A STUDY OF CYBER ATTACKS AND CYBER SECURITY:

NEW TRENDS AND THE CURRENT DIGITAL ERA

Rukhsana Parveen, Afsana Parveen
Jamia Hamdard University (JHU), New Delhi, India

Abstract:
A cyber-attack is a terrible attempt to break up, damage, or want computer system, network, or
digital device to get unlicensed approach. Cyber-attacks encompass a range of strategies,
including but not limited to malware infections, phishing schemes, denial of service attacks,
ransomware, and social engineering tactics. These malicious actions have the potential to
inflict substantial harm on individuals, businesses, and even entire systems or networks
nations, resulting in financial loss, identity theft, loss of reputation, and loss of critical data.
Cyber-attacks are becoming increasingly mundane, and cybercriminals are constantly
developing new technologies to bypass security measures and exploit attacks in computer
systems easily. To protect against cyber-attacks, individuals and organizations must
implement robust cybersecurity measures, including firewalls, antivirus software, data
encryption, access control, and employee training programs.

Keywords: Cyber- attack, Cybercrime, Cybersecurity, Android apps, social media

1. INTRODUCTION
A cyber-attack refers to any unauthorized effort aimed at accessing computer systems or
digital computing systems networks, intended to A cyber-attack is an act aimed at either
damaging or taking control of computer systems or obstructing their normal operation
manipulation or still data stored within these systems can be targeted by individuals or groups
launching cyber-attacks from virtually any location, utilizing one or more methods or tools
different methods. Hack into Government agencies, defense and advanced technology firms,
or criminal activities resulting in financial losses exceeding $1 million. To provide robust
security one has to understand the nature of cyber-attacks, an individual who employs a
computer to illicitly access data without proper authorization. Cyber-attacks occur every
39sec, with one hacker attack on the Internet on average, according to the University of
Maryland [1]. Now, how does this attack happen? Apparently, the hacker uses malicious code
Page | 1
and software to change computer code, logic, and data. With the advance use of the Internet
and smart technology, cyber-attacks are increasing with the highest amount of significant
cyber-attack since 2006. Nearly two-thirds of IT security professionals believe that a
successful cyber-attack is going to happen in 2019. Then, in 2018, the United States
experienced a significant surge in cyber-attacks, reporting 30 incidents during that year alone.
In May 2020, the NSA identified a case where Russian hackers were actively extracting
sensitive information from U.S. organizations, exploiting a vulnerability within a widely used
email server. In June 2020, Malicious software, or malware, was employed to execute cyber-
attacks targeting the digital infrastructure of nine human rights organizations based in India
acts. His keystrokes were logged, audio recorded, and his personal credentials were stolen. In
December 2020, Funke Media Group, one of Germany's major media organizations, became
the target of a ransomware attack, causing significant disruption and damage. About 6,000
computers were viruses, bringing job to a halt in the organization editorial offices
Additionally, several of its major printing facilities were also affected Cybercrime is projected
to result in a staggering economic cost of approximately $10.5 trillion to the global economy
by the year 2025. annually. That's about $20 million every minute.[2]

Cyber-attacks is a digital landscape, are consistently grabbing attention in the news, and the
reality is that anyone who uses a computer can potentially fall victim to such attacks. These
attacks come in various forms and can affect individuals at any time. sort of cyber tanks
ranging from.

Now, let’s talk about different types of cyberattack and how to prevent from attacks.

1.1 TYPE OF CYBER-ATTACK AND ITS PREVENTION

1.1.1 Main-in-the-Middle (MITM)
The Man in the Middle Attack is the major cyber-attack that has become notorious in recent
years. In short, this attack intercepts data transfer or other digital communications – in which
the attacker lives under the guise of a legitimate participant and transmits the message between
two parties who believe they are communicating with each other or the

The hacker inserts themselves between your network connection, effectively positioning themselves
within the data flow and online login credentials such as the server. Amount details, or credit
card numbers, in real time.

Example: You don't have mobile data, so you need to connect to public Wi-Fi. Then you
have to buy something from a random online store. And in a few days, your bank account

Page | 2
 balance drops to zero.

How it works: Various online security flaws can allow man-in-the-middle-attack to be

executed. The steps usually follow a particular path, or attack progression, in which the
attacker first intercepts traffic and then ignores it to obtain valuable data. Inhibition can
occur in several ways. The easiest is to set up an open network where users can easily
log-in and then steal their data exchanges. Numerous public networks are vulnerable to
man-in-the-middle attacks, which can lead to cybercriminals being able to read, steal,
or modify your data, or read traffic without anyone noticing.

Prevent:
 Always use a secure and trusted internet connection when accessing
sensitive information
 Install and use reputable antivirus and anti-malware software on your device.
 Avoid connecting to public Wi-Fi.
 Verify the authenticity of websites and emails before sharing personal information or
clicking on links.
 Use encrypted communication methods such as SS and HTTPS to protect against
MitM attacks.

1.1.2 Phishing
Phishing attacks are In cases of cyber-terrorism, attackers may employ deceptive phone calls
or emails containing clickable links to deceive their targets to get sensitive and confidential
information like passwords, credit cards, etc.

Example: You receive An email allegedly sent by a bank, urgently requesting you to update
your credit card PIN within a 24-hour timeframe. This is a security measure that recognizes
the severity of the message that you follow from your current credit card PIN and the link in
the email when the allegedly updated giveaway.

How it works: Phishing attacks start with a fraudulent message, which can be transmitted via
email or chat application, even using SMS conversations to take the form of legitimate
sources. Regardless of the way the message is transmitted, it targets the victim in a way that
prompts them to open malicious links and provide important information on the necessary
website.

Prevent:
 Checked the link in the email for authenticity and that it redirected to a secure
website running the HTTPS protocol.
 Even the message should not be heeded.
Page | 3
  Avoid entering private information on random websites.
 Pop-up windows no matter how legitimate they are.

1.1.3 Drive-by Download Attack

Cyberterrorists frequently employ drive-by attacks to disseminate malware while you're
browsing a website. In these attacks, malicious software is surreptitiously installed in the
background or without your awareness, and these tactics can become increasingly
sophisticated, they target the insecure websites.

Example: This can happen when you visit a website, open an email attachment, or click a
link.

How it’s work: If your browser is running an outdated and vulnerable version of Flash,
visiting a website can become a potential threat. In
such cases, the specific version of Flash can be
targeted for exploitation, and upon visiting the site,
Flash may activate to clandestinely download
something in the background, such as ransomware,
which is then automatically executed, causing an
infection in your system. Another avenue of risk is
through compromised ad networks. While browsing a
familiar news site, for instance, an advertisement on
the right side of the screen could exploit a
vulnerability in your browser, initiating a download that infects your system. Given the
ease of execution and the susceptibility of users, drive-by attacks pose a significant
security risk. Fig. 1 Drive-by download attack

Downloads of this kind can be discreetly embedded within seemingly innocent and ordinary
websites. You could receive a link via email, text message, or a social media post, enticing you
to check out something intriguing on a particular site. As you engage with the content, such as
reading an article or enjoying a cartoon, the download quietly installs itself on your computer
without your knowledge.
Prevent:

 Ensure Keeping your internet browser and operating system current and regularly
updated is essential.
 Reduce the number of browser add-ons used.

Page | 4
1.1.4 Botnet attacks

Botnet systems These are networks where attackers have introduced malware, resulting in a
collection of compromised systems. into that are controlled by hacker the hacker use the
computers to do things like send spam email launch denial service attacks or even steal
personal information. Botnet attacks can be very serious and they’re becoming more and
more common so it’s important to be aware of them.

Example: In 2019, a botnet assault impacted several Indian organizations, including banks,
financial institutions, and government entities.
How it’s work: Uses a network of infected computers
known as Bots to carry out a malicious action the Bots
are usually controlled by a cybercriminal
who can use them to launch a variety of attacks botnet
attacks are usually launched by sending out emails or
messages that contain malware When the recipient
clicks the link or opens the attachment, their computer
gets compromised by the malware. and becomes part of
the botnet the cybercriminal then has control of the bot
and can use it to carry out various attacks. Botnet attacks
can be very damaging and can cause a lot of disruption Fig.2 Botnet attack

it can be difficult to defend against because the Bots can

be spread all over the world and can be used to launch
attacks at any time, fortunately there are steps you can take
to protect yourself from botnets.
Prevent:
 Ensure that all your computer's software is kept current, including your operating
system and web browser any plugins or extensions you use outdated software is often
full of security holes that botnet attack can exploit.
 Install a reliable antivirus program and ensure it remains regularly updated. antivirus
program can detect and remove botnet malware from your computer.
 Be careful about the links you click and the attachments you open botnet.
If you think you’re been botnet attacked so what will you do? The first thing you should do is
Disconnect your device from the internet as a precautionary measure to prevent attackers
Page | 5
 from exploiting it your device to launch further attacks once you’ve disconnected from the
internet you should run a full malware scan on your device to remove any malicious software
that may have been installed.

1.1.5 Social Engineering Attacks

Social engineering attackers aim to exploit vulnerabilities within systems by manipulating
and deceiving users. They often pose as employees, vendors, or support personnel to gain the
trust of individuals who are naturally inclined to assist others. These attackers use this trust to
their advantage, coaxing users into divulging information that compromises data security.
This category of cyber-threats encompasses techniques like email phishing, which is perhaps
the most prevalent form of social engineering.
ExampleIf you frequently use the internet; you may have come across enticing pop-ups and
emails proclaiming that you've won a prize like an iPhone or something similar. These tactics
are employed by malicious actors to entice you into clicking on a link, which ultimately
introduces malware onto your system. This approach is what characterizes social engineering,
where attackers manipulate users' reactions by presenting fake offers or scenarios. It exploits
human psychology to lead people into making security
errors and divulging confidential information. These
attacks hinge on the presentation of offers that seem
exceptionally attractive but are, in reality, too good to
be true.
Prevent:
• Refrain from opening suspicious emails and their
attachments.
• Exercise caution when sharing personal information.
• Stay vigilant against enticing offers that seem too
good to be true.

• Implement multi-factor authentication for added security

.Install an antimalware and ensure it updated.

Fig.3 Social Engineering Attack
1.1.6 Malware attacks
Malicious software, often referred to as malware, encompasses any unwanted software
introduced into your system without your consent. Malware represents a category of harmful
software capable of causing damage to your computer, compromising your data, or even
posing risks to your personal security. The earliest manifestation of malware was the computer
Page | 6
 virus. Over the past two decades, advancements in technology, computing, and software have
led to increased sophistication and a higher incidence of malicious software.
Indicators of this situation include your computer exhibiting performance issues, such as
slowing down or overheating. You might notice unfamiliar apps or programs that you don't
recall downloading, and existing software may not function correctly, leading to crashes.
These negative outcomes can be initiated by various user actions, with the most common
trigger being a click, usually on a link or pop-up.
Example: The descriptions in such cases often contain attention-grabbing phrases like "Claim
your prize" or "Your account has been compromised." They may urge you to log in and verify
recent charges.
How it’s work: Frequently, after clicking the link, a pop-up appears promptly, conveying
messages like, "Your system is infected! Click here to run a scan." Subsequently, even if the
user doesn't intentionally choose to download
anything, the next click often initiates the delivery of
a harmful payload of the options and instead tries to
close the program using the corner X.

After the program is downloaded, it starts initiating

unauthorized activities on the system, including but
not limited to:
- Making unsanctioned charges.
- Monitoring user behavior.
- Displaying intrusive pop-ups.
- Altering search engine results.
- Adding icons to the desktop.
- Redirecting to unfamiliar or potentially harmful websites
Prevent:

 Keep software up-to-date.

 Use antivirus software. Fig.4 Malware Attack

 Use firewall.
 Practice safe browsing habits.
 Use strong passwords.

1.1.7 SQL Injection Attack

It seems like you're trying to provide some information about SQL (Structured Query
Page | 7
Language) and SQL injection attacks, but there are a few inaccuracies and incomplete
statements in your message. Let me clarify and expand on these topics:
Example: A common scenario on web applications involves user authentication, where users
are required to input their username and password. These credentials are then sent to the
backend database for validation, ensuring that the user has the correct login information before
granting access. However, this process can be vulnerable to SQL injection attacks, which occur
when a malicious actor inserts specially crafted data containing SQL code into the input fields.
Instead of authenticating the user, this injected SQL code can manipulate the application's
queries and potentially wreak havoc.

How it’s work: Imagine a scenario where a hacker is targeting a website that contains
sensitive data stored in its database. The website includes a login page, and the hacker suspects
that this login page provides a potential entry point to access the valuable database. In typical
web application architecture, the login page serves as a gateway for users to access their
accounts. When users input their username and password and click the login button, a series of
steps occur.

So, how do you go about preventing SQL injection attacks.

Prevent:

 Validate input.
 Parameterized queries.
 Prepared statement.
Fig.5 SQL Injection attack
 Escape all user supplied input.

1.1.8 Cross-Site Scripting (XSS)

If can hack websites with just html and JavaScript, will you believe that? But yes, one can
your html and JavaScript to hack a website which possible through Cross-Site Scripting
(XSS) attacks represent one of the most prevalent forms of cyberattacks targeting websites
today. These attacks have become widespread, and they pose a significant threat to web
applications, especially those that depend on JavaScript functionality.
XSS involves third-party websites injecting malicious JavaScript code into a target's web
browser.
Example: On popular game “Fortnite” in 2019 allowing hackers to access all Fortnite users’
data.

Page | 8
 How it’s work: When we visit a website, we send a request to the website to access the
requested data and then responses is displayed in our web browser in cross site scripting
attacks attackers inject malicious code into the website after the counting to the type of cross
side scripting attack perform malicious code is then sent to the victim or it gets stored on the
website and then When someone visits the website that malicious script gets executed on the
visitors device. The most common location where attackers insert their malicious code on
websites is search fields input fields like the form of the websites or comment section or any
page that displays user supplied data.

Prevent:
 Validate user input: Ensure that any data receive from user input is validated on both
the client-site and server-side.
 Use output encoding: On user generated content that is displayed on the website
should be properly encoded.
 Implement Content Security Policy (CSP) and its purpose in specifying which
resources are permitted to be loaded by a web page.
 Make cookies as HTTPS-only: Cookies can be used to store session information
 Keep software updated.

1.1.9 Password attack

Password attacks represent a prevalent and serious threat to user account authentication. In
2020, they played a significant role in data breaches, accounting for more than 81% of
reported incidents. These attacks exploit vulnerabilities in the authentication systems, often
combining flawed authorization mechanisms with automated tools to guess and crack
passwords. Threat actors, including cybercriminals, utilize password-based authentication
mechanisms as a primary means to gain unauthorized access to sensitive user information.

Example: Yahoo data breaches between 2013 and 2014 that compromised the personal
information, including passwords, of the three billion Yahoo user accounts. The attackers used
a variety of techniques, including phishing and stolen credentials, to gain access to the user
data.

How it’s work: A hacker wants to gain access to a user’s bank account. They might start by
using the explanation of a brute force attack, which involves attempting every conceivable
character combinations until they find the correct password. If that doesn’t work, they might
try a dictionary attack using a list of common passwords or personal information about the
Page | 9
user to guess the password.
If those methods fail, the hacker might try a phishing
attack. They might send an email to the user, pretending
to be from the bank, and ask them to click on a link to
log into their account. The link takes the Redirecting a
user to a counterfeit login page that closely mimics the
appearance of the genuine ones, but is actually controlled
by the hacker. When the users enter their password, the
hacker captures it, and can use it to access the user
account.

Prevent:
 Use strong, Unique passwords. Fig. 6 Password Attack

 Enable Two-factor authentication.

 Be careful of suspicious emails or messages.
 Ensure that your software remains current and receives regular updates.
 Manage password through password manager.

1.1.10 Denial of Service (DoS)

Your systems are When everything appears to go up in smoke, and your system grinds to a
halt with a maxed-out CPU, it's a sign of a Denial of Service (DoS) attack, which targets a
system's availability. Among the various cyber-attacks, DoS attacks are notably widespread
that are floods a network or server with traffic, it’s carried out by creating a resource is
unavailable to the users. Typically done for malicious purposes.

Example: In 2006 Mirai botnet attack flooded Domain name system (DNS) provider Dyn’s
servers with traffic, making multiple high-traffic website such as Twitter, Amazon, and
Netflix to become inaccessible to the users.

How it’s work: In the early days of network computing, an individual could easily disrupt
users and websites through a method called a "Denial of Service" (DoS) attack. This involved
a single attacker focusing on a single target, utilizing just one computer and internet
connection. The attacker flooded the target server with packets, sending a high volume of
requests that closely resembled legitimate ones. This flood of requests overwhelmed the
server, making it challenging for the system to distinguish between valid and invalid requests.
The primary goal of a DoS attack was to saturate the server's bandwidth and computing
Page | 10
 resources to the point where it became inaccessible to other users.

Prevent:
 Strong network security measures.
 Deploying Using a Content Delivery Network (CDN) to efficiently distribute and
manage web traffic across numerous servers.
 Using rate-limiting
 Using blacklists or IP filtering.
 Educating users on best practices for network security, such as not clicking on the
species links or downloading unknown files.

1.1.11 Denial of Distributed Service (DDoS)

An attacker's malicious intention is to disrupt regular network traffic, often achieved by
inundating the target with an excessive volume of internet traffic—a situation commonly
referred to as a Distributed Denial of Service (DDoS) attack can take down a server by
sending too many requests for information exposing it and hampering. On an organization
usual business operation according to a survey from NetScout over 10 million ddos attacks
were launched to last year hackers unleashed ddos attacks on government healthcare financial
e-commerce companies streaming services and others disrupting business operations. This
type of attack takes place when numerous compromised networks or systems are used for
malicious purposes equipment around the world is submerged in flooding bandwidth of the
target system.[16]

Example: In 2018, DDoS attack on GitHub used Memcached amplification to generate a

massive amount of traffic that overwhelmed the company’s servers.

How it’s work: In a Distributed Denial of Service (DDoS) attack, the targeted server faces an
onslaught of traffic from multiple sources, ultimately overwhelming it. This onslaught
consumes the server's vital system resources, such as CPU and memory, and monopolizes
network bandwidth. Consequently, legitimate users trying to access the server experience
service denial. This manifests as slow-loading web pages and the familiar spinning "lag
wheel" on their screens.

So, how do attackers enlist other computers to participate in a DDoS attack? They employ
malicious software, crafting malware programs distributed across the internet, often hiding
them in websites or email attachments. When a vulnerable computer accesses these infected
sources or opens tainted email attachments, the malware silently installs itself without the
Page | 11
user's awareness. This recruitment process forms an army of compromised computers known
as a botnet.

A botnet isn't confined to just a few machines; it can encompass hundreds or even thousands
of computers scattered globally. This vast network can be controlled like an army awaiting
instructions from the attacker, who operates as a centralized command and control center for
the botnet. The attacker issues commands to all these computers, directing them to launch an
attack at a specific date and time. Once the designated moment arrives, the orchestrated DDoS
attack commences.

The duration of a DDoS attack can vary widely, lasting for hours or even days, depending on
the attacker's goals and resources.
Prevent:
 Implementing anti-DDoS solutions such as firewalls.
 Monitoring network traffic for unusual patterns and behaviors that may indicate
an attack.
 Enabling rate – limiting and traffic filtering to block traffic from suspicious
sources.
 Not open any link that you are not known of.
 Mitigate the attacks.

1.1.12 Inside attacks and data breaches

A data breach is a security incident that involves the unauthorized access or exposure of
sensitive or protected information, particularly personal data. It occurs when individuals or
entities gain access to this information without the proper authorization. Data breaches can
affect anyone, from individuals to government organizations, and can take various forms.

For instance, one significant concern is insider threats, where employees or former employees,
sometimes out of dissatisfaction, engage in activities that compromise data security. An

Page | 12
example is an employee using a colleague's computer to access files without permission, even
if no information is shared externally. Such unauthorized access is considered a breach,
whether intentional or not. Additionally, data breaches can also result from malicious insiders
who purposely access and share data with harmful intentions, even if they have legitimate
authorization to use that data.

The COVID-19 pandemic has brought about a shift in work culture, with remote work
becoming more widespread and accepted. However, this transition has given rise to new
security challenges across various industries. Enterprises are increasingly recognizing the
critical importance of cybersecurity in protecting sensitive data. The year 2020, in particular,
saw a notable increase in serious data breaches, underlining the urgency of robust
cybersecurity measures in our evolving digital landscape.

In July 15, 2020, Twitter accounts were hacked as part of a Bitcoin Scam, resulting in a
significant data breach [3].

In April 2020, credential-based data breach compromise over 500,000 Zoom accounts leading
to various malicious activities such as phishing attacks [4].

T-Mobile reported a data breach in August 2021 that compromise personal information of over
50 million customers due to unauthorized access to its systems [5].

How it’s work: A data breach happens when a person or group of people gain access to
sensitive or secure data. Usually that financial data or personal data. Credit card information,
banking information, what we call personally identifiable information or P.I.I. and that things
like your Social Security number, your date of birth, address health records.

So, most data are now stored in the cloud. We’re putting in a space where technically you can
access it anywhere, and that gives access not just to the employees who are working
everywhere and even anywhere, but to people who might want to gain unauthorized access.

Prevent:
 Update your software and upgrade your devices as soon as options are available.
 Use encrypted cloud services
 Use strong passwords and multi-factor authentication.
 Use a VPN, antivirus and firewall
 Inform low enforcement when experience a hack.
Page | 13
  Avoid clicking suspicious links.

1.1.13 Crypto jacking attacks

Hackers maybe secretly using your device to mine cryptocurrencies Crypto jacking Mining of
cryptocurrency with a user machine by hackers without the use Knowledge. Crypto jacking
attackers target the bandwidth and processing power of the user's computer my
cryptocurrency.

Example: The Tesla company experience executive checking attack in 2018 Where attacker
hacked into Tesla’s Kubernetes console to mine cryptocurrency by using the company’s cloud
computing resources without their knowledge.

How it’s work: Crypto Jackers can happen in two ways, one method is similar to a malware.
Clicking on a malicious link within an email can lead to the surreptitious installation of crypto
mining code on your computer. Once your device is infected, the crypto miner operates
continuously, covertly using your computer's resources to mine cryptocurrency in the
background. Another method known as drive-by crypto mining shares similarities with
malicious advertising exploits. In this approach, hackers insert JavaScript code into a
webpage, enabling them to mine cryptocurrency on the devices of visitors to that webpage.

The 2023 SonicWall Cyber Threat Report from SonicWall Capture Labs highlights a
concerning trend. According to the report, there was a significant 43% year-over-year increase
in cryptojacking attempts during 2022. This statistic underscores the growing prevalence of
cryptojacking as a cyber threat and the importance of staying vigilant against such attacks

.Prevent:
 Install and use reputable antivirus and antimalware software.
 Keep up-to-date your software and devices.
 Don’t click on any suspicious links or attachments.
 Use ad-blocking extensions on your web browser.

1.1.14 Eavesdropping attack

An eavesdropping attack involves a third party surreptitiously intercepting and monitoring

communication between two parties, all without the knowledge or consent of those involved.

Page | 14
This malicious act occurs when a hacker gains unauthorized access to data transmitted
between two devices, potentially leading to data interception, deletion, or modification.

Example: A hacker uses software or hardware to intercept and listen in on someone’s phone
or video call without their knowledge or consent.

How it’s work: Technically done by using specialized hardware or software to capture and
analyze network traffic or by physically tapping in the communicate line. The attacker can
then use information obtained through eavesdropping for malicious Purposes, such as stealing
sensitive data or conducting further attacks.

Prevent:

 Employ robust end-to-end encryption.

 Utilize a Virtual Private Network (VPN) for enhanced security.
 Maintain up-to-date software and systems to bolster your defense against
vulnerabilities.
 Avoid to connecting public wi-fi.
 Be caution of phishing.

1.1.15 Crypto Mining Malware Attack

Crypto mining malware is a form of malicious software that operates covertly on a victim's
computer, harnessing its processing power to mine cryptocurrency without the victim's
awareness or consent. In 2018, there was a notable surge in crypto mining malware incidents,
earning it the moniker "the year of crypto miners" based on recent research. Alarming
statistics revealed that illicit mining scripts or mining-related attacks constituted nearly one-
third of all cyberattacks during the first half of that year. Furthermore, crypto mining malware
isn't limited to exploiting individual computers; it also poses threats to crypto miners and
exchanges by hijacking their resources and operations the processing power of the computer.

Example: Crypto mining malware attack is the “Smominru” botnet, which infected 526,000
computers and generated millions of dollars in cryptocurrency for its operators.

The “Smominru” crypto-mining malware infected over half a million machines in 2020.

How it’s work: essentially crypto mining Cryptocurrency mining involves the utilization of
computational power to generate new blocks in the blockchain, particularly in
cryptocurrencies like Bitcoin. As the blockchain expands, additional computational resources
are required for this process. However, crypto mining crosses into malicious territory when it

Page | 15
 leverages the computational power of others without their explicit consent. Cybercriminals
have taken a keen interest in harnessing the computing capabilities of compromised systems
for cryptocurrency mining purposes. Their targets encompass a wide range of devices,
including Windows servers, laptops, Android devices, and even Internet of Things (IoT)
endpoints.

Prevent:

 Keep your operating system and software up to date.

 Use anti-malware software and keep it up to date.
 Use a pop-up blocker to avoid clicking on malicious ads.
 Be careful when downloading and installing software from the internet, especially
from untrusted sources.
 Use strong, unique passwords and enable two-factor authentication.

Humans are vulnerable, not the machines, machines just do what you program them to do, so
there is no way to actually exploit them. But 90%, or actually 95% of all cyberattacks and
scams happen because of human vulnerabilities.

2. PROTECT AGAINST CYBERATTACKS

Let us different strategies that organizations can use to protect themselves against cyberattacks.
2.1 Protect your files
Use encryption to password protect a folder or a file ensuring the security of your information
during storage and processing is of paramount importance [6].
2.2 Protect all with antivirus
Use employing an up-to-date anti-malware application can significantly bolster your PC's
defenses against viruses and various types of malicious software [6].
2.3 Secure payment
Use two-factor authentication, website protect payment information by encrypting the data
before transmitting it, establish a hosting platform and initiate the process of obtaining a
Secure Socket Layer (SSL) certificate for enhanced security [6].
2.4 Protect devises with antivirus
You can protect your computers by using firewall and antivirus software and by following best
practices for computer use.[6]

Page | 16
2.5 Check Website URL
A secure website’s URL should begin with “https” rather than “http”. You can use the URL
Constructor to check if a string is a valid URL.[6]

2.6 Check your Privacy Setting

Privacy settings are features found on numerous websites and applications that enable
users to restrict access to their profiles and determine the level of information visible to
visitors [6].

3. IMPACT OF CYBER ATTACK

Cyberattacks can have a wide range of impacts, both in terms of their immediate effects on
targeted systems and in their broader implications for organizations and society as a whole.
Here are some potential impacts of cyberattacks:

3.1 Financial Losses

Financial losses from cyberattacks may include stolen money, lost income, or expenses for
recovering systems and data. This might take the shape of money that has been taken, lost
income, or expenses related to recovering systems and data [7].

3.2 Reputational Damages

Cyberattacks may significantly harm an organization's reputation, especially if confidential
information is taken or systems are down. Customers, investors, and other stakeholders may
lose faith in the company as a result, which might have long-term negative financial effects
[7].

3.3 Legal Liabilities

If determined to have been careless in their security practices or to have disregarded
regulatory obligations, organizations that have been the target of cyberattacks may be held
legally liable. Suits, fines, and other legal sanctions are some examples of this [7].

3.4 National Security Risk

Cyber assaults may infiltrate military systems, steal sensitive information, and damage vital
infrastructure, all of which have an impact on national security. Geopolitical ramifications
and international war may result from this [7].

Page | 17
3.5 Public Safety Risk
Public safety can be directly threatened by cyberattacks that compromise medical care, cause
accidents, or cause service interruptions [7].

3.6 Social Effect

Cyberattacks can have significant social repercussions, encompassing disruptions in people's
daily routines, heightened concerns, and a erosion of trust in technology [7].

4. PREVENTION OF CYBER ATTACK

So, how can you defend against cybercrime? Some of the greatest approaches to cyberattack
defense include:

4.1 Create Unique Password

When it comes to passphrases, length trumps complexity. A strong password Create a
password that is a minimum of 12 characters in length, incorporating a mix of uppercase and
lowercase letters, numbers, and symbols. Avoid using the same password across multiple
accounts [8].

4.2 Two-Factor Authorization

Strong Password are insufficient. When provided, always to Implement two-factor
authentication (2FA) as part of multi-factor authentication, which can include methods like
biometrics, security keys, or the use of unique one-time passcodes via a dedicated app [8].

4.3 Use Caution

Think about what you post about yourself and others online. Consider what the post reveals,
who might see it, and how it might affect others [8].

4.3 Keep Your Machine Clean

To mitigate the risk of ransomware and malware infections, it's advisable to keep the software
on internet-connected devices such as personal smartphones, laptops, and tablets regularly
updated. Consider configuring your devices to either update automatically or notify you when
new updates become available [8].

4.4 Back It Up
Safeguard your precious digital assets, including work, music, photos, and more, by creating
electronic copies and securely storing them. Remember the 3-2-1 rules: keep at least 3 copies
of your data, with 2 backpack copies on different media storage, 1 of which is located offsite
Page | 18
[8].

4.5 Get Savvy with Wi-Fi Hotspots

Public wireless networks and hotspots lack security, making it possible for unauthorized
individuals to potentially intercept your online activities when using your laptop or smartphone.
It's advisable to restrict your actions on public Wi-Fi and refrain from logging into critical
accounts like email or financial services. For added security, contemplate the use of a Virtual
Private Network (VPN) or your Personal Mobile Hotspot when seeking a more secure
connection [8].

4.6 Own Your Online Presence

Whenever you register for a new account, install a new app, or acquire a new device, take the
time to adjust the privacy and security settings according to your preferences and comfort
level for your information. It also important to regularly check these settings to ensure they are
still to your preference [8].

4.7 When in Doubt, Through it Out

Hyperlinks embedded in emails, text messages, online advertisements, social media posts, and
messages present the most straightforward avenue for cybercriminals to access your sensitive
data. Exercise caution when it comes to clicking on or downloading content from unfamiliar
sources or when it's unexpected. Bin it and report it where possible [8].

5. CYBERCRIME AND LOW-ENFORCEMENT

For law enforcement organizations all across the world, cybercrime is a serious issue that has
become increasingly challenging. The following are some significant challenges with
cybercrime and law enforcement:

5.1 Challenges with jurisdiction

One of the main problems facing law enforcement organizations is jurisdiction. It can be
challenging to determine which law enforcement agency has jurisdiction over a specific case
because cyberattacks can come from anywhere in the globe and can target organizations across
borders. This may complicate investigations and make it more challenging to convict
cybercriminals.[9]

5.2 Technical challenges

Page | 19
The technical complexity of cybercrime investigations is another issue facing law enforcement
organizations. Investigations may need specialized technical knowledge and equipment
because cybercriminals frequently employ sophisticated techniques to hide their identities and
cover their tracks.[8][9]

5.3 Attack tracing

If the attacker used tools like TOR or other anonymizing techniques, it may be challenging to
identify the source of a cyberattack. As a result, behind cyberattacks it may be difficult to
locate and capture the people or organizations.[9]

5.4 International cooperation

International cooperation is crucial for efficient law enforcement because cybercrime is a
worldwide problem. However, it can be challenging to coordinate investigations and share
information across borders due to disparities in legal frameworks and cultural norms.[9]

5.5 Building capacity

Many law enforcement agencies are also struggling to build the capacity and expertise needed
to effectively investigate and prosecute cybercrime. This can require significant investment in
training, technology, and personnel.[10]

Despite these challenges, law enforcement agencies around the world are working to develop
new cybercrime strategies and tools to combat cybercrime. This includes collaboration with
the private sector, increased investment in technology and training, and the creation of
international cooperation agreements and protocols. However, because cybercrime is
continually evolving, law enforcement organizations must continue to be alert and flexible in
their attempts to counter this expanding threat.[11]

6. CYBER ATTACKS ON CURRENT YEAR

IT Governance has issued its monthly assessment of the latest cyberattacks in March 2023.
During that month, cyberattacks globally compromised a staggering 41.9 million records, as
reported by IT Governance, a leading provider of cyber risk and privacy management
solutions. Notably, IT Governance detected 100 publicly disclosed security incidents, marking
a slight decrease from 106 incidents in February. It's worth highlighting that this year's March
statistics continue to reflect a concerning upward trend when compared to the same month in
Page | 20
the previous year, with an alarming 951% increase since March 2022 [12].

Cyberattack on All India Institute of Medical Science (AIIMS) and Safdarjung Hospital

In November 2023, the All-India Institute of Medical Science in Delhi encountered a

cyberattack, paralyzing its servers. A server and 5000 computers were hacked, hacker demand
unlocked for 200cr in cryptocurrency. There was an attempt to hack in June 2020 as well.

After the recent cyberattack at all India Institute of Medical Science (AIIMS) Delhi,
Safdarjung Hospital officials reported a cyberattack targeting the hospital hit by a cyberattack
in mid-November, official said on Friday.

However, the damage was not as server as it had been for the AIIMS hospitalIn contrast to
AIIMS, the cyberattack that occurred at Safdarjung Hospital was not a ransomware attack,
but it did result in the hospital's IP being blocked. Services at Safdarjung Hospital have not
been severely impacted, as the hospital has been able to maintain its outpatient services
through manual operations. However, at AIIMS, the server remains inaccessible since the
cyberattack on November 23. This has necessitated the shift to manual operation mode for all
hospital services, including inpatient care and laboratory services. It is anticipated that
services will gradually resume manually in the middle of the coming week. As part of
recovery efforts, approximately 3000 computers have undergone scanning, and antivirus
software has been deployed to enhance future security measures [13].
Fig.7 Safdarjung Cyber Attack and AIIMS Ransomware Attack

6.1 Cyberattack on Indian Council of Medical Research (ICMR)

Page | 21
Just days after a massive ransomware attack or names websites hackers tried to attack Apex
health research Body ICMR’s website hack attempt 6,000 times in a span of 24 hours in
November 30, hacker traced two blacklisted IP
address ICMR’s firewall stole hackers.
According to a government official the attacks
on ICMR’s website were made from Hong
Kong but the website could not be hacked due
to updated firewall security a detailed report on
the hacking attempt is being prepared by the Fig. 8 ICMR Attack
national informatics center.[14]

6.2 Cyberattack on SpiceJet Airline

On Tuesday, May 25, 2022, SpiceJet, an Indian
airline, reported that its systems experienced an
attempted ransomware attack, resulting in flight
delays and inconveniences for many passengers
standards at airport services. The company
confirmed that on 24 May night, its system was
attacked by ransomware that led to the slow
Fig.9 SpiceJet Ransomware Attack
departure of flights the next day morning.
SpiceJet tweeted a statement said that some of its systems hit with cyberattack and slowed
down morning flights. But its IT team has contained the situation and the operations were
normal.
Hackers breached the servers of Air India Ltd., gaining unauthorized access to the personal
information of 4.5 million passengers, as reported by the nation's flagship carrier. The breach
affected passengers who had registered their personal data between August 2011 and February
2021, according to a statement shared via Twitter by the airline.
The second-largest airline in India, SpiceJet, encountered a cyberattack, resulting in hundreds
of passengers being stranded. In March 2021, the Indian airline SpiceJet reported A data breach
compromising personal information of over 1.2 million passengers was exposed. The breach
was caused by a cyberattack on one of the airline's servers by an unknown threat actor. The
compromised data encompassed names, phone numbers, and email addresses, and some credit
card details. SpiceJet notified affected customers and took measures to enhance their
Page | 22
cybersecurity to prevent future attacks [15].

6.3 Cyberattack on Oil India Limited

In June 2020, Oil India Limited, a major Indian
public sector undertaking in the oil and gas
industry, was hit by a ransomware attack that
disrupted its communication systems and internal
operations. The attackers demanded a ransom of
100 crore (approximately $13 million) to release
the data that they had stolen from the company's
servers. The company responded by shutting
Fig.10 Cyberattack on Oil India Limited
down its entire network to prevent further
damage and restore the affected systems. The
incident led to a significant disruption in the
company's operations and services. IT expert
team install superior antivirus on every system so
that such incident doesn’t occur again.[16]

6.4 Cyberattack on Tech Mahindra

Malware attacks were done on 27 servers of the country's renowned IT company Tech
Mahindra. "The compromised data encompassed names, phone numbers, and email addresses’
servers of the Chinchwad Smart City Project fell victim to a ransomware attack, resulting in an
estimated loss of Rs 5 crore. The perpetrators are demanding a ransom
Fig.11 of Rson5 Tech
Cyberattack croreMahindra
to be paid
in bitcoins..
On February 26, the attack targeted the project, which encompassed critical details concerning
the city's network, smart water management, sewerage systems, traffic control, parking
management, environmental monitoring, CCTV surveillance, data center operations, and
disaster recovery center, among other aspects.
6.5 Cyberattack on Tata Power
6.6 Reports emerged last year of Chinese hackers targeting key power infrastructure in India.
In October 2022, Tata Power, a major Indian energy company, acknowledged a cyberattack
on its IT infrastructure, resulting in disruptions to some of its IT systems, as stated in a BSE

Page | 23
 filing from the company's Mumbai headquarters. Tata Power, a subsidiary of the
multinational conglomerate Tata Group, is India's largest integrated power firm,
headquartered in Mumbai and serving over 12 million customers through its distribution
networks. On October 14, Tata Power confirmed that it had fallen victim to a cyberattack
that affected certain IT systems.
6.7
6.8 The Hive ransomware group has claimed responsibility for this recent attack on Tata
Power and has initiated the release of stolen employee data. The disclosure of this stolen
data implies that any attempts to negotiate a ransom payment were unsuccessful.
The compromised employee data includes
sensitive details like Aadhaar national identity
card numbers, tax account numbers, salary
records, residential addresses, and contact
numbers. This leaked information, made
available on Hive's dark web leak platform on
October 24, extends to encompass engineering
blueprints, financial and banking documents,
client records, and certain private keys. In
response to growing cybersecurity concerns, the
central government has established a Computer
Fig.12 Cyberattack on Tata Power
Emergency Response Team under the Ministry
of Power to serve as the primary agency responsible for coordinating all cybersecurity-
related matters.

7. DISCUSSION & CONCLUSION

In today's digital era, cyberattack have become an increasingly common concern, with a wide
variety of possible consequences for organizations, people, and society as a whole. Cyber
assaults can have financial, reputational, legal, and even national security and public safety
consequences. Addressing the threat of cyber assaults necessitates a collaborative effort from
a wide range of stakeholders, including governments, law enforcement agencies, private
businesses, and individuals. To limit the risks and consequences of cybercrime, an effective
response to cyber assaults will require a mix of technical competence, regulatory frameworks,
international collaboration, and public awareness. To create a safe and resilient digital
environment, it is critical to be aware and proactive in addressing cyber risks as technology
evolves.
Page | 24
REFERENCE:

1. https://pin.it/5Vetdlf
2. https://pin.it/4Y50lsE
3. https://pin.it/60tJMc9
4. https://theprint.in/india/indias-had-its-worst-year-of-cyberattacks-but-2023-will-see-
govt-firms-ramp-up-defences/1286441/#google_vignette
5. https://en.m.wikipedia.org/wiki/2020_Twitter_account_hijacking#:~:text=On%20July
6. %2015%2C%202020%2C%20between,to%20promote%20a%20bitcoin%20scam.
7. https://yourstory.com/2020/04/zoom-hacked-accounts-selling-dark-web-privacy-
nightmare
8. https://www.t-mobile.com/news/network/cyberattack-against-tmobile-and-our-
customers
9. https://pin.it/5fPzG5Z
10. https://en.m.wikipedia.org/wiki/Cyberattack#:~:text=An%20organization%20can%20 be
%20vulnerable,to%20errors%20in%20the%20output
11. https://pin.it/1t3h1u6
12. https://cybercrime.gov.in/#:~:text=National%20police%20helpline%20number%20is,
Cyber%20Crime%20Helpline%20is%201930
13. https://www.itgovernance.eu/blog/en/cyber-attacks-and-data-breaches-in-review-
march-2023
14. https://economictimes.indiatimes.com/tech/technology/aiims-cyber-attack-took-place-
due-to-improper-network-segmentation-govt-in-rs/articleshow/97805598.cms
15. https://m.timesofindia.com/india/after-cyberattack-on-aiims-icmr-website-faces-6000-
hacking-attempts/amp_articleshow/96031036.cms
16. https://www.vinchin.com/en/news/indian-second-largest-airline-spicejet-faced-cyber-
attack-hundreds-of-passengers-stranded.html
17. https://timesofindia.indiatimes.com/city/guwahati/assam-cyberattack-in-oil-indias-
headquarters-attackers-demand-over-rs-57-crore-as-
ransom/articleshow/91067771.cms
18. https://trak.in/tags/business/2021/03/15/tech-mahindra-hit-by-ransomware-attack-
spends-rs-5-cr-to-restore-servers-will-govt-pay/
19. https://techcrunch.com/2022/10/25/tata-power-hive-ransomware/
Page | 25
20. Fig.7 https://twitter.com/ANI/status/1595421417411325953?lang=en
21. Fig.8https://twitter.com/MirrorNow/status/1600122931434110977?ref_src=twsrc%5E tfw
22. Fig.9 https://twitter.com/flyspicejet/status/1529394577127645188?lang=en
23. Fig.10 https://twitter.com/bitinning/status/1514860988167712772
24. Fig.11 https://twitter.com/ET_CIO/status/1371687734973067266
25. Fig.12 https://twitter.com/Reuters/status/1580953250118963202

REFERENCES

Page | 26