Few instances of well-known cybercrimes from the past:
Olympic Destroyer (2018): The Olympic Destroyer cyberattack occurred during the opening ceremony of the 2018 Winter Olympics in Pyeongchang, South Korea. The attack disrupted the event’s IT infrastructure, including Wi-Fi networks, the official website, and ticketing systems. It was a sophisticated attack designed to create chaos and confusion, and it initially appeared to be the work of state-sponsored actors.
Ransomware Attack – WannaCry (2017): The WannaCry ransomware attack targeted computers running Microsoft Windows in May 2017. It spread rapidly across the globe, affecting hundreds of thousands of computers in more than 150 countries, including India. Several Indian institutions, including some banks, were impacted by the attack. The ransomware encrypted users’ data and demanded a ransom in Bitcoin to unlock the files. It notably affected various organizations, including the UK’s National Health Service (NHS), causing disruptions to healthcare services.
NotPetya (2017): NotPetya was a destructive malware that initially appeared to be a variant of the Petya ransomware. It spread rapidly across networks and targeted organizations primarily in Ukraine but also impacted many international companies. NotPetya caused significant financial losses by disrupting critical systems and destroying data. The attack was attributed to Russia, but its precise purpose remains unclear.
Large-scale Data Breach – Equifax (2017): In 2017, Equifax, one of the major credit reporting agencies in the United States, suffered a massive data breach. Hackers gained unauthorized access to the personal information of approximately 147 million Americans, including names, Social Security numbers, birth dates, addresses, and, in some cases, driver’s license numbers. The breach was a severe blow to consumer trust and raised concerns about data security.
Distributed Denial of Service (DDoS) Attack – Dyn Attack (2016): In October 2016, a massive DDoS attack targeted Dyn, a major DNS provider. The attack disrupted access to popular websites and services like Twitter, Reddit, Spotify, and GitHub, among others. Cybercriminals used a botnet composed of insecure Internet of Things (IoT) devices to flood Dyn’s servers with traffic, leading to widespread outages.
Financial Cybercrime – Carbanak (2013-2016): The Carbanak cybercriminal group targeted banks worldwide from 2013 to 2016. Using sophisticated malware and social engineering techniques, they stole hundreds of millions of dollars from banks in various countries, including the United States, Russia, and several European nations.
Cyber Espionage – Stuxnet (2010): Stuxnet was a highly sophisticated worm that targeted Iran’s nuclear program. It specifically aimed to sabotage centrifuges used for uranium enrichment. It is widely believed to have been a joint cyber operation by the United States and Israel.
Operation Aurora (2009): Operation Aurora was a series of coordinated cyberattacks targeting several major technology companies, including Google, Adobe, and Juniper Networks. The attackers exploited vulnerabilities in Internet Explorer to gain unauthorized access to corporate networks. The motive behind the attacks was believed to be intellectual property theft and espionage, with China being suspected as the originator.
Identity Theft – TJX Companies (2007): In 2007, TJX Companies, the parent company of retailers like T.J. Maxx and Marshalls, suffered a massive data breach. Hackers stole data from over 94 million credit and debit card accounts over a period of several years, making it one of the largest retail data breaches in history.
Few major cybercrime occurrences in India
The Cyber Underworld: Exploring the Shadows of Digital Crime
Social Media Hacking – Twitter Account Hacks (2020): Several high-profile Twitter accounts in India, including those of politicians and celebrities, were hacked in 2020. The attackers used the compromised accounts to spread misinformation and promote cryptocurrency scams.
Instances of social media account hacking and cyberbullying are common in India. Hackers gain access to individuals’ social media accounts and use them for spreading false information, defamatory content, or engaging in harassment. These incidents can cause reputational damage and emotional distress to the victims.
Cyber Espionage – Chinese Hacking Group (2019): In 2019, a Chinese state-sponsored hacking group was reported to have targeted Indian government agencies and organizations. The group, known as APT41, engaged in cyber espionage and data theft, posing a threat to national security and sensitive information.
Large-scale Data Breach – Aadhaar Data Leak (2018): Aadhaar is India’s biometric-based national identification system. In 2018, it was reported that the personal data of millions of Aadhaar users was available for purchase on the dark web. The leaked data included names, Aadhaar numbers, and other personal information, raising concerns about privacy and data security.
Cosmos Bank Cyber Heist (2018): Cosmos Bank, one of the largest cooperative banks in India, fell victim to a cyber-attack in 2018. Hackers used malware to compromise the bank’s systems and executed fraudulent transactions totalling over $13.5 million. The attack highlighted vulnerabilities in the banking sector’s cybersecurity infrastructure.
Identity Theft – Facebook Data Leak (2018): In 2018, it was revealed that the personal data of millions of Facebook users, including those in India, had been harvested by a third-party firm without proper consent. The data was then misused for various purposes, including targeted advertising and influencing political campaigns.
Data Theft – Zomato Data Breach (2017): Zomato, a popular food delivery app in India, experienced a data breach in 2017 where the personal information of millions of users was stolen. The breach highlighted the importance of strong data protection measures for online platforms.
Financial Cybercrime – Debit Card Data Breach (2016): In 2016, it was reported that a large number of debit cards issued by various Indian banks were compromised. Cybercriminals stole card data and carried out unauthorized transactions, leading to financial losses for the affected bank customers.
Online Banking Fraud – Paytm Phishing Attacks: Paytm, India’s leading digital payment platform, has been a target of phishing attacks where cybercriminals attempt to steal users’ login credentials and financial information through fake websites or messages. Such incidents have led to financial losses for some users.
Ongoing Phishing Attacks: Phishing attacks, where attackers trick individuals into revealing sensitive information such as login credentials or financial details, are prevalent in India. Various phishing campaigns have targeted Indian users, including fake emails and websites impersonating banks, government agencies, and popular e-commerce platforms.
It is essential for individuals, organizations, and the government to remain vigilant, implement robust security measures, and promote cybersecurity awareness to mitigate these risks.
-Naresh Nunna
