Global Cyber Pulse: 03 January, 2025

January 3, 2025 | Cybersecurity

By Ashwani Mishra, Editor-Technology, 63SATS

India emerged as the second most targeted nation for cyber-attacks in 2024, with 95 organizations suffering data breaches, according to CloudSEK. Key sectors like finance, government, and healthcare were hit hardest, exposing vulnerabilities linked to rapid digitization. Meanwhile, over three million email servers globally remain unsecured due to the lack of TLS encryption, leaving sensitive information exposed to cybercriminals. These incidents highlight the urgency for enhanced cybersecurity measures to protect critical digital infrastructure and sensitive data.

Other significant breaches include hackers leaking Rhode Island citizens’ personal data and a ransomware attack on Crown Mortgage, compromising sensitive client information. While crypto scams saw a decline in December 2024, with losses dropping to $28.6 million, the push for tighter regulations gained momentum. The U.S. Commerce Department proposed stricter rules for foreign IT in drones to mitigate security risks, underlining the increasing emphasis on protecting national infrastructure and technology supply chains.

India Emerges as Second Most Targeted Nation for Cyber Attacks in 2024

India ranked second globally for cyber attacks in 2024, with 95 organizations falling victim to data theft, according to CloudSEK’s ThreatLandscape Report.

The report revealed the United States faced the highest number of attacks (140), attributed to its vast digital infrastructure. In India, sectors like finance and banking (20 attacks) were most affected, followed by government (13), telecommunications (12), healthcare (10), and education (9). Israel ranked third, with 57 attacks. Rapid digitization and geopolitical factors contributed to these trends, highlighting the need for robust cybersecurity measures in vulnerable industries.

Millions of Mail Servers Vulnerable Due to Lack of TLS Encryption

Over three million IMAP and POP3 mail servers are exposed online without TLS encryption, leaving them susceptible to eavesdropping attacks. IMAP synchronizes emails across devices, while POP3 downloads emails locally. Without TLS, sensitive information, including login credentials, is transmitted in plaintext, making it easy prey for cybercriminals.

Experts stress the urgency of enabling TLS to protect email communications and prevent data interception. As the reliance on digital communication grows, securing these protocols becomes a critical priority for organizations worldwide.

Hackers Leak Rhode Island Citizens’ Data on Dark Web

Hackers have leaked sensitive personal data of Rhode Island citizens, confirmed Governor Dan McKee. The breach stemmed from an attack on the RIBridges social services portal, managed by Deloitte.

Compromised data likely includes personally identifiable information (PII) of individuals who applied for health or human services programs. Authorities urge affected residents to freeze credit, monitor accounts, and remain vigilant against fraud and social engineering attacks. The state is collaborating with Deloitte to assess the breach’s scope and notify impacted individuals. This incident underscores the growing risks to government systems and citizen data.

Crypto Scams Decline as December 2024 Sees Lowest Losses

Losses from crypto scams, hacks, and exploits dropped significantly in December 2024, totaling $28.6 million compared to $63.8 million in November, reports CertiK.

Exploits accounted for $26.7 million, including a $2.1 million DeFi platform GemPad breach and a $1 million FEG token bridge hack. Improved vigilance and security measures contributed to this decline. Blockchain security firm PeckShield recorded similar findings, with a 71% drop in losses. Experts stress the importance of continued investment in blockchain security to maintain this downward trend in crypto-related exploits.

Crown Mortgage Faces Data Breach Exposing Client Information

Crown Mortgage Company reported a data breach compromising sensitive information, including names and Social Security numbers, of its clients. The breach, attributed to unauthorized access, may involve ransomware activity. Impacted individuals received notification letters detailing the compromised data.

Crown Mortgage advises victims to take precautions against identity theft and fraud. The breach raises concerns about safeguarding sensitive financial data, particularly in industries managing critical consumer information. As investigations continue, cybersecurity experts emphasize proactive defense strategies for financial institutions.

US Proposes Stricter Rules for Foreign IT in Drone Supply Chains

The U.S. Commerce Department has proposed new regulations to mitigate national security risks posed by foreign IT in drones, particularly from China and Russia. The rule aims to prevent adversaries from remotely accessing and manipulating drone systems.

Commerce Secretary Gina Raimondo stressed the importance of securing the unmanned aircraft systems supply chain to safeguard sensitive data. This follows earlier moves to protect connected vehicles from foreign software and hardware vulnerabilities. Public feedback is sought to shape the final rule, emphasizing the growing focus on supply chain security in emerging technologies.