Source: THE HINDU

Disclaimer: Copyright infringement not intended.

Context:

• The Indian Computer Emergency Response Team, CERT-In, has issued a severity rating of ‘Critical’ for the incident; the mishap led to several users seeing the Blue Screen of Death – BSOD.

READ ABOUT- CYBERSECURITY IN INDIA

ALSO VISIT- Vishing

Details:

• On a recent significant date, a widespread outage disrupted Microsoft Windows operations globally, caused by a software bug in the CrowdStrike Falcon endpoint detection and response product.
• This outage resulted in the notorious "Blue Screen of Death" error, affecting millions of users worldwide.
• The update that led to this issue was related to a content update within CrowdStrike’s product, a cybersecurity firm based in Austin, Texas.
• The impact of the faulty update was not only on the PCs alone but also impacted the Microsoft Azure platform, the cloud storage arm, and the 365 services platform.

Immediate Impacts

Aviation Industry:

• Indian Context: The outage deeply affected the aviation sector in India. IndiGo Airlines announced the cancellation of 283 flights due to the disruption.
  • The cascading effect of the outage also temporarily made rebooking or claiming refunds unavailable.
• Airport Operations: Check-in processes at major airports, including those in Chennai, Mumbai, and Delhi, were suggestively hampered.
• From 11:30 a.m. onward, various airlines such as IndiGo, SpiceJet, and Akasa faced operational challenges.

Financial Sector:

• The Reserve Bank of India (RBI) assessed the impact on regulated financial entities and reported that most critical systems of banks were not severely affected, mostly because they do not rely heavily on cloud services or the CrowdStrike tool.
• This insulation highlights the less immediate yet significant preparation of the financial sector against such technical disruptions.

Security Concerns and Mitigation

Broader Implications:

• The outage not only caused operational disruptions but also heightened cybersecurity risks.
• Systems affected by such outages become more vulnerable to potential data breaches and unauthorized access.
• The recommended mitigation steps involved booting Windows into Safe Mode, deleting a specific file within the CrowdStrike directory, and then rebooting the system to restore stability.
• Although time-consuming, this process was crucial in addressing the immediate fallout.

Global Impact:

• The number of companies affected likely ranged in the hundreds of thousands, and the incident underscored the interconnectedness and vulnerability of modern digital infrastructure.

Policy measures to prevent software bugs and other technology related issues:

• Security Audits: Conduct regular security audits and vulnerability assessments to identify and mitigate potential security risks.
  • g. Tools like OWASP ZAP and Nessus can assist in these assessments.
• Data Protection Regulations: Ensure compliance with data protection regulations such as GDPR and CCPA to safeguard user data and privacy.
• Continuous Integration/Continuous Deployment (CI/CD): Implement CI/CD practices to ensure that code is regularly integrated and deployed.
• Adopt Industry Standards: Organizations should adopt widely recognized industry standards such as ISO/IEC 12207 for software life cycle processes.

MUST READ ARTICLE:

World Cybercrime Index

CYBERSECURITY

Protection against Cyber Threats for Businesses

CDS releases its first blueprint for warfare in cyberspace

Cybercrime

Security Covers in India

TYPES OF MALWARES: https://iasgyan.in/blogs/malwares-and-its-types

Source:

https://epaper.thehindu.com/ccidist-ws/th/th_international/issues/91575/OPS/GL9D20GEB.1+GB6D335U4.1.html

PRACTICE QUESTION Consider the following Pairs:  Cyber attacks : Description Phishing : An attack where the attacker intercepts and alters communication between two parties without their knowledge. Vishing : A cyberattack involving the use of phone calls to deceive individuals into revealing personal information. Ransomware : An attack where multiple compromised systems are used to flood a targeted system with traffic, making it unavailable to users. DDoS (Distributed Denial of Service) : A cyberattack in which the attacker encrypts the victim's data and demands payment for the decryption key. How many of the above-given pair/s are NOT correctly matched? (a) Only one pair (b) Only two pairs (c) Only three pairs (d) All four pairs Answer: (d) Phishing: A type of cyberattack where attackers use deceptive emails or websites to trick individuals into providing personal information, such as passwords and credit card numbers. Vishing: Short for "voice phishing," it involves attackers using phone calls to deceive individuals into divulging personal information or financial details. Ransomware: A type of malware that encrypts the victim's files and demands a ransom payment to restore access to the data. DDoS (Distributed Denial of Service): An attack where multiple compromised systems (often part of a botnet) are used to overwhelm a target system with a flood of internet traffic, making the service unavailable to legitimate users.