Unmasking data thieves, their motivation and dark marketplace

In recent times, India has witnessed a surge in cybersecurity incidents. Who is behind the alarming spate of personal data breaches, and what drives their motivation?

Several high-profile breaches have come to light, exposing the personal information of thousands of individuals. The incidents have targeted a range of sectors, including banking, healthcare, and ecommerce, raising concerns about the vulnerability of sensitive data in the digital age.

Elevate Your Tech Prowess with High-Value Skill Courses

Offering College Course Website
IIM Lucknow IIML Executive Programme in FinTech, Banking & Applied Risk Management Visit
Indian School of Business ISB Professional Certificate in Product Management Visit
MIT MIT Technology Leadership and Innovation Visit

On October 15, Resecurity, an American cybersecurity firm, made a troubling revelation: the personally identifiable information (PII) of 815 million Indian citizens, encompassing Aadhaar numbers and passport details, was being peddled on the dark web. In a blog post, the company revealed that threat actors were offering to sell this comprehensive data for $80,000, emphasising that the information on offer was indeed valid.

The alleged source of this data, as claimed by the threat actors involved, was the Indian Council of Medical Research (ICMR). Notably, the ICMR has faced a barrage of cyber attack attempts, with a staggering 6,000 incidents reported in the previous year alone.

Personally Identifiable Information comprises details that, when used either independently or in conjunction with other pertinent data, can pinpoint and identify an individual.

This includes direct identifiers like passport information and quasi-identifiers, which, when combined with additional information, facilitate the successful recognition of an individual. The data for sale on the dark web encompassed Aadhaar numbers – unique 12-digit individual identification numbers issued by the Unique Identification Authority of India (UIDAI) on behalf of the Indian government. The threat actor responsible for selling this data goes by the moniker ‘pwn0001’.

Discover the stories of your interest

These incidents have prompted concerns among the public about the security of their personal information in the digital age. Many are questioning who is behind these breaches and what their motivation might be.Cybersecurity experts suggest that various actors may be involved, ranging from independent hackers seeking financial gain to sophisticated state-sponsored groups aiming to gather intelligence.

The motives behind these breaches can vary widely. Some hackers are driven by financial incentives, aiming to sell stolen data on the dark web for profit. Others may be motivated by political or ideological reasons, seeking to disrupt and undermine institutions.

“India is facing a multi-faceted challenge when it comes to cybersecurity. We are dealing with a combination of domestic and international threat actors who are constantly evolving their methods to compromise personal data,” says Pavan Duggal, senior lawyer and cyber security expert.

“The motivations behind these breaches are diverse and complex. We are observing a blend of financially motivated attacks, state-sponsored espionage, and hacktivism. Understanding the intent is crucial for developing effective countermeasures,” says Duggal.

The Indian government has taken note of the escalating threat and is actively working to strengthen the country’s cybersecurity infrastructure. The Ministry of Electronics and Information Technology (MeitY) has initiated investigations into the recent breaches and is collaborating with cybersecurity agencies to identify the perpetrators.

“The government is committed to safeguarding the digital landscape of the country. We are investing in state-of-the-art technologies, collaborating with experts, and drafting comprehensive legislation to address the evolving challenges of cyberspace,” a MeitY spokesperson had said.

In response to these incidents, experts emphasise the importance of individuals and organisations adopting robust cybersecurity practices. This includes regularly updating passwords, implementing multi-factor authentication, and staying informed about the latest security threats.

As the investigation unfolds, it remains crucial for both the government and private entities to collaborate closely to address the vulnerabilities in India’s digital ecosystem and protect citizens from the ever-growing threat of cyber attacks.

Stay on top of technology and startup news that matters. Subscribe to our daily newsletter for the latest and must-read tech news, delivered straight to your inbox.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TheDailyCheck is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected] The content will be deleted within 24 hours.