Context:
CERT-In issues alert for NoEscape ransomware.
About Rnasomware:
- A type of malware that locks a victim’s data or device and threatens to keep it locked unless the victim pays a ransom to the attacker.
- According to the IBM Security X-Force Threat Intelligence Index 2023 -17 % of all cyberattacks in 2022.
- Some ransomewares – WannaCry, Petya, Avaddon encryptor, CryptoLocker, Locky, Ryuk, Cerber, GandCrab, Reveton, SamSam, SimpleLocker
About CERT-In:
- National nodal agency for responding to computer security incidents as and when they occur.
- Formed – 2004
- Functions:
- Collection, analysis and dissemination of information on cyber incidents.
- Forecast and alerts of cyber security incidents
- Emergency measures for handling cyber security incidents
- Coordination of cyber incident response activities.
- Issue guidelines, advisories, vulnerability notes and whitepapers relating to information security practices, procedures, prevention, response and reporting of cyber incidents.
- Such other functions relating to cyber security as may be prescribed.
Types of Cyber Attacks:
- Hacking: Unauthorized access to information systems.
- Phreaking: Fraudulent manipulation of secure telephone networks to make free calls.
- Spamdexing: Dishonest modification of HTML pages to improve search engine rankings.
- Eavesdropping: Unauthorized real-time interception of private communications.
- Cyber Espionage: Stealing digital secrets from computers and IT networks.
- Salami Attack: Typically used for financial crimes, especially in banks.
- Data Diddling: Unauthorized alteration of data during input to a computer.
- Snooping: Unauthorized access to someone’s or a company’s data.
- e-stalking: Using the internet to harass or threaten someone.
- Cryptojacking: Unauthorized use of someone else’s computer for cryptocurrency mining.
- Plagiarism: Presenting someone else’s ideas or information as your own.
- Denial of Service: An attack aimed at rendering a machine or network inaccessible to its intended users.
- Vishing: voice phishing – uses voice and telephony technologies to trick targeted individuals into revealing sensitive data to unauthorized entities.Top of Form
Source: The Hindu
Previous year question
The terms ‘WannaCry, Petya and Eternal Blue’ sometimes mentioned in the news recently are related to
[UPSC Civil Services Exam – 2018 Prelims]
(a) Exoplanets
(b) Cryptocurrency
(c) Cyber attacks
(d) Mini satellites
Answer: (c)