Vajram-And-RaviVajram-And-Ravi
hamburger-icon

Amid China cyberattacks, govt issues SOP for staff

26-08-2023

12:11 PM

timer
1 min read
Prelims: Science & Technology
Amid China cyberattacks, govt issues SOP for staff Blog Image

What’s in today’s article?

  • Why in News?
  • Malware – About, types
  • News Summary

 

 Why in News?

  • Facing repeated cyberattack attempts from China, the government has decided to tighten its vigil.
  • Employees across ministries and public sector units (PSUs) being asked to follow a standard operating protocol or face disciplinary action.
    • This SOP has various steps including basic hygiene such as switching off computers, signing out of emails and updating passwords.

 

What is a malware?

  • Malware, or malicious software, is any program or file that is intentionally harmful to a computer, network or server.
  • It basically is a program designed to gain access to computer systems, normally for the benefit of some third party, without the user’s permission.

 

What are different types of malwares?

  • Viruses
    • A Virus is a malicious executable code attached to another executable file. The virus spreads when an infected file is passed from system to system.
    • Viruses can be harmless or they can modify or delete data. Once a program virus is active, it will infect other programs on the computer.
  • Worms
    • Worms replicate themselves on the system, attaching themselves to different files and looking for pathways between computers, such as computer network that shares common file storage areas.
    • Worms usually slow down networks. A virus needs a host program to run but worms can run by themselves.
  • Spyware
    • Its purpose is to steal private information from a computer system for a third party. Spyware collects information and sends it to the hacker.
  • Trojan horse
    • A Trojan horse is malware that carries out malicious operations under the appearance of a desired operation such as playing an online game.
    • A Trojan horse varies from a virus because the Trojan binds itself to non-executable files, such as image files, audio files.
  • Logic Bombs
    • A logic bomb is a malicious program that uses a trigger to activate the malicious code.
    • The logic bomb remains non-functioning until that trigger event happens.
    • Once triggered, a logic bomb implements a malicious code that causes harm to a computer.
  • Ransomware
    • Ransomware grasps a computer system or the data it contains until the victim makes a payment.
    • Ransomware encrypts data in the computer with a key which is unknown to the user. The user has to pay a ransom (price) to the criminals to retrieve data.
  • Backdoors
    • A backdoor bypasses the usual authentication used to access a system.
    • The purpose of the backdoor is to grant the cyber criminals future access to the system even if the organization fixes the original vulnerability used to attack the system.
  • Rootkits
    • A rootkit modifies the OS to make a backdoor. Attackers then use the backdoor to access the computer distantly.
  • Keyloggers
    • Keylogger records everything the user types on his/her computer system to obtain passwords and other sensitive information and send them to the source of the keylogging program.

 

Background of recent cyberattack in India:

  • On November 23, 2022, a breach was detected in AIIMS' internal systems. Not much later, the hospital's digital patient management system was crippled.
    • The attack derailed everyday work, appointments and registration, billing, patient care information and lab reports.
    • It corrupted files and data on main and backup servers of the mega-hospital.
    • This led the hospital to shut down most digital patient care systems and move to manual means.
  • Different media reports claimed that hackers asked for a ransom in order to return access to that data.

 

News Summary

  • The government has decided to tighten its vigil, with employees across ministries and public sector units (PSUs) being asked to follow a standard operating protocol or face disciplinary action.
    • Several Indian agencies have built multiple firewalls to protect themselves against cyberattacks.
    • However, irresponsible behaviour by stakeholders and employees often exposes them to risks.

Image Caption: CERT-In manual on cyberattacks

 

Increased cyberattacks in recent months

  • From the power grid to the banking system, there have been multiple cyberattacks.
  • A report by CERT-IN has estimated a 51% jump in ransomware incidents that were reported during the first half of 2022.
    • While a majority of the attacks were on data centres, IT sector and manufacturing and finance; critical infrastructure including oil and gas, transport, power were also hit.
  • Separately, cyber security firm Norton said in a report that India had faced over 18 million cyber threats during the first quarter of 2022.
  • Most of these attacks are believed to be the handiwork of Chinese hackers, who often operate as “sleeper cells” using the computers of Indian users.

 

Q1) Which specific technology is associated with web 3.0?

Web 3.0, is based on the concept of creating a totally decentralized ecosystem. This new technological dimension believes in leveraging the power of A.I., machine learning, 3D Graphics, augmented reality, and the latest technologies like blockchain to solve the problems of the present-day internet/online ecosystem.

 

Q2) What are the features of cybersecurity?

Some features of cybersecurity include coverage for external threats, defense against internal threats, regulatory compliance for security, threat detection, prevention, and response, consolidated solutions, proper security analytics.

 

 

logo

© 2024 Vajiram & Ravi. All rights reserved