‘Cyberwar: Cybercrime threatens everything from smartphones to bank accounts to pacemakers to nuclear reactors and even national security’.
The new age cybercrime has surpassed USD 6 trillions in revenues and damages, catapulting it as the numero-uno organised crime syndicate globally, easily surpassing crime syndicates like narco-trafficking and counterfeiting. Incidentally, our Prime Minister had envisioned to make India a USD 5 trillion economy by 2025, a figure that pales in comparison to exploits by cyber crime, which are Likely to swell up to USD 10 trillion by then.
In the world where every day is a technological miracle ,where internet of things(IOT)is a welcome convenience. While driverless cars, clone armies of super human robots, money transfers at the click of the mouse, smart homes and social media obsession have brought about a revolution and transformed the planet into an unrecognisable place in the last five years, cybercrime has emerged as an organised well-funded enterprise. It is appropriately called the ‘arms race of the 21st century’ where there is a mad rush for unearthing Zero-day(unreported) vulnerabilities and exploiting them with the anonymity afforded by Darknet or Onion routers.
Internet was born in late 1960s as ARPANET, a small network of government computers. It has metamorphosed Into ubiquitous and all pervasive phenomenon. The world of cybercrime too has massively spread its tentacles, best illustrated by following scenarios inspired by real cases from cyber police files: A lady journalist dwelling in a typical Mumbai studio apartment and inured to online chatting, fell victim to a spear–phishing attack, where a malicious code called video keylogger was installed in her laptop. Consequently, whatever she typed – all keystrokes were recorded in her laptop’s hard-disk and transferred via email to the cyber-criminal. Even her webcam was unwittingly switched on and all images similarly transferred. All videos and data were meticulously collated and used to blackmail the gullible victim. The girl attempted suicide and was later counselled. A couple of teenage Chinese hackers, perhaps having nothing better to do in their vacations, hacked into and even attempted to change the course of 2 NASA satellites. The hacks were detected and thwarted with veritable threat of converting satellites into weapons of mass destruction.
A malware Pegasus, developed by Israel company NSO group,gained notoriety by playing havoc with privacy of hundreds of smartphones. The distinguishing feature of the spyware was its ‘zero click’ feature, where it got installed on the victim’s phone without the victim being required to click even once on a malicious link and subsequently took over all admin controls, enabling it to eavesdrop on all communications, text, chats and even switching on camera and microphone to see and hear ambient scenes and sounds.
In October 2020, a large scale power outage in Mumbai region which brought the whole city including its lifeline the local trains to a grinding halt, was attributed to an act of cyber-sabotage. Investigation and reports by New York Times, revealed that 14 Trojan horses or malevolent programs from hostile countries had infected the electricity servers.
The Pune Cosmos Bank Cyber-heist in 2018, wherein hackers stole Rs.94 Crores in just two days through multiple ATM swipes in 28 countries across the world and the Nanded cooperative bank cyber-heist In 2021, where in Rs.14 Crores were siphoned off By hacking core banking solution system, are glaring illustrations of magnitude of dacoity not through bullets and bombs but through bits and bytes. Hypothetically, if such massive bank dacoities were carried out in physical world through automatic weapons, it would have unseated governments and heads would have rolled in plenty.
Another spine-chilling scenario of cybercrime is when it transforms into cyber-terrorism. Hacked Railway signalling systems can lead to collision of trains, hacked water purification plants can lead to poisoning, hacked nuclear missile control systems can lead to rogue nuclear attacks and catastrophe. Primary reason why Iran is still a non-nuclear weapon nation, is the iconic cyber-attack christened as ‘Stuxnet’ on its Netanz Uranium enrichment centrifuges, where they spun at supersonic Speed and self-destructed. Cyber terrorism is very much real – a Frankenstein monster, which needs to be tamed.
Thus, cybercrime has redefined the landscape. It is no longer perpetrated by lone computer savant camouflaged in a hoodie. It is business, a parallel economy worth trillions of USD. It is preferred because of low entry costs, technological advances are so quick that law enforcement agencies are not able to keep pace. The risk of getting caught is minimised by techniques of Proxy bouncing and use of virtual private networks(VPNs) , which make the attack appear originating from a country like Iran or North Korea, which are shrouded in secrecy.
Cybercrime remodels with blitzkrieg pace into darknet crimes where one can hire a contract killer or buy and sell narcotics with anonymity, Ransomware where the data of an agency is surreptitiously encrypted and ransom demanded in crypto currency to decryp it, Man in the middle attacks, Sextortion, Social online grooming of children, child pornography, Jamtara styled online financial frauds, spoofing, scamming, skimming attacks, Phishing and Vishing attacks, hacks on critical infrastructure by state actors or even deep fake and deep nude attacks. Each of these facets I will try to elucidate with real-life examples in subsequent columns. It is imperative that law enforcement agencies get their act together and fight cybercrime in a sincere and concerted manner, with international cooperation and upgradation of resources, tools and skilled manpower.
Views expressed above are the author’s own.
END OF ARTICLE