ER ATTACKS IN INDIA

ETHICAL HACKING AND NETWORK

DEFENCE

Done By,
Bala Ganesh A (19DC03)
Raja Surya (19DC19)
OVERVIEW
 INTRODUCTION
 CYBER ATTACKS
• Domino’s India incident
• Juspay incident
• Police Exam Database incident
• COVID-19 Results Database incident
• MobiKwik data breach incident
• Upstox data breach incident
• Air India data breach incident
• CAT data breach incident
• Money control India’s incident
• Unacademy data breach incident
• Cosmos Bank Cyber Attack in Pune
• ATM System Hacked
• UIDAI Aadhaar Software Hacked
• Hack Attack on Indian Healthcare Websites
• SIM Swap Scam
 Measures for Organizations to Prevent Cyber Attacks
 WHAT IS Cyber Attack ?

• A cyber attack is an assault launched by cybercriminals using one or more computers against a
single or multiple computers or networks.
• A cyber attack can maliciously disable computers, steal data, A cyber attack is an assault
launched by cybercriminals using one or more computers against a single or multiple computers
or networks.
• A cyber attack can maliciously disable computers, steal data, or use a breached computer as a
launch point for other attacks. Cybercriminals use a variety of methods to launch a cyber attack,
including malware, phishing, ransom ware, denial of service, among other methods.
Domino’s India incident

 In the month of May, 2021, a huge leak of customer data was experienced by the famous pizza

brand namely, Dominos, India. The full details exposed included names, addresses, delivery

location, cell numbers and email IDs of 1 million customers who had placed orders on their

portal either through mobiles or computer systems. The total number of orders was 18 million.
 Juspay incident

 Juspay is an India-based payment processor that is used to transfer money through various

platforms such as Amazon, Swiggy etc. An unidentified breach occurred in 2020 concerning 35

million user accounts of Juspay, India.

 The same was identified by a cyber security researcher in 2021 when he surfed around the dark web

and saw the data being sold for USD 5000.

 The compromised data included masked card data and fingerprints of the card users. The hackers

had chosen Telegram App for price negotiation due to its ability to self-destruct the messages within

a specified time.
Police Exam Database incident

 The data from an exam for the recruitment of Police officers in December 2019 in India was

hacked which resulted in a leak of sensitive information of all the 50,000 participants.

 The bio-data of the candidates including their full names, dates of birth, mobile numbers,

email IDs, FIR records, and criminal history were all put up for sale. It was identified by a

firm named CloudSEK when a sample was shared with them by the hacker.
COVID-19 Results Database incident

 At the beginning of 2021, a database containing the information of at least 1500 Indian
citizens was compromised as a result of an attack on government websites. The hackers had
made the data publicly available through downloadable PDF files. It was later found that
New Delhi-based agencies were involved in the attack.

 A similar incident had occurred in 2020 when the database of Delhi State Health Mission
was hacked to obtain the information of 80,000 COVID-19 patients. The Kerala Cyber
Hackers group had taken responsibility for the attack and stated that the reason for doing so
was dissatisfaction with the way the government was dealing with healthcare personnel.
MobiKwik data breach incident

 MobiKwik is an India-based digital payment company that offers mobile-based payment

options and a digital wallet facility. In February, 2021 the records of 110,000 million users
were leaked.
 The company denied the occurrence of any such data breaches however, two separate and
independent researchers had found the data being sold on the dark web.
Upstox data breach incident

 Upstox is a leading stock trading/ brokerage company where web and mobile-based
accounts may be opened for trading in shares, mutual funds and Initial Public Offerings.
 In April 2021, around 2.5 million records (which is almost 2/3rd of their database) were
compromised and later found to be hacked by a threat group who called themselves, “Shiny
Hunters”.
 It was found out later that the hackers had acquired the Amazon Web Service Key through
which access to the accounts information was obtained.
Air India data breach incident

 Air India, the national Airline of India experienced a data breach in February 2021 when a
record of a total of 4.5 million global customers was hacked when its Data Management
Service Provider, namely, SITA PSS was accessed unauthorized.
 The compromised records revealed data ranging from years 2011 to 2021.
 The company intimated all its users in a timely manner to update their passwords to avoid
and misuse. As Star Alliance and One World Airlines also use SITA to manage their
databases, their records were also leaked.
CAT data breach incident

 In May 2021, the test results and personally identifiable information of 190,000 applicants
to the Common Admission Test, conducted for the Indian Institutes of Management, was
hacked and put for sale on a cybercrime forum.
 Other than the admission test, the academic records and past scores were also put in the
forum. This was the second incident of leak of CAT admission test results (the first being in
2019) and was identified by CloudSEK.
Money control India’s incident

 Money control India is an app offering investment portfolios and news of the Global
Financial Markets. In April 2021, data taken from the servers of Money Control concerning
a total of 700,000 users was leaked and sold online for USD 350.
 As identified by a cyber security researcher, other than user names, emails and addresses,
the data also included the passwords of such account holders.
 After this extensive breach, the company had to reset the passwords of all of its account
holders at once.
Unacademy data breach incident

 Unacademy is an online education platform delivering hundreds of courses to students. In

May 2020, the data relating to 22 million users was put up for sale for a payment of USD
2000.
 As most of these accounts were created by companies to train their employees hence,
corporate email IDs were compromised as a result of it. A co-founder of the company later
confirmed that no sensitive financial information was leaked in the incident.
Cosmos Bank Cyber Attack in Pune

 A recent cyber attack in India in 2018 was deployed on Cosmos Bank in Pune. This daring
attack shook the whole banking sector of India when hackers siphoned off Rs. 94.42 crores
from Cosmos Cooperative Bank Ltd. in Pune.
 Hackers hacked into the bank’s ATM server and took details of many visas and rupee debit
cardholders. Money was wiped off while hacker gangs from around 28 countries
immediately withdrew the amount as soon as they were informed.
ATM System Hacked

 Around mid-2018, Canara bank ATM servers were targeted in a cyber attack. Almost 20
lakh rupees were wiped off from various bank accounts. A count of 50 victims was
estimated and according to the sources, cyber attackers held ATM details of more than 300
users. Hackers used skimming devices to steal information from debit cardholders.
Transactions made from stolen details amounted to Rs. 10,000 to Rs. 40,000.
UIDAI Aadhaar Software Hacked

 2018 started with a massive data breach of personal records of 1.1 Billion Indian Aadhaar
cardholders. UIDAI revealed that around 210 Indian Government websites had leaked the
Aadhaar details of people online.

 Data leaked included Aadhaar, PAN and mobile numbers, bank account numbers, IFSC
codes, and mostly every personal information of all individual cardholders. If it wasn’t
enough shocking, anonymous sellers were selling Aadhaar information of any person for Rs.
500 over Whatsapp. Also, one could get any person’s Aadhaar car printout by paying an
extra amount of Rs.300.
Hack Attack on Indian Healthcare Websites

 Indian-based healthcare websites became a victim of cyber attack recently in 2019. As stated
by US-based cyber security firms, hackers broke in and invaded a leading India-based
healthcare website. The hacker stole 68 lakh records of patients as well as doctors.
SIM Swap Scam

 Indian-based healthcare websites became a victim of cyber attack recently in 2019. As stated
by US-based cyber security firms, hackers broke in and invaded a leading India-based
healthcare website. The hacker stole 68 lakh records of patients as well as doctors.
 Two hackers from Navi Mumbai were arrested for transferring 4 crore rupees from
numerous bank accounts in August 2018. They illegally transferred money from the bank
accounts of many individuals. By fraudulently gaining SIM card information, both attackers
blocked individuals’ SIM cards and with the help of fake document posts, they carried out
transactions via online banking. They also tried to hack accounts of various targeted
companies.
Cyber Security Measures for Organizations to Prevent
Cyber Attacks
 Educate employees on the emerging cyber attacks with security awareness training.
 Keep all software and systems updated from time to time with the latest security patches.
 Implement email authentication protocols such as DMARC, DKIM, and SPF to secure your
email domain from email-based cyber attacks.
 Get regular Vulnerability Assessment and Penetration Testing to patch and remove the
existing vulnerabilities in the network and web application.
 Limit employee access to sensitive data or confidential information and limit their authority
to install the software.
 Use highly strong passwords for accounts and make sure to update them at long intervals.
 Avoid the practice of openly password sharing at work.
 “
⩥ THANK YOU