By Ashwani Mishra, Editor-Technology, 63SATS
The latest edition of 63SATS Global Cyber Pulse highlights significant global cybersecurity events. India and Malaysia strengthened security ties through bilateral talks, addressing terrorism and cyber defense. The U.S. launched the Cyber Trust Mark to enhance IoT device security. High-profile breaches included the Green Bay Packers’ Pro Shop hack and Casio’s ransomware attack, exposing sensitive data.
Meanwhile, the UK plans to criminalize explicit deepfake creation to curb online abuse. Lastly, the UN’s aviation agency investigates a potential data breach by cybercriminal Natohub, reflecting growing threats against global organizations. These incidents underscore the critical need for robust cybersecurity measures.
India and Malaysia Strengthen Security Ties
India and Malaysia have taken a significant step towards enhancing bilateral security cooperation.
On January 7, 2025, New Delhi hosted the first security dialogue between the nations, co-chaired by India’s National Security Advisor Ajit Doval and Malaysia’s National Security Council Director General Raja Dato Nushirwan Bin Zainal Abidin.
Discussions covered global and regional security challenges, resulting in agreements to combat terrorism, bolster cyber defense, and deepen maritime and defense industry partnerships. Both sides also explored collaborations on critical minerals and rare earth elements, highlighting a shared vision for economic and technological progress.
U.S. Launches Cybersecurity Labeling Initiative
The U.S. federal government has unveiled the Cyber Trust Mark Initiative, a voluntary labeling program aimed at helping consumers choose secure smart devices. Products like baby monitors, fitness trackers, and home security cameras can display the label if they meet federal cybersecurity standards.
Featuring a shield logo and QR codes, the labels provide detailed security information. Deputy National Security Advisor Anne Neuberger emphasized that this program empowers consumers to identify brands offering robust cybersecurity features, including regular software updates to counter emerging threats. Labeled products are expected to hit the market later this year.
Green Bay Packers Pro Shop Hacked
The Green Bay Packers reported a cyberattack on their online retail store, packersproshop.com, which compromised customer payment information. Discovered on October 23, 2024, the breach involved a card-skimming script active between late September and early October.
The team immediately suspended payment operations and enlisted cybersecurity experts to investigate. While payments made through gift cards, PayPal, and Amazon Pay were unaffected, other transactions were vulnerable. The incident highlights the growing risks for e-commerce platforms, urging businesses to prioritize payment security and swift breach responses.
UK to Criminalize Explicit Deepfake Creation
The UK government has announced plans to criminalize the creation of sexually explicit deepfakes, with offenders facing up to two years in prison. This move follows amendments to the Sexual Offenses Act 2003 under the Online Safety Act 2023, which already prohibits sharing such content.
The new law also targets non-consensual intimate recordings, whether for sexual gratification or causing distress. Victims Minister Alex Davies-Jones stated, “This demeaning behavior must not become normalized. Our Plan for Change will ensure offenders face the full force of the law.” This legislation aims to curb online abuse and protect vulnerable individuals.
Casio Confirms Ransomware Data Breach
Casio has disclosed that a ransomware attack in October 2024 exposed the personal data of 8,500 individuals, including employees, business partners, and some customers.
The breach, carried out by the Underground ransomware gang, followed a phishing attack on October 5, leading to a temporary IT outage. The gang threatened to leak sensitive files unless a ransom was paid. Casio confirmed stolen data included personal and financial records but refrained from paying the ransom. This incident underscores the importance of robust phishing defenses and data protection measures.
UN Aviation Agency Probes Data Breach Claims
The International Civil Aviation Organization (ICAO) is investigating a potential data breach after a cybercriminal, known as Natohub, claimed to have stolen 42,000 documents. The leaker alleged the data includes sensitive personal information, such as names, addresses, and employment details, available for sale on a cybercrime forum.
ICAO has implemented immediate security measures and launched an internal investigation.
Natohub has previously claimed responsibility for hacking high-profile organizations, including the U.S. military and the United Nations. ICAO’s response underscores the growing threat of cyberattacks targeting global institutions.
