Tips to avoid a Cyber Attack for Taxpayers and Professional
India Braces itself from Cyber Attacks
Just a couple of days after 20 Indian soldiers were martyred during an hours-long brutal hand-to-hand combat in the Galwan Valley on the night of June 15, India is now required to brace itself for a spell of cyber-attacks from Chinese hacker groups.
Due to the recent COVID 19 lockdown situation, companies have adopted a ‘work from home’ policy. While this was necessary to contain the spread of the pandemic, a huge chunk of official data is now being accessed from home. While official data was being severely protected at workplace, the same cannot be said once the data is sent at home. The lockdown has also boosted online transactions such as online shopping, bill payments, buying groceries online, self checkout groceries stores, funds transfer etc. While these options are far more convenient, the threat due to cyber attacks is on the high.
Piggy-backing on the COVID-19 pandemic outbreak and the vulnerability amongst individuals and organisation, the cybercriminals sent phishing emails in the form of an important update or under the trap of false cure, false advice, false medication to extract money. Such emails can be malware, trojan, or ransomware aiming to launch an organisation-wide attack.
What is a Cyber Attack?
A cyberattack is a malicious and deliberate attempt by an individual or organization to breach the information system of another individual or organization. A few examples of the types of cyber attacks are:-
- Malware – Malware breaches a network through a vulnerability, typically when a user clicks a dangerous link or email attachment that then installs risky software.
- Phishing – It is the practice of sending fraudulent communications that appear to come from a reputable source, usually through email.
- Eavesdropping – Also known as Man-in-the-middle (MitM) attacks, occur when attackers insert themselves into a two-party transaction. Once the attackers interrupt the traffic, they can filter and steal data
- Piggybacking – Piggyback attack is an active form of wiretapping. In fact the attacker gains access to a system via intervals of inactivity in another user’s legitimate connection.
- SQL injection – A Structured Query Language injection occurs when an attacker inserts malicious code into a server that uses SQL and forces the server to reveal information it normally would not.
- Denial of Service – A denial-of-service attack overwhelms a system’s resources so that it cannot respond to service requests.
- IP Spoofing – IP spoofing is used by an attacker to convince a system that it is communicating with a known, trusted entity and provide the attacker with access to the system
- Password attack – As passwords are the most commonly used mechanism to authenticate users to an information system, obtaining passwords is a common and effective attack approach.
Cyber Attack in India exploiting the COVID vulnerability:-
The Maharashtra’s cyber security cell, shared information that Chinese cyber attackers are increasingly targeting various sectors in India with over 40,300 cyber-attack attempts made in just the past 5 days. Resources and sectors such as infrastructure, information and banking have been heavily targeted in this period. The recent surge in hacker activity comes in light of heightened geopolitical tensions in Galwan Valley at the Indo-China border. The Indian government’s cyber infrastructure is being vulnerable right now as these attacks can be divided into 3 categories – denial of service, IP hijacking and phishing.
As part of these attacks, crypto miners and Remote Access Tool (RAT) malware are being dropped on victim computers, which enable remote administration and extensive interactions with those devices. Some of the actions include key logging (a common method to steal credentials), screen capture, privilege escalation (to gain deep-level access to classified files) and data exfiltration, among others.
Coronavirus-themed malware-laden spam emails were used to distribute malware and Trojans. Phishing emails were designed as communication from the Centers for Disease Control and Prevention (CDC) to steal email credentials. COVID-19-themed phishing emails targeted manufacturing, finance, transportation, pharmaceutical and cosmetic industries. Attacks on banking, defence and manufacturing sectors were also notably at large.
As per the recent PwC report on ‘COVID-19 crisis, the impact of cybersecurity on Indian organisations’, at least a half dozen fake versions of the ‘PM CARES’ site has emerged to target Indians.
Steps taken to avoid a cyber attack:-
Banks are now informing their customers that cyber criminals are using the pandemic situation by tricking the customers into clicking in malicious links and/or downloading malicious attachments. Information is being provided to bank customers that the latest fraudulent trick is by sending emails in the name of Ministry of Health and Family welfare. Caution is to be practices and bogus and malicious mails are to be ignored.
Information is provided to all bank customers that cybercriminals are expected to undertake a phishing campaign using the suspicious email – firstname.lastname@example.org from 21.06.2020. Criminals are also claiming access to several email ids where they are planning to send emails titled ‘Free COVID 19 Testing’ that aims to extract personal and banking information.
Another bogus claim pertains to GST payments, which informs the recipient that GST tax payment has been debited and the link shown therein is – incometaxindia.gov.in. It is not known how GST payments can be made from income tax portal. One must remain cautious while making payment of GST, which can only be done though the GSTN portal after using login id and password.
All taxpayers and professionals are now required to be more vigilant in these things, especially during such times of distress.
Here are a few tips that can be followed to avoid a cyber attack:-
- Train employees in cyber security principles
- Install, use and regularly update antivirus and antispyware software
- Use a firewall for your Internet connection.
- Download and install software updates for your operating systems and applications as they become available.
- Regularly change passwords.
- Make regular backup copies of important information.
- Control physical access to your computers and network components.
- Secure and hid your Wi-Fi networks.
- Require individual user accounts for each employee.
- Limit employee access to data and information and limit authority to install software.