Category: Uncategorized

Some rare good news in the world of cyber crime trends: Certain crimes declined in 2022 after years of constant rises. Should we credit crypto?
Some estimates say that cryptocurrencies have lost $2 trillion in value since November 2021. During that time, the costs associated with cyber crimes, such as ransomware payouts and financial scams, declined.
Pop the champagne! The crypto crash is also crashing cyber crime, right? Well, not so fast.
There are four major categories of cyber crime that lean heavily on, or fully require, the use of cryptocurrencies like Bitcoin, Ethereum and Monero: ransomware, DDoS extortion, cryptojacking and crypto theft.
Ransomware is usually facilitated by cryptocurrency, for example. The scam typically involves malware-encrypted files, which perpetrators say they’ll unlock when the victim pays the ransom. Paying in crypto allows criminals to maintain anonymity and non-traceability. (In the increasingly common “double extortion” variant, malicious actors also threaten to expose the files publicly if victims don’t pay.)
DDoS extortion is similar to ransomware. Instead of gaining access to and encrypting files, however, cyber attackers launch a sustained DDoS attack until a ransom in crypto is paid.
Another major crime is illegal cryptocurrency mining, called cryptojacking. Malicious hackers gain access to computing power owned by others, usually via special malware. They then use it to mine crypto illegally.
Unlike most kinds of computer-related crimes, cryptojackers don’t steal money or data directly or demand ransom payments. Instead, they steal computer resources. This translates to higher energy costs, lower performance for users and accelerated declines in battery performance.
Cryptojacking actually rose in 2022. An Atlas VPN analysis found that instances of cryptojacking grew 3.8 times in the third quarter of 2022. (Interestingly, the number of victims declined.)
Analysts assume that cryptojackers are anticipating growth in crypto after it hits bottom and are illegally mining aggressively in the hopes of profiting.
Finally, crypto theft is the hacking of crypto exchanges and other platforms to steal coins directly from their rightful owners. This kind of attack has been reduced because the crypto exchanges themselves were going out of business with the crash in the value of cryptocurrencies.
Cyber criminals use dark web exchanges because they don’t check user identities. These don’t typically store currencies but merely enable the exchange of crypto from one service to another, often at inflated fees. These exchanges operate in many ways like legitimate businesses. They need to spend big on advertising, for example, in part to engender trust among malicious actors who themselves don’t want to get ripped off.
Crashing cryptocurrency prices are squeezing dark web exchanges. This reduces incentives for threat actors because it reduces income, makes vulnerability purchasing more expensive and cuts revenue needed to fund Malware-as-a-Service organizations. In other words, falling crypto prices kneecapped the purchasing power of organizations using crypto for illegal activities.
During the rapid declines in early 2022, exchanges tried to convert their crypto to fiat currencies, such as the U.S. dollar (a currency issued by a government not backed by a physical commodity, such as gold or silver), but the value after conversion wasn’t enough to sustain the business.
Advertising for dark web exchanges nearly stopped in the Spring of 2022. Many went bankrupt or out of business.
The cryptocurrency value drop radically slowed financial crimes, including illegal dark web transactions. Losses for the first half of 2022 were way down, according to blockchain data company Chainalysis. Scammer income dropped by two-thirds — 65% — for the first seven months of the year.
It’s easy to conclude that the drop in the value of cryptocurrencies directly caused the decline in scam revenue. But that would be a mistake.
This drop wasn’t due entirely to the drop in cryptocurrency, according to the report. Both potential victims and police chalked up notable successes in countering such scams. In other words, the general defense against some of these crimes has improved, and credit there is due.
Another point to consider is that total annual scam revenue is usually determined by a very small number of very large scams. One massive scam could upend these numbers and reverse the trend.
In addition, the crash caused cryptocurrency transaction volumes — both legitimate and illegal — to fall. So it reduced “good” transactions in equal measure as “bad” ones.
Also, ransomware gangs likely don’t care if the value of cryptocurrencies is low. They demand ransoms typically in U.S. dollar amounts in the form of whatever quantity of cryptocurrencies are equivalent at the time of demand. While there may be a disincentive to strike while crypto is rapidly declining, once it hits bottom, that disincentive is removed. Volatility in one direction (down) disincentivizes ransomware temporarily. Unfortunately, ransomware is here to stay.
Most importantly, however, it would also be a mistake to assume that cryptocurrency valuations will stay low, or that reductions in crimes that rely on cryptocurrencies will stay low. The consensus among experts is that such crimes will come roaring back to life.
The crypto declines that began in late 2021 and continued for more than a year did, in fact, disrupt everything that depended on crypto — the good, the bad and the ugly. But there’s no question that complacency is the wrong response to this brief semi-respite.
As crypto-using criminal gangs regroup, retool and re-think their operations, they will no doubt come roaring back to attack legitimate organizations with new scams and new crimes.
I write a popular weekly column for Computerworld, contribute news analysis pieces for Fast Company, and also write special features, columns and think piece…
4 min read – Discover how threat actors are waging attacks and how to proactively protect your organization with top findings from the 2023 X-Force Threat Intelligence Index.
17 min read – Overview In this post, IBM Security X-Force Red offensive hackers analyze how attackers, with elevated privileges, can use their access to stage Windows Kernel post-exploitation capabilities. Over the last few years, public accounts have increasingly shown that less sophisticated attackers…
4 min read – As the U.S. looks to bolster electric vehicle (EV) adoption, a new challenge is on the horizon: cybersecurity. Given the interconnected nature of these vehicles and their reliance on local power grids, they’re not just an alternative option for getting…
Zero-day attacks are on the rise. Not only was 2021 a record-breaking year for the total number of zero-day attacks, but it also accounted for 40% of the zero-day breaches over the last decade. In part, this race to zero is tied to the sheer number of web, mobile and cloud-based applications being developed and deployed. With so much code created so quickly, it’s not surprising that attackers are finding more digital doors unlocked. The massive volume of users constantly…
Vulnerabilities like Log4j remain responsible for security breaches a full year after the discovery of the flaw. In the months after widespread reporting about the vulnerability, 40% of Log4j downloads remained vulnerable to exploitation. Rapid Response — by Both Security Teams and Hackers What made this exposure so damaging was how widespread this piece of code is and how hard it is to find exactly where it’s used. This open-source logging code from Apache was the most popular java logging…
As part of our ongoing series highlighting various roles in the cybersecurity industry, this article shines the light on the incident response professional. While there are many misconceptions surrounding the role, let’s examine a few frequently asked questions. How In-Demand is this Particular Role? Why?  Year after year, the story is the same: Cybersecurity jobs are one of the most in-demand roles in the country. But recent data from Cyberseek, a cybersecurity workforce analytics platform developed in partnership with NIST,…
During a recent get-together, my friend arrived late. She apologized, quickly explaining that she’d had trouble finding a charging station for her electric vehicle (EV). While she knew where the stations in her hometown were, she couldn’t easily find them on the road. This piqued my curiosity, and I began asking her questions about EVs and, most importantly, about charging them. Our household had been considering buying an EV, but we were concerned about just this type of issue with…
Analysis and insights from hundreds of the brightest minds in the cybersecurity industry to help you prove compliance, grow business and stop threats.

source

By Divya Bhati: National Crime Records Bureau (NCRB) data registered 52,974 incidents of cyber crimes in 2021. The stats increased by nearly 6 per cent in comparison to the previous year. While the data show the severity of the increasing cyber crime rate, what's more, alarming is that this data estimates the stats based on only the reported cases. So the real cyber crime cases incidents would be even more if we consider the under-reported cases.
But why will people not report a case? Well in most of the reported cases, we see that people are complaining about losing big financial amounts, so for a minimal amount people don't even bother to file a complaint or see it as a hassle. On top of it, many are still not aware of the types of cybercrime or the mechanism to report related cases. So let's take a detailed look at what cyber fraud is and how to register a complaint for the same.

Cyber fraud, also known as online fraud or internet fraud is a crime in which someone uses the internet to steal money. Fraudsters can target the individual and contact them via SMS, call, email, or other ways to get personal information or send the malicious link to apps or websites to hack into the computer, mobile device, or network to get sensitive information, such as bank account numbers, credit card details, social security numbers, and personal information.

With advancing technology, cyber scammers are also following new ways to target people and real money. Some of the common cyber frauds include identity theft, phishing scams, credit card fraud, romance scams, investment fraud and more.
Let's take a look at 5 common types of cyber fraud that you should be aware of-
Phishing Scams: In such scams, scammers send fake emails, text messages or make phone calls claiming to be a legitimate organization and trick people to give their sensitive information like usernames, passwords OTP or other.

Identity theft: In identity thefts, scammers steal someone's personal information, like name, address, and social security number, and use it to open accounts, apply for loans or commit other crimes in their name.
Malware: Scammers send malicious link apps which are designed to damage, disrupt, or gain unauthorised access to a computer system and get sensitive information to get financial benefits. Some of the Common types of malware include viruses, worms, Trojan horses, and ransomware.
Job scam: As the name suggests, scammers target people online on the pretext of offering a job and later stealing their money.
Online Shopping Scams: This is one of the most common scams. Cybercriminals set up fake e-commerce websites or advertise fake products on legitimate websites and trick people into making purchases. Through these fake websites, they may also steal credit card details to steal money.

National Cyber Crime Reporting portal is an online website by the Government of India to help victims/complainants to report cybercrime complaints including cyber fraud online. This portal takes complaints pertaining to cyber crimes and has a special focus on cyber crimes against women and children.

One can reach out to the National Cyber Crime Reporting portal (Helpline Number -1930) to register any complaint about cyber crime, including cyber fraud. You can also contact the nearest police station to file your complaint. You can also file your complaint online through cybercrime.gov.in .
Here is a step-by-step guide to filing a complaint on National Cyber Crime Reporting portal

– Open your web browser and visit the webpage https://cybercrime.gov.in
– On the homepage, click on 'File a complaint'.
– Next, read and accept the terms and conditions on the next page.
– Click on the 'Report other cybercrime' button.
– Select the 'citizen login' option and enter the required details including name, email, phone number, etc.
– Enter the OTP sent to your registered phone number and fill in the captcha, then click on the submit button.
– On the next page, enter the details of the cybercrime you want to report in the form.
– The form is divided into four parts – General Information, Victim Information, Cybercrime Information, and Preview. Fill in all the relevant details in each section and preview the information filled in to make sure it's correct.
– After reviewing the information, click on the 'Submit' button.
– You will be directed to an incident details page. Here, mention the details and supporting evidence of the crime, such as screenshots or files. Once you have entered the details, click on 'Save and Next'.
– The next page requires information about the alleged suspect if you have any. Fill in the details if you have any information about the suspect.
– Now verify the information and click on the 'Submit' button.
– You will receive a confirmation message that your complaint has been registered, and you will also receive an email with the complaint ID and other details related to your complaint.

If you are filing a cyber fraud case related to online transactions, lottery scams, ATM transactions, fake calls, or internet banking you will have to attach proof of the alleged fraudulent transactions, along with supporting evidence like bank statements, address, and ID proof, and any suspicious messages or emails you have received.

Add IndiaToday to Home Screen

source

An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of the Treasury (Treasury) are releasing this joint Cybersecurity Advisory (CSA) to provide information on Maui ransomware, which has been used by North Korean state-sponsored cyber actors since at least May 2021 to target Healthcare and Public Health (HPH) Sector organizations.
This joint CSA provides information—including tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs)—on Maui ransomware obtained from FBI incident response activities and industry analysis of a Maui sample. The FBI, CISA, and Treasury urge HPH Sector organizations as well as other critical infrastructure organizations to apply the recommendations in the Mitigations section of this CSA to reduce the likelihood of compromise from ransomware operations. Victims of Maui ransomware should report the incident to their local FBI field office or CISA. 
The FBI, CISA, and Treasury highly discourage paying ransoms as doing so does not guarantee files and records will be recovered and may pose sanctions risks. Note: in September 2021, Treasury issued an updated advisory highlighting the sanctions risks associated with ransomware payments and the proactive steps companies can take to mitigate such risks. Specifically, the updated advisory encourages U.S. entities to adopt and improve cybersecurity practices and report ransomware attacks to, and fully cooperate with, law enforcement. The updated advisory states that when affected parties take these proactive steps, Treasury’s Office of Foreign Assets Control (OFAC) would be more likely to resolve apparent sanctions violations involving ransomware attacks with a non-public enforcement response.
For more information on state-sponsored North Korean malicious cyber activity, see CISA’s North Korea Cyber Threat Overview and Advisories webpage. 
Download the PDF version of this report: pdf, 553 kb.
Click here for STIX.
Since May 2021, the FBI has observed and responded to multiple Maui ransomware incidents at HPH Sector organizations. North Korean state-sponsored cyber actors used Maui ransomware in these incidents to encrypt servers responsible for healthcare services—including electronic health records services, diagnostics services, imaging services, and intranet services. In some cases, these incidents disrupted the services provided by the targeted HPH Sector organizations for prolonged periods. The initial access vector(s) for these incidents is unknown.
Maui ransomware (maui.exe) is an encryption binary. According to industry analysis of a sample of Maui (SHA256: 5b7ecf7e9d0715f1122baf4ce745c5fcd769dee48150616753fec4d6da16e99e) provided in Stairwell Threat Report: Maui Ransomware—the ransomware appears to be designed for manual execution [TA0002] by a remote actor. The remote actor uses command-line interface [T1059.008] to interact with the malware and to identify files to encrypt. 
Maui uses a combination of Advanced Encryption Standard (AES), RSA, and XOR encryption to encrypt [T1486] target files:
During encryption, Maui creates a temporary file for each file it encrypts using GetTempFileNameW(). Maui uses the temporary to stage output from encryption. After encrypting files, Maui creates maui.log, which contains output from Maui execution. Actors likely exfiltrate [TA0010] maui.log and decrypt the file using associated decryption tools.
See Stairwell Threat Report: Maui Ransomware for additional information on Maui ransomware, including YARA rules and a key extractor.
See table 1 for Maui ransomware IOCs obtained from FBI incident response activities since May 2021. 
 
Table 1: Maui Ransomware IOCs
 
Attribution to North Korean State-Sponsored Cyber Actors
The FBI assesses North Korean state-sponsored cyber actors have deployed Maui ransomware against Healthcare and Public Health Sector organizations. The North Korean state-sponsored cyber actors likely assume healthcare organizations are willing to pay ransoms because these organizations provide services that are critical to human life and health. Because of this assumption, the FBI, CISA, and Treasury assess North Korean state-sponsored actors are likely to continue targeting HPH Sector organizations. 
The FBI, CISA, and Treasury urge HPH Sector organizations to:
In addition, the FBI, CISA, and Treasury urge all organizations, including HPH Sector organizations, to apply the following recommendations to prepare for, mitigate/prevent, and respond to ransomware incidents.
If a ransomware incident occurs at your organization:
Note: the FBI, CISA, and Treasury strongly discourage paying ransoms as doing so does not guarantee files and records will be recovered and may pose sanctions risks. 
The FBI is seeking any information that can be shared, to include boundary logs showing communication to and from foreign IP addresses, bitcoin wallet information, the decryptor file, and/or benign samples of encrypted files. As stated above, the FBI discourages paying ransoms. Payment does not guarantee files will be recovered and may embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware, and/or fund illicit activities. However, the FBI understands that when victims are faced with an inability to function, all options are evaluated to protect shareholders, employees, and customers. Regardless of whether you or your organization have decided to pay the ransom, the FBI, CISA, and Treasury urge you to promptly report ransomware incidents to the FBI at a local FBI Field Office, CISA at us-cert.cisa.gov/report, or the USSS at a USSS Field Office. Doing so provides the U.S. Government with critical information needed to prevent future attacks by identifying and tracking ransomware actors and holding them accountable under U.S. law.
The FBI, CISA, and Treasury would like to thank Stairwell for their contributions to this CSA. 
To report suspicious or criminal activity related to information found in this Joint Cybersecurity Advisory, contact your local FBI field office at fbi.gov/contact-us/field, or the FBI’s 24/7 Cyber Watch (CyWatch) at (855) 292-3937 or by e-mail at CyWatch@fbi.gov. When available, please include the following information regarding the incident: date, time, and location of the incident; type of activity; number of people affected; type of equipment used for the activity; the name of the submitting company or organization; and a designated point of contact. To request incident response resources or technical assistance related to these threats, contact CISA at report@cisa.gov. 
July 6, 2022: Initial Version |July 7, 2022: Added STIX

source

B.S.
Request Information
Purdue University Northwest’s (PNW) Bachelor of Science (B.S.) in Cybersecurity prepares you with the technical competency, knowledge and skills needed to protect networks, systems, software programs and data from criminal or unauthorized access. You will learn concepts, knowledge, skills, technologies and practices in a broad spectrum of cybersecurity areas, including the emerging fields of applied data science and artificial intelligence.
This program is hands-on and application-oriented. Upon the completion of the program, you’ll be ready to take highly sought-after industry certification exams.
Department of Computer Information Technology and Graphics
Upon completion, a student will:
You’ll take a balance of general education courses, College of Technology core courses and cybersecurity courses. This balance blends theory, applied research and experiential learning in all the vital aspects of IT, including networking, database administration, security and project management.
The cybersecurity program provides the specialized training you need for a career in this complex, in-demand field.
You can currently complete this degree at PNW’s Hammond campus.
First-year courses cover the basics of IT in areas such as organization, history, related informing disciplines, application domains, computer math and other IT-related topics.
Cybersecurity Course of Study
Sample Courses
Your second year covers in-depth discussions of networking, programming, database and fundamentals of information assurances.
Cybersecurity Course of Study
Sample Courses
Topics include administration, confidentiality, integrity, authentication, non-repudiation, intrusion detection, physical security, encryption and machine learning foundations.
Cybersecurity Course of Study
Sample Courses
In your final year, you’ll cover defensive programming techniques, bounds analysis, error handling, advanced testing techniques, detailed code auditing and software specification in a trusted assured environment.
Cybersecurity Course of Study
Sample Courses

Cybersecurity Degree Program Highlights
Cybersecurity workforce development is the key to assuring that the nation has adequate capacity to protect information and information systems.
This quickly growing field is both challenging and competitive. At PNW, we provide the tools you need to stand out, including US government-recognized curriculum and individualized attention from instructors.
Cybersecurity Degree Program Outcomes
Through classroom and lab interaction with experienced faculty, applied research and experiential learning, you’ll begin your professional work with the confidence and knowledge to be successful in a dynamic, competitive field.
Cybersecurity Degree Program Career Paths
This degree prepares you for a number of careers in the cybersecurity field, including:
Cybersecurity Degree Program Employers
Our alumni work with some of the most innovative organizations across the region and around the world, including:
Beyond the Cybersecurity Classroom
We encourage you to get involved in activities like:
Cybersecurity Degree Program Scholarships
In addition to the scholarships available to all PNW applicants, students seeking a bachelor’s degree in cybersecurity may also be considered for program-specific scholarship awards, such as:
See All Technology Scholarships
It was a class in Linux system administration that helped me the most…I was assigned a real-world problem and I applied my education and experience to solve it.
Lucas D’Antonio, ’23, Computer Information Technology—Concentration: Cybersecurity
All of the hands-on training I’m receiving at PNW is helping me narrow down exactly what I want to do once I graduate.
Joshua Phillips, ’22
Computer Information Technology: Cybersecurity
I was able to learn a little bit about everything – networking, programming, databases, security. It provided me a better understanding of how everything works together. It also gave me a wide variety of skills, not just for cybersecurity, that I can take with me into my career.
Travis McKinney, ’22, Computer Information Technology
Michael Tu, Ph.D.
Professor, Computer Information Technology

Michael Tu is a professor of computer information technology and director of the Center for Cybersecurity.
Ricardo A. Calix, Ph.D.
Associate Professor, Computer Information Technology and Graphics

Ricardo A. Calix, Ph.D. is an Associate Professor of Computer Information Technology at Purdue University Northwest.
Tae-Hoon Kim, Ph.D.
Associate Professor, Computer Information Technology and Graphics

Tae-Hoon Kim is associate professor of computer information technology in the department of Computer Information Technology and Graphics. His expertise includes computer network, security and data science.
Ying Luo, Ph.D.
Assistant Professor, Computer Information Technology and Graphics

Ying Luo is an assistant professor in the department of computer information technology and graphics. Her research and teaching focus on algorithm design, database management and cybersecurity.
Chuck DeCastro, M.S.
Lecturer, Computer Information Technology

Current responsibilities include teaching Networking, Operating System, Cyber Security and Computer Forensic Courses. I’m also the Advisor for the Gamers’ and Cyber ROAR Clubs.
Earn a Bachelor’s Degree in Cybersecurity at PNW
Purdue University Northwest’s Cybersecurity degree enables you to reach a genuine understanding of all aspects of the industry while building a solid foundation in technology through hands-on experiences.
To see how a Bachelor’s Degree in cybersecurity from PNW opens doors, from corporate boardrooms to non-profit leadership, take the next step today!
Request Info
Computer Information Technology
BS
Computer Graphics Technology
BS
Computer Engineering
BSCmpE
Hammond Campus
2200 169th Street
Hammond, IN 46323
(219) 989-2400
(855) 608-4600
Westville Campus
1401 S. U.S. 421
Westville, IN 46391
(219) 785-5200
(855) 608-4600
For assistance with accessibility issues while using this page, please contact Marketing and Communications at marketing@pnw.edu.

source

A recent data by CERT-In had showed that cyber attacks had increased from 41,378 attacks in 2017 to 14,02,809 attacks in 2021. In India, 3,377 cyber crimes were reported in 2012, and in 2020, the number of such reported crimes reached 50,000. More than 11 lakh complaints of different types, have been registered so far, and more than two lakh complaints have also been registered for social media crimes. In the thick of these gory developments, it is not possible to imagine the development of any country without ensuring cyber safety. Hence, figuring out challenges and finding effective solutions for cyber security becomes a thing of utmost importance for this digital economy to grow and sustain, which the G20 summit laid much stress on.
The first meeting of the Digital Economy Working Group under India’s G20 Presidency witnessed Cyber security dominating the discourse of the session, and it was termed as ‘crucial’ for digital transformation and digital economy by experts. If crores of people feel empowered digitally due to brisk Internet expansion and proliferation of innumerable applications, products and services, cyber crimes are also on the rise with almost the same speed if not greater. A sharp increase in organized crime gang hacking activities, supported and sponsored by hostile nations, have raised the risk. Hence, trade and business related to restricting cyber crimes are said to be one of the most profitable businesses globally.
Cybercrime are predicted to inflict damages totalling more than 6 trillion dollar globally, and the cost of cybercrime is estimated to grow by almost 15% every year over the next 4-5 years, reaching 10.5 trillion dollar annually by 2025. This enormous cost simply puts growth of digital economy in danger, which makes discussion and action on cyber theft very relevant for the entire world. Digital technology has the potential to address the myriad of problems still confronted by crores of people in Indian and other developing economies. Results are there to corroborate the claims. Today, 80 crore Indians have an online presence in India and by 2025, another 40 crore will enter the digital world, thanks to India’s Digital India campaign. In the last 8 years, the data cost per GB has come down by about 96%, which is expected to come down further.
Riding on the back of the speed and spread of the internet, transactions on UPI have crossed one trillion dollar in FY 2022, making India the first in the world in digital payments. BHIM-UPI are no longer just Indian apps, but have become truly global, as they are accepted in Singapore, the UAE, Bhutan, Nepal, France and a number of countries may adopt them in the coming days. Today, 130 crore Indians get the benefit from the government directly in their bank accounts through DBT. Rs.6,000 reaches the accounts of 13 crore farmers annually. Just a few years earlier, one could not have even imagined it.
However, the big challenge of securing the country from cyber fraud and other cyber attacks still needs to be addressed in an effective and speedy manner. To tackle this menace, the Cyber ​​and Information Security (CIS) Division was formed in 2017, and from there, a lot of steps have been taken. More than 16,000 officers from police forces have been trained. A lot of research works are also going on in the National Cyber ​​Crime Forensic Laboratory and the National Forensic Science University in cybercrime forensic investigation. However, this fight of global magnitude, can’t be fought in isolation. Here, the G20 summit promises a lot through research & analysis of global patterns and developments, and then collective actions to combat the issue.
Explore all issues of PBNS Daily Magazine Read Here.


Continue reading
Get an online subscription and you can unlock any article you come across.
Get access to PBNS Daily Magazine.
Get an online subscription and you can unlock any article you come across, getting instant emails when our site updates, too.
Get access to PBNS Daily Magazine.

source

Law enforcement officers from across Missouri can now receive continuing education credit for attending a cyber crime prevention class called “Social Engineering 101,” led and developed …
This item is available in full to subscribers.
We have recently launched a new and improved website. To continue reading, you will need to either log into your subscriber account, or purchase a new subscription.
If you are a digital subscriber with an active subscription, or you are a print subscriber who had access to our previous wesbite, then you already have an account here. Just reset your password if you have not yet logged in to your account on this new site.
If you are a current print subscriber and did not have a user account on our previous website, you can set up a free website account by clicking here.
Otherwise, click here to view your options for subscribing.
If you’re a print subscriber, but do not yet have an online account, click here to create one.
Click here to see your options for becoming a subscriber.
Law enforcement officers from across Missouri can now receive continuing education credit for attending a cyber crime prevention class called “Social Engineering 101,” led and developed by Warren County Emergency Management Director Jim Sharp.
Sharp recently announced that his two-hour seminar has received certification from Missouri’s Peace Officer Standards and Training (POST) Commission, the governing board that sets the licensing standards for law enforcement officers. The certification means officers can attend Sharp’s course to help fulfill continuing education requirements set by POST.
The class focuses on social engineering — the process of manipulating people’s behavior — because that’s how the vast majority of current cyber attacks begin, Sharp told The Record. He said most people associate cyber crime with the idea of an expert computer hacker, but that most criminals don’t actually have that expertise. Instead, they use low-tech methods of manipulating people into giving them access to computer networks.
“Making a computer do something it wasn’t designed to do is almost impossible unless you know how to reprogram it. Getting the users of those computers to do something different is relatively simple,” Sharp explained. “Social engineering means manipulating people to do things that they wouldn’t normally do, or tell you things that they wouldn’t normally tell you.”
The seminar is available to any law enforcement or emergency agency, or any community organization, all at no cost, Sharp said. He commented that part of his job as director of Warren County’s Emergency Management Agency is to provide information about preparedness and prevention that can help anyone in the community avoid the impacts of natural or man-made emergencies.
He added that POST certified the social engineering seminar because of how important it has become for law enforcement officers to be aware of how these criminals operate.
“The most important part is the self-awareness of the information that we all put out there,” Sharp said. “Watch what you say, watch what you put on social media. … Be aware of what you’re casually saying about yourself that might make you a little more vulnerable than you might have been otherwise.
“I didn’t write (the course) specifically for law enforcement, but the folks at POST decided it was worthwhile to award credit for it because of the relevance of it,” he added.
Sharp noted that the POST certification for the social engineering class is actually the third of his seminars to receive continuing education certification. He also provides a presentation on organizing and responding to school shooter scenarios, and another on communicating with the public during a crisis.
For information about disaster prevention and preparedness, or to schedule an informational presentation, go online to www.warrencountyema.com, or email Sharp at jsharp@warrencountymo.org.
No comments on this item Please log in to comment by clicking here
Other items that may interest you
The Warren County Health Department is excited to announce the release of the organization’s new smartphone application.  This app will serve as a new way for the health department to …

View this issue
Browse other issues
103 E. Booneslick,
Warrenton, MO 63383
(636) 456-6397

source

A 76-year-old American woman recorded her statement before a magistrate in an Alipore court over video on Thursday in connection with an online fraud for which Kolkata police have arrested three men.
According to the complaint that was forwarded to Kolkata police by the FBI, the woman who lives in the US was duped by men allegedly posing as support staff of an anti-virus company over the phone.
Police said the woman had lost her life savings to the fraudsters. Her statement was recorded virtually under Section 164 of the CrPC.
The magisterial statement recording started around 5pm and took over five hours to complete, the police said.
Based on the communication received from the FBI, the police here said they learnt there were at least four American victims cheated by two or more people from Kolkata using the name “David” between April and June 2022.
“All these victims are senior citizens who were made to believe they were speaking to tech support persons for installation of antivirus software on their computers,” said an officer of the cyber cell at Lalbazar.
Based on details provided by their American counterparts, the police here started a case and arrested three men in January. Shizan Ali Haider and Mohammad Atif were arrested from Beniapukur in south Kolkata and Sabtain Ali Haider was picked up from Ajmer in Rajasthan.
During the investigation, the police said they found details of an IP address from where the alleged calls were made.
“On analysing the IP address and the internet router through which it was used, we zeroed in on the identity of the three suspects,” said an officer.
At least one of them had used a mobile app that helps conceal the IP address from where an internet connection is used.
The police found the same app on the phone of one of the three arrested. The phone and several laptops have been seized, the officer said.
Several Kolkatans and many across the globe get cheated over the phone by fraudsters who pose as customer care support teams or officials of e-commerce companies. The callers convince them to download screen-sharing apps on their phones that give the fraudsters access to the victims’ phones even if they are in another continent.
‘Charlie Chopra & The Mystery of Solang Valley’ will stream on SonyLIV
Certified skin-friendly colours for the festive season
Comfy, cool and pretty — all in one
A ‘saag’ recipe that you need to make today
The documentary will stream from March 17
Copyright © 2021 The Telegraph Online. All rights reserved.

source

Seven Russian men have been sanctioned by the UK and US for having links to recent ransomware attacks.
The UK's Foreign Office, along with US authorities, has released pictures of the men, frozen their assets and imposed travel restrictions.
US authorities have accused them of being members of loosely defined Russian-based hacking network Trickbot.
Ransomware strains Conti and Ryuk extorted at least £27m in ransoms from 149 British victims.
"This is a hugely significant moment for the UK and our collaborative efforts with the US to disrupt international cyber-criminals," said National Crime Agency director general Graeme Biggar.
"The sanctions are the first of their kind for the UK and signal the continuing campaign targeting those responsible for some of the most sophisticated and damaging ransomware that has impacted the UK and our allies," he said.
The National Cyber Security Centre, a part of GCHQ, has assessed that key group members are "highly likely" to have strong links to the Russian Intelligence Services from which they are sometimes directed.
No evidence was supplied to support this allegation.
The UK government categorises ransomware as a tier one national security threat with recent victims including UK schools, local authorities and firms.
The individuals sanctioned are: Vitaliy Kovalev, Valery Sedletski, Valentin Karyagin, Maksim Mikhailov, Dmitry Pleshevskiy, Mikhail Iskritskiy and Ivan Vakhromeyev.
Any arrests are impossible unless the accused leave the country.
The group behind the Conti strain has targeted hospitals, schools, businesses and local authorities, including the Scottish Environment Protection Agency.  It extorted $180m (£148m) in ransomware in 2021 alone, according to research from Chainalysis.
Ireland's Health Service Executive was targeted by Conti ransomware actors during the Covid pandemic, leading to disruption to blood tests, X-rays, CT scans, radiotherapy and chemotherapy appointments over 10 days. 
Another recent ransomware attack included Harrogate-based transportation and cold storage firm Reed Boardall, whose IT systems were under attack for nearly a week in 2021.
Although Conti disbanded in 2022, its members are thought to have continued their attacks under different guises.
This video can not be played
Businesses are being held to ransom by callous Ryuk cyber-criminals
Russia has for years denied that it is harbouring ransomware hackers, but cyber-security experts say there is compelling evidence that many of the criminal groups are co-ordinated from the country.
Many of the gangs operate on Russian-language forums, there are fewer attacks on Russian organisations, and the frequency of hacks dips during Russian public holidays.
The latest sanctions follow multinational efforts to disrupt ransomware crews, most recently by sabotaging the Hive ransomware crew and taking them offline.
Previously the US and UK worked together on sanctions issued against alleged members of cyber-crime group Evil Corp in 2020. Authorities allege that some of the men in the latest sanctions could have formerly worked for the group.
In 2021 the BBC went to Russia to try to track down the group and was told by a family member that the sanctions had made them fear for their safety.
Evil Corp: Searching for the world's most wanted hackers
Station master arrested after dozens killed in Greece train crash
Covid origin likely China lab incident – FBI chief
Ukraine war casts shadow over India's G20 ambitions
Ukraine war casts shadow over India's G20 ambitions
Blackpink lead top stars back on the road in Asia
Why the lab-leak theory is being taken seriously
India anti-corruption crusader fighting to clear his name
Exploring the rigging claims in Nigeria's elections
'Wales is in England' gaffe sparks TikToker's trip
Record numbers of guide dog volunteers after BBC story. VideoRecord numbers of guide dog volunteers after BBC story
Why the world faces a 'genomic gap'
DeSantis won't say he's running. What's he waiting for?
The iconic outfits that cause outrage
Why Gen Z are feeling stressed at work
NZ's battle with a ruthless predator
© 2023 BBC. The BBC is not responsible for the content of external sites. Read about our approach to external linking.

source

To enjoy additional benefits
CONNECT WITH US
February 07, 2023 12:17 pm | Updated 12:17 pm IST – VILLUPURAM
COMMents
SHARE
READ LATER
A police official addressing a gathering about the do’s and don’t of online behaviour in Villupuram | Photo Credit: Special Arrangement
In an effort to contain the growing number of cyber crime offences, the Villupuram district police have launched an intensive awareness campaign to inform school and college students as well as the general public about how to avoid falling for online scams/fraudulent deals.
Villupuram Superintendent of Police N. Shreenatha said the ‘Safe Surfing’ campaign launched on Monday, would cover over 50 educational institutions across the district. The campaign will go on until February 10. “We are creating awareness among the people about the do’s and don’ts when it comes to online behaviour,” he said.
In the event of fraud, people are being advised to dial 1930, the cyber crime control room and report the incident immediately. People can also file complaints on the National Cyber Crime Reporting Portal (https://www.cybercrime.gov.in), he said.  
Additional Deputy Superintendent of Police (Cyber Crime) P. Govindaraju said police personnel will explain how online banking scams operate, including the issue of fake online scratch cards that go under the name of social commerce platforms, loan apps, and ransomware attacks. He said the most common form of online scams are part-time job offers where fraudsters, creating fake versions of pages of popular websites, hoodwink gullible victims.
The public should also refrain from sharing one-time passwords (OTPs) with fraudsters who contact debit or credit card users claiming that their cards have expired or that they are eligible to redeem certain ‘reward points.
Passwords and other account information including ATM card details and PIN numbers are sensitive pieces of information that should not be disclosed over the phone or on email. Hence, the public should not disclose these details to strangers, Mr. Govindaraju added.
COMMents
SHARE
Tamil Nadu / cyber crime / police
BACK TO TOP
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.

source

Topics
Telangana | cyber crime | Cyberattacks
Press Trust of India  |  Hyderabad 
Last Updated at February 7, 2023 18:03 IST
https://mybs.in/2cCKGsR

Cyber crimes in Telangana have doubled to 10,303 cases in 2021 from 5,025 cases in 2020 with Cyberabad topping the chart with 4,412 felonies, according to a report.
Revealing data, the Telangana Socio Economic Outlook 2023 said,"As many as 10,303 cases of cyber crime were registered in 2021 as against 5,025 cases in 2020, an increase of 105.03 per cent. The highest number of cases were reported from the police commissionerates of Cyberabad (4,412) followed by Hyderabad (3,303) and Rachakonda (1,548), it said.
Cyber crime is a rapidly evolving transnational crime committed across borders and affects individuals and societies globally, said the report. It said the Telangana government is trying to use technical assistance in capacity-building, prevention, creating awareness, increasing cooperation, collecting data, researching and analysing cybercrime, the report said.
The Telangana Cyber Crime Coordination Centre (T4C) was set up in 2021 to provide round-the-clock assistance to victims of cyber fraud. The T4C has a 24×7 call centre that helps coordinate with district police in the registration, investigation and detection of cyber crime, it said.
T4C has successfully prevented almost Rs 30 crore of public money from reaching the hands of cyber fraudsters. The State has also created Telangana Cyber Security Policy 2016 to address cyber security issues.
(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)
Exclusive Stories, Curated Newsletters, 26 years of Archives, E-paper, and more!
Insightful news, sharp views, newsletters, e-paper, and more! Unlock incisive commentary only on Business Standard.
Download the Business Standard App for latest Business News and Market News .
First Published: Tue, February 07 2023. 18:03 IST

source