A tremendous rise in cybercrimes since the global outbreak of COVID-19 has prompted Indian security agencies to look for ways to boost their capabilities to deal with phishing, malware, virus and other online attacks on government servers. Particularly, the increase in digital activity and economic relief measures accompanying the outbreak have given rise to online fraud, money laundering and terror financing concerns, sources privy to the developments said.
“Malicious or fraudulent cybercrimes, fundraising for fake charities, and various medical scams targeting innocent victims are likely to increase, with criminals attempting to profit from the pandemic by exploiting people in urgent need of care,” a batch of Group A and Group B officers from several departments including narcotics and goods and services tax among others were told during a ‘sensitisation’ session in Vadodara earlier this week.
Sources said that the two-hour-long session, attended by over 100 government officials, was addressed by cyber-security and counter-terrorism expert Dr Nishakant Ojha. Besides being an advisor to the Centre on cybersecurity, Dr Ojha is also consulted by several foreign governments in west Asia on terrorism-related matters. He is also a consultant with government-owned firm Telecommunications Consultants India Limited (TCIL).
The Computer Emergency Response Team of India (CERT-In), the nodal government agency to deal with cyber-attacks, had last month come out with an advisory warning about the “increase in the number of cyberattacks on personal computer networks and routers since professionals were asked to work from home in the wake of the COVID-19 outbreak in the country.”
Now, the government agencies are coming to terms with similar attacks being carried out against government servers. Sources said that the emerging online threats represent increasing money laundering and terrorist financing risks. The frequency of these attacks has only picked up as the government attempts through infusing liquidity into the economy through direct bank transfers and a host of other ways.
In one such instance, cybersecurity firm Quick Heal observed multiple attacks against several cooperative banks in April. The Pune-based IT security service provider said that the cyber-attacks directed at cooperative banks come in the form of an email, which claim to originate from the Reserve Bank of India (RBI) or a large banking organisation.
“The content of the email refers to new RBI guidelines or a transaction, with detailed information in an attached file, which is a zip file that contains a malicious JAR file,” says a report on the matter.
Money laundering and anti-terror financing
During his interaction with the government officials in Vadodara, Dr Ojha is also learnt to have touched upon the vulnerabilities of anti-money laundering laws and counter-terror financing mechanisms in place to deal with the rise in cybercrime activity.
The increase in misuses of online financial services and virtual assets to conceal illicit funds and misappropriation of domestic and international financial aid and emergency funding are two subject areas that are being looked upon with increased suspicion by the authorities, sources said.
Among a slew of measures mulled over to deal with the emerging cyber threats, Dr Ojha is learnt to have stressed on the importance of adopting new operational responses and the need for transparency among banks and financial institutions.
The cybersecurity expert also called upon the high-ranking officials to think over the prospect of setting-up a special COVID-19 Task Force to deal with new avenues of cybercrimes.
When contacted for a comment, Dr Ojha said, “Criminals and terrorists exploiting COVID-19 and the associated economic downturn to move into new cash-intensive and high-liquidity lines of business in developing countries pose a major threat to agencies.” “Criminals have attempted to profit from the COVID-19 pandemic through increased fraudulent activities,” he added.