Cybersecurity Flashcards
Which companies were hacked in Sep 2022
Uber and Rockstar Games (developers of Grand Theft Auto)
Who did these cyber attacks on Uber and Rockstar Games in September 2022?
Lapsus$, as it is called, came into the public eye earlier this year, and is believed to be behind a bunch of attacks throughout this year — Microsoft, Nvidia and Samsung, among others. Even more intriguing, is that the group is believed to consist primarily of teenagers.
How do Lapsus$ get in?
Through social engineering. Their tactics include phone-based social engineering; SIM-swapping to facilitate account takeover; accessing personal email accounts of employees at target organisations; paying employees, suppliers, or business partners of target organizations for access to credentials and multifactor authentication (MFA) approval; and intruding in the ongoing crisis-communication calls of their targets.
How can an organization defend against these attacks?
instilling a culture of cyber scepticism — a healthy distrust of others in a digital system. It is always a good idea for chief information security officers (CISO) to not just be interested in safeguarding the data of the company, but also to ensure that employees live with a sense of cyber hygiene even in their personal lives.
What is the connection between arrival of 5g and sim swap fraud?
With the arrival of 5g, a large number of customers will have to upgrade their SIM cards. Hence there is a risk of sim swap frauds also escalating.
What is a sim swap fraud?
A SIM swap fraud occurs when fraudsters obtain information regarding a customer through fake calls, phishing etc. and use the same to approach the telecom service provider for a new SIM card on the same number.
Once the SIM card is issued, the old SIM in possession of the customer is deactivated, and all new communication to the number is received by the fraudster. This allows the scammer access to information like banking one-time passwords (OTPs), which allow them to steal money from the victim’s account.
This may also happen in case of stolen phones, or when unsuspecting customers click on unknown links, which allow the fraudster to duplicate the SIM remotely, and gain access to OTPs.
What can telecom companies do to avoid sim swap frauds?
1) spread awareness among customers to avoid divulging sensitive information to unverified sources.
2) In addition to this, telcos can (internally) categorise SIM swap requests as ‘high risk interactions’ and deploy staff specially trained to handle such requests
3) a number cannot be active on two SIM cards simultaneously and hence the customer can approach the operator to block their SIM if they lose service on their phones.
4) Other measures like physically verifying the details provided by the customer (for example a visit to the address provided) and asking for a secondary KYC (know your customer) have also been implemented.
Currently how are telecom companies escaping if sim swap fraud occurs?
1) they plead limited liability
2) If the matter reaches the court, telcos usually pay a fine of up to Rs 50,000 to the authorities who then decide whether and how much of it is given to the victim of the fraud
3) The telcos usually can defend themselves using the logic that all their communication is encrypted and hence they have no idea what messages the customer had received and acted upon,
4) Additionally, they can make the argument that they or their employees were not involved in the actual financial fraud, and hence cannot be held responsible as they are simply an intermediary.