Global Cyber Pulse: 23 November, 2024

Cyber Attack
November 23, 2024 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

Telcos must now report cybersecurity incidents to the government within six hours under the new Telecom Cyber Security Rules, 2024, ensuring faster response and transparency. Meanwhile, global cyber threats escalate with Chinese hackers targeting US infrastructure, Maharashtra issuing alerts on scams, and Russian hackers exploiting Wi-Fi networks with novel techniques.

Telcos Must Report Cybersecurity Incidents in 6 Hours Under New Rules

The Department of Telecommunications (DoT) has mandated telecom operators to report cybersecurity incidents to the government within six hours of becoming aware of them. This directive is part of the Telecom Cyber Security Rules, 2024 under the Telecom Act.

In addition to the initial report, telcos are required to provide detailed information about the incident’s impact within 24 hours. This includes the number of users affected, the duration of the incident, the geographical area impacted, remedial actions taken, and the extent of disruption to the telecommunication network or service.

These requirements align with CERT-IN’s 2022 guidelines, which similarly stress the need for swift reporting and action to mitigate cybersecurity threats.

US Warns of Chinese Cyber Threats to Critical Infrastructure

Chinese hackers are allegedly embedding themselves within US critical infrastructure, positioning for potential conflict with the United States, according to Morgan Adamski, Executive Director of US Cyber Command. Adamski made this revelation during the Cyberwarcon security conference in Arlington, Virginia.

A recent cyberespionage campaign, Salt Typhoon, involved compromising US telecommunications systems to access call records, the communications of presidential campaigns, and law enforcement data. US Senator Mark Warner called this attack “the worst telecom hack in US history.”

The operation underscores the rising cyber tensions between the two global powers, with concerns about China leveraging these capabilities during a crisis or conflict.

Maharashtra Cyber Warns of Fake Support Centers, Ransomware, and Phishing Scams

The Maharashtra Cyber Department has issued a warning about an increase in cybercrime activities, including fake support centers, ransomware attacks, and phishing scams.

Fake support centers are scamming individuals by posing as customer service representatives. Victims are contacted through emails, phone calls, or social media and tricked into sharing sensitive data such as passwords or granting remote access to their devices.

Ransomware attacks are also on the rise, where hackers encrypt victims’ data and demand a ransom for its recovery. The department advises individuals to use multi-factor authentication, update their systems regularly, and train employees to recognize phishing attempts.

Phishing scams remain a persistent threat, with fraudsters sending fake emails or social media messages to redirect users to malicious websites. To stay safe, users are advised to verify links before clicking, enable spam filters, and never share sensitive information through unverified channels.

Russian Hackers Use Wi-Fi Exploits in ‘Nearest Neighbor’ Cyber Attacks

The Russian state-sponsored hacking group GruesomeLarch (also known as APT28 or Fancy Bear) has developed a novel attack technique called the Nearest Neighbor Attack. This method allows hackers to breach an organization’s network remotely by exploiting the Wi-Fi networks of neighboring businesses.

Discovered by cybersecurity firm Volexity in February 2022, just before Russia’s invasion of Ukraine, the attack enables unauthorized access from thousands of miles away without using malware.

This sophisticated technique marks a new era in cyberattacks, emphasizing the need for organizations to secure their Wi-Fi networks against potential breaches from unexpected sources.