Let’s discuss the directions in a detailed manner- 

Firstly, as per the directive, VPN companies are mandatorily required to collect and validate customer names, physical addresses, email addresses, and phone numbers along with that they are required to provide the reason each customer is using such service, the dates they use it, and their “ownership pattern.” They are also required to provide the IP address and email address used by a customer to register for the service, along with a registration timestamp. Lastly, they must provide all IP addresses issued to a customer and a list of IP addresses being used by its customer base generally. 

Secondly, the directives by CERT-In will have a wide impact on almost every stakeholder involved in the usage of internet as it is applicable to all service providers, intermediaries, data centers, body corporate and Government organizations. Furthermore, any non-compliance to these directions could lead to criminal imprisonment up to a year as a punishment. 

The CERT-In was set up as a body under the Ministry of Electronics and Information Technology (“MeitY”) to conquer the rising cyber security concerns. Moreover, some form of monitoring of information of users was necessary in order to combat against rising cyber harms. Since the latest directives give CERT-In the power to store and use such sensitive information of users; the directives also mandate that virtual asset service providers must have mandatory KYC and submit their financial transactions report to CERT-In.

It must be noted that the centre will use all the legal and security safeguards along with proper administrative channels to access such information mandated under the present directives. A detailed analysis of the said directions in the next post. Stay tuned!

What is DMARC and why it is important for businesses?

October 15, 2022 Leave a comment

Introduction

Today, every business and organization relies and is dependent on two most important things- the Internet & Data. With the emergence of the Internet, and the evolution from Web 1 to Web 2 and now to Web 3, this transition was always accompanied by various challenges, wherein the most concerning issue not just affects businesses, corporations, and governmental agencies, but also individuals, are Cyber-Attacks. 

In this Digital era, trade and communication highly rely on the use of Electronic Mail services (E-mail). As per a recent report by Statista, over 333 billion emails are delivered and sent each day. Moreover, 90% of the cyber-attacks on businesses and organizations are achieved through Phishing, Spamming & Spoofing over E-mails.

E-mail security threats are real and could cost businesses and organizations hefty losses, if not treated. How? Well, since electronic communications are the preferred way to connect with potential clients and consumers. If businesses fail to focus on e-mail security, it would be easy for an attacker to impersonate your business and send malicious mail to your clients and consumers. 

The present study will help you understand the relevance of e-mail security and the threats pertaining to it, along with the solution that every business must ensure to take.

Case Study

The sole purpose of this case study is to bring awareness about the seriousness of cyber-attacks via e-mail on businesses and their clients in cases where e-mail security is not dealt with care. For this case study, we won’t be naming any company.

ABC Pvt Ltd, an e-commerce company based in India markets its products to its potential buyers via e-mail. The e-commerce company also relies on e-mails for sending daily discounts and fashion trends to its subscribers. 

However, the e-commerce company was later informed by multiple sources and complaints that cyber-attackers were sending phishing e-mails and impersonating the e-commerce company which led to multiple cybercrimes. It was also later observed that all the actual e-mails that were sent by the e-commerce company itself were never delivered to their subscribers, instead multiple ISPs blacklisted all the domains of the e-commerce company.

It is essential to note here that phishing e-mails/attacks like these could be convincing to your clients and it would be hard for your clients to spot the difference between the original company and the scammer, which would eventually make your client fall into such phishing scams. This would further cause huge damage to the company’s brand image, and trust among its users/customers and potential clients, and its domain reputation would get affected due to such cyber-attacks.

 Now, in such scenarios, where the company itself doesn’t know about such security breaches due to lack of visibility or low visibility, which makes it tough to investigate such cyber-attacks or phishing in general. 

What are the remedies available and how will a business resolve this security breach and protect itself from such potential security threats?

Solution

The answer to the above case study is by implementing DMARC. Let’s understand what DMARC means, right from the basics.

What is DMARC?

DMARC or Domain-based Messaging Authentication, Reporting, and Conformance is a protocol/system that helps in authenticating e-mails and further protects the business’s domain from e-mail security threats/breaches such as spoofing, phishing, etc.

Let’s try to understand how DMARC works, exactly.

The DMARC constitutes of two main techniques and is essentially built on those verification techniques, they are-

1.         SPF or Sender Policy Framework; and

2.         DKIM or Domain Keys Identified Mail

Let’s try to further simplify these verification techniques in order to understand and get an overview of DMARC.

·      SPF is an e-mail authentication standard and is used as an industry practice concerning e-mail security. It allows only the authorized Senders of the Domain to send e-mails and further blocks others who are listed as the authorized senders of the domain. 

·      Here is what happens, when you as a Business implement SPF-

a.     You are required to publish all the authorized IP addresses that may send e-mails from your domain.

b.    Now, what happens next is that when an entity receives your e-mail, the server does a crosscheck to see whether the IP address matches your published list.

c.     If it matches, then such communications land in the inbox. On the other hand, if it doesn’t match, such an e-mail gets rejected straightaway by the e-mail server. Hence, ensuring and preventing phishing and other cyber threats.

d.    However, unfortunately, hackers have come up with multiple different ways to fool and bypass SPF technology. The only way to make effective use of and rely on SPF technology is by implementing DMARC.

DMARC is simply incorporating SPF technology along with DKIM.

·      The DKIM technology helps in creating a digital signature, which simply put the onus on the e-mail sender over the message that is shared across. The digital signature further guarantees that the content of the message sent has not been altered or modified. 

·      This technology is based on cryptography, which in simple terms means it creates a pair of keys (Public & Private keys) that are then used to verify the authenticity of the e-mail.

·      With the Private key, the e-mail is signed and when the receiving server receives the e-mail, it then verifies the same with the Public key.

This is how DMARC functions, and further shares detailed reports pertaining to failed e-mail authentication with the domain owner.

How does DMARC protect your Domain Reputation?

If your business has implemented DMARC, it will prevent and protect the customers and clients from phishing, spoofing, and other related security threats. We need to understand, that these malicious e-mails not just impact your information management system or cause data breaches, rather your domain may get blacklisted by multiple ISPs, which would straightaway impact your domain reputation along with that it breaks the trust of your customers since their data is at stake.

How to file a cyber complaint online? 

July 8, 2021 Leave a comment

(Full video link) –

1. Visit- National Cyber Crime Reporting Portal.

2. Check whether your complaint falls under- a. Cybercrimes against women/children or b. Other related cybercrimes.

3. Choose a. or b.

4. Fill all the details of the victim- When and where the incident took place, was there any delay, etc. In case you are the complainant, you may file the same on behalf of the victim.

5. You can attach screenshots/photos too as evidence, link of the fake profile, etc.

6. Upload the identity proof of the victim.

7. Cross-check and submit, you’ll receive an acknowledgement no. Via text and email.

8. Soon your cyber complaint will get transferred to your nearest police station.

9. You can easily track the status of your complaint through the portal.

#cybersecurity #cybercrime #complaint #rights #privacy #crime #cybercell #cyberbullying #stalking #indianpenalcode #law #legal #legalupdates #legalknowledge #legalawareness #legaladvice #lawstudent #lawyer #supremecourt #constitutionofindia #fundamentalrights #safety #reels #instagram #awareness #publicinterest #justice #harassment #bullying #delhi #india #covid19