obfuscation

Hackers step up obfuscation attacks to break into IT networks

by | Jan 7, 2021 | IT Security

Cybercriminals are introducing obfuscation-as-a-service to enable novice hackers on the dark web to make hard-to-break infiltration into corporate networks.
Share to lead the transformation

In 2020, cyber-attacks reached a new scale, disrupting the business community and Information security professionals. Malware, phishing, denial of service attacks, DNS tunneling, SQL injection, and zero-day exploits have seen a massive explosion in every large organization. According to a report from antivirus, cloud, and endpoint security firm McAfee, since 2018, the cost of global cybercrime has reached over $1 trillion. If that wasn’t enough, the industry has noticed a new pattern of cybercriminals investing in plug-and-play obfuscation software-based toolkits to infect corporate networks for financial gains. (See: Top enterprise cybersecurity trends of 2020)

Obfuscation is a proven technology widely used by security professionals and coders to make the source code anonymous and incoherent. The technique helps businesses secure their critical data and prevent hackers from using reverse engineering techniques to discover an enterprise network’s vulnerability and launch attacks.

The recent cyber intrusion in the software  IT monitoring and management software company Solarwinds was executed by an obfuscated advanced persistent threat (APT) that mysteriously took nine months to discover. (See: SolarWinds hack: CISOs need to revisit cyber resilience?)

However, as usual, hackers appear to be a step ahead of network protectors. Call it money as a motive or an innovative mindset; cybercriminals always develop enterprising ways to infiltrate defenses. Obfuscation-as-a-service is one such recently exposed illegal business model developed by cybercriminals. Professional hackers try to make money from selling such techniques on subscription-based models to other hackers.

As-a-service model for orchestrating a hack

Those who trust that the as-a-service models are currently only transforming legitimate business models will probably live on a different planet. Over the past few years, cybercrime as a service model is swiftly making inroads into the dark-web. Professional fraudsters and cybercriminals use illegal platforms to sell cyberattack tools, procedures, services, and a host of software programs to evade detection and launch fully automated cyberattacks.

Obfuscation-as-a-service model is operating on similar lines. In 2020, many instances were discovered by cybersecurity monitoring agencies and solution providers where hackers provided automated obfuscation service and android pocket kits (APKs) on a subscription basis to fraudsters. In the wake of a growing remote workforce, most organizations are introducing workplace productivity apps that can be accessed quickly by employees through their mobile phones. As such cracking mobile applications, especially android, through obfuscation has become a prime focus area for cybercriminals.

The entire business of purchasing and selling obfuscation service happens through illegitimate darknet marketplaces, making it very challenging for governments and law-enforcement authorities to keep a consistent track. This new development of obfuscation-as-a-service is perturbing for enterprises with global footprints, which have a massive amount of data located on different clouds. This unlawful cybercrime service model can give a ready-to-launch platform to even newbie cybercriminals who regularly exploit weaker networks.

What’s the remedy?

To protect networks from obfuscation techniques or deobfuscate malicious codes launched by hackers, organizations need to ensure the uppermost security level that fills the unwanted gaps. Applying integrity controls, encrypting as much as possible, transforming program codes and making them unintelligible, inserting anti-debugging logic are some of the fields that should be strengthened.

While there is no perfect solution that can give full-proof code security, a host of commercial tools can be tested and implemented to make your security architectures robust.

Most importantly, in 2021, organizations and cybersecurity leaders should set-up quality budgets to train their in-house talents and develop innovative solutions to fortify their resilience levels and mitigate new-age obfuscation security threats.

MORE FROM BETTER WORLD

Campaign to rid India of one-time-use plastics

Campaign to rid India of one-time-use plastics

Union Minister of Environment, Forest and Climate Change and Information and Broadcasting Prakash Javadekar, who is in Sao Paulo, Brazil to attend the Ministerial meetings of BRICS and BASIC countries, said that the Prime Minister Narendra Modi has renewed his appeal to the people, in his Independence Day speech, to make India free of one time use plastics, a PIB release said.

“In response to Prime Minister’s call on India’s 73rd Independence day, to make India free of single use plastics, a massive public campaign will be launched engaging all stakeholders. In this regard a series of meetings will be held with all stakeholders including state governments to chalk out a concrete plan to make it a people’s campaign to realise the ultimate target,” Javadekar said while addressing a gathering to celebrate 73rd Independence Day at a function organized by the Indian Consulate in Sao Paulo, Brazil.

Earlier, in a tweet message the Minister said, “PM @narendramodi today called for a campaign to make India free of single use plastics. Let us all strive together to make it happen.”

“We have now achieved ‘One Nation, One Constitution’; we had already achieved ‘One Nation, One Grid’. Now people should debate on ‘One Nation, One election’. The Prime Minister has also announced large scale infrastructure development plans with an investment of Rs 100 lakh crore in Road, Rail, Airport, Port, Waterways and other infrastructure. While listing out achievements of the government, the Prime Minister also discussed about ever-increasing population in India and the need to check it through public participation” Javadekar said addressing the gathering comprising of Indian diaspora, NRIs and eminent citizens of Brazil.

The Minister started his day today by paying respect to Father of the Nation, Mahatma Gandhi, at Vivekanand Cultural Centre in Sao Paulo, Brazil. At the flag hosting ceremony at Vivekanand Cultural Centre, he also interacted with Indian diaspora as well as Brazilian citizens.

India’s largest rural sanitation survey launched

India’s largest rural sanitation survey launched

Jal Shakti Minister Gajendra Singh Shekhawat has launched the Swachh Survekshan Grameen 2019 (SSG 2019) in the capital yesterday. Instituted from August 14 to September 30, 2019, SSG 2019 will cover 17,450 villages in 698 districts across India and include 87,250 public places namely schools, anganwadi centers, public health centers, haat/bazaars/religious places, making it India’s largest rural sanitation survey. Around 2,50,000 citizens will be interviewed for their feedback as part of the survey. Citizens will also be mobilized to provide feedback on sanitation relation related issues online using an application developed for the purpose.

An independent survey agency will conduct the survey in all districts and the results will be announced based on quantitative and qualitative sanitation parameters. With over 5.8 lakh villages, 639 districts, and 32 States/UTs declared Open Defecation Free (ODF) in rural India, the country is well poised to be completely an Open Defecation Free India by October 2, 2019.

Times.Green has learnt that the survey is being carried out by a leading market research company Ipsos, as indicated by this LinkedIn post of Parijat Chakraborty, Executive Director and Business Head at Ipsos:

Speaking at the launch, Shekhawat emphasized on the huge success of the Swachh Bharat Mission in becoming the biggest behavior change program in the world. He shared that with SSG19, the Mission is being taken to the next level, by focusing on solid liquid waste management and plastic waste management.

Rattan Lal Kataria, Minister of State for Jal Shakti, further lauded the enthusiasm shown by all stakeholders towards last year’s survey and encouraged the gathering to garner even higher momentum at the grassroots level this year. Parameswaran Iyer, Secretary, Department of Drinking Water and Sanitation, highlighted that this year the focus is on plastic waste disposal amongst other wastes.

A detailed protocol has been developed to guide the ranking of Districts basis their performance on key quality and quantitative parameters. The Jal Shakti Minister released the SSG 2019 logo, the SSG 2019 brochure mobile app and a dashboard for citizen’s feedback. An audio-visual campaign, featuring actor Ajay Devgan was also launched at the SSG launch event.

CSR spend recommended as tax deductible

CSR spend recommended as tax deductible

Injeti Srinivas, Secretary (Corporate Affairs), has presented the Report of the High Level Committee on CSR to the Union Minister of Finance and Corporate Affairs, Nirmala Sitharaman. The Committee has made far reaching recommendations.

The main recommendations include, making CSR expenditure tax deductible, provision for carry forward of unspent balance for a period of 3 – 5 years, aligning Schedule 7 with the SDGs by adopting a SDG plus framework (which would additionally include sports promotion, Senior Citizens’ welfare, welfare of differently abled persons, disaster management and heritage protection), balancing local area preferences with national priorities, introducing impact assessment studies for CSR obligation of 5 crore or more, and registration of implementation agencies on MCA portal. The other recommendations include developing a CSR exchange portal to connect contributors, beneficiaries and agencies, allowing CSR in social benefit bonds, promoting social impact companies, and third party assessment of major CSR projects.

The Committee has emphasized on not treating CSR as a means of resource gap funding for government schemes. The Committee discourages passive contribution of CSR into different funds included in Schedule VII of the Act. It has emphasized on CSR spending as a board driven process to provide innovative technology based solutions for social problems. The Committee has also recommended that companies having CSR prescribed amount below Rs. 50 lakh may be exempted from constituting a CSR Committee. The Committee has also recommended that violation of CSR compliance may be made a civil offence and shifted to the penalty regime.

The High Level Committee on CSR was constituted in October, 2018 under the Chairmanship of Secretary (Corporate Affairs) to review the existing CSR framework and make recommendations on strengthening the CSR ecosystem, including monitoring implementation and evaluation of outcomes. The Members of the Committee included Sameer Sharma, DG & CEO, Indian Institute of Corporate Affairs, Dr. A.K. Mittal, former CMD, NBCC, N. Chandrasekaran, Chairman, Tata Sons, Amit Chandra, MD, Bain Capital Private Equity, B.S. Narasimha, former Addl. Solicitor General of India, Rajeev Luthra, Founder & MD, Luthra and Luthra Law Office, Shobana Kamineni, Executive Vice Chairperson, Apollo, Prof. Anil Gupta, Founder, Honey Bee Network and Professor, IIM, Ahmedabad, Dr. Narinder Dhruv Batra, President, Indian Olympic Association, S. Santhanakrishnan. Chartered Accountant, and Mathew Cherian, CEO, Helpage India. Gyaneshwar Kumar Singh, Joint Secretary, Ministry of Corporate Affairs, was the Member and Convener.

41% reduction in crop stubble burning realized

41% reduction in crop stubble burning realized

Highlighting the considerable reduction in crop residue burning incidents in 2018, Dr. Trilochan Mohapatra, Secretary, Department of Agricultural Research & Education (DARE) & Director General, ICAR has said that India has demonstrated through coordinated public and private efforts such challenges can be addressed effectively. While addressing media in New Delhi today, Dr. Mohapatra added that through the various efforts under the Central Sector Scheme on ‘Promotion of Agricultural Mechanization for In-Situ Management of Crop Residue in the State of Punjab, Haryana, Uttar Pradesh & NCT of Delhi’ the paddy residue burning events have reduced by 15% and 41% in 2018 as compared to that in 2017 and 2016, respectively, in all these states as per the satellite data. The Secretary also added that more than 4,500 villages in Punjab and Haryana were declared as Zero Stubble Burning Villages during 2018 as not a single crop burning incident was reported from these villages during the year.

Dr. Mohapatra stated that the Central Sector Scheme was launched with a total outgo of Rs 1,151.80 crore for the period from 2018–19 to 2019–20 by the Government of India to tackle air pollution and to subsidize machinery required for in-situ management of crop residue in the states of Punjab, Haryana, Uttar Pradesh, and NCT of Delhi. Within one year of its implementation utilizing an amount of Rs 500 crore, the happy seeder/zero tillage technology was adopted in 8 lakh hectares of land in the north- western states of India. Under the scheme, financial assistance amounting to 50% of the cost is provided to the farmers for purchase of in-situ crop residue management machines on individual ownership basis. The financial assistance for establishment of Custom Hiring Centres of in-situ crop residue management machinery is 80% of the project cost.

During 2018–19, the funds amounting to Rs 269.38 crore, Rs 137.84 crore and Rs 148.60 crore have been released to the Governments of Punjab, Haryana and Uttar Pradesh respectively, for distribution of in-situ crop residue management machinery to the farmers on subsidy, establishment of Custom Hiring Centres (CHCs) of in-situ crop residue management machinery and undertaking Information, and Education and Communication (IEC) activities for creating awareness among farmers. During 2019–20, funds amounting to Rs 273.80 crore, Rs 192.06 crore and Rs 105.29 crore have also been released so far to the Governments of Punjab, Haryana and Uttar Pradesh, respectively, said a PIB release.

ICAR is implementing the scheme through 60 Krishi Vigyan Kendras (KVKs) of Punjab (22), Haryana (14), Delhi (1) and UP (23). In this scheme, awareness campaigns were conducted by organizing thousands of demonstrations, putting up hoardings, banners and wall paintings all across the states. Almost 700 awareness programs at village levels, 200 Kisan Ghostis and Field days, 86 KPisan Melas and 250 schools and colleges were sensitized in collaboration with state departments and agricultural universities. More than 2 lakh stakeholders were sensitized during one year. More than 400 hands-on training were organized and 18,000 farmers, tractor owner and machine operators were trained, the release added.

In addition to the above Scheme, separate funds are being allocated to the states for crop residue management under Sub-Mission on Agriculture Mechanization by the Department of Agriculture Cooperation and Farmers Welfare. The state governments have also been directed that Rs 4,000 per hectare shall be used from the funds available for demonstration of machines under the Sub-Mission on Agricultural Mechanization for demonstration of straw management machinery at farmers’ fields, Ministry of Agriculture & Farmers Welfare said.

Tracking Swachh Bharat: 5th survey launched

Tracking Swachh Bharat: 5th survey launched

Hardeep Singh Puri, Minister of State (Independent Charge) for Housing & Urban Affairs today launched the Swachh Survekshan 2020 (SS 2020), the fifth edition of the annual cleanliness survey conducted by the Ministry of Housing and Urban Affairs (MoHUA), said a PIB release. Alongside, the Swachh Survekshan 2020 Toolkit, SBM Water PLUS Protocol and Toolkit, Swachh Nagar – an integrated waste management app and AI enabled mSBM App were also launched.

The event was webcast live for states and cities to witness the launches from across the country. The event also saw the release of a special Swachh Survekhan theme song featuring Kangana Ranaut, singers Kailash Kher and Monali Thakur. Durga Shanker Mishra, Secretary, MoHUA, V.K. Jindal, Joint Secretary & Mission Director, and representatives from serval urban local bodies were also present at the launch.

Speaking at the launch event, Puri said, “Earlier this year, we had launched Swachh Survekshan League 2020 (SS League 2020) with the objective of sustaining the on ground performance of cities along with continuous monitoring of service level performance on cleanliness. Today’s event for launching the Swachh Survekshan 2020, with field survey to be conducted in January 2020, is particularly significant since it gives us the opportunity to reaffirm once again our promise for a Clean, Garbage Free and Sanitary “New India”, by not only sustaining the gains that we have made under the SBM, but also by providing a roadmap to institutionalize the concept of total Swachhata among all our cities.”

The Swachh Survekshan 2020 Toolkit launched by the Minister contains the detailed survey methodology and component indicators with scores to help cities to prepare themselves for the survey.

Durga Shanker Mishra, Secretary, MoHUA during his presentation on SS 2020 mentioned, “Every year, the Swachh Survekshan is redesigned innovatively, to ensure that the process becomes more and more robust, with focus on sustaining the changed behaviours.” He also elaborated on the key focus areas of SS 2020, and highlighted the key differentiators of SS 2020 from SS 2019.

In line with the focus on continuity and sustainability, a major focus of SS 2020 indicators, both for the quarterly and annual assessments – has been on complete faecal sludge management and waste water treatment, in line with the Government’s promise made in its election manifesto. Reiterating its commitment to the cause, the Ministry also launched the Water PLUS Protocol and the accompanying Toolkit.

Moving beyond ODF, ODF+ and ODF++, the Water PLUS protocol aims to provide a guideline for cities and towns to ensure that no untreated wastewater is released into the environment thereby enabling sustainability of the sanitation value chain. This is in line with the Government’s focus on water conversation and reuse under the Jal Shakti Abhiyan and also aligns with the Sustainable Development Goals on clean water and sanitation. The toolkit provides the detailed SBM Water Plus protocol laid down by MoHUA, along with declaration formats to be obtained from various stakeholders, that wards / work circles (in case under jurisdiction of development authority) and cities are required to submit, as part of the SBM Water Plus declaration and certification process.

SS 2020 will be conducted in January 2020. A major thrust of Swachh Survekshan has always been on citizen engagement, be it through citizen feedback or indicators involving citizen participation. This year, the citizen-centric focus has been enhanced substantially through verification of the progress made by cities on Swachhata through direct responses from citizens. Continuing with its focus on providing integrated waste management solutions to Urban Local Bodies (ULBs) and citizens, MoHUA also launched the Swachh Nagar Mobile App. This app, with features such as tracking of waste collection by ULBs through route and vehicle monitoring, notification to citizens, online collection of user fee for waste collection and an effective grievance redressal mechanism, will be the answer to several issues that hinder effective waste management such as lack of monitoring, collection of segregated waste, and tracking the movement of waste vehicles and waste pickers, amongst others.

The event also saw the launch of AI enabled mSBM App, a mobile app developed by the National Informatics Centre (NIC) that helps detect the beneficiary face and toilet seat in the photo uploaded using Artificial Intelligence (AI) model at the backend. This app will not only facilitate the applicants of Individual Household Toilets (IHHL) under SBM-U know the status of their application in real-time after uploading the photograph but also help them upload the correct photo. The App will also help the respective ULB nodal officer to verify and approve the application thereby significantly reducing the processing time for applicants. The launch event ended with the release of the Swachh Survekshan theme song. While Padmashree awardee Kailash Kher and Monali Thakur have lent their voice to the song titled ‘Swachhata Adhikar Hai’, national award winning actor, Kangana Ranaut has featured in the video.

India has revved up its sustainability drive

India has revved up its sustainability drive

Contrary to what the perception is, India is no longer pushing the climate change concerns under the carpet. In case you haven’t already noticed, India has quietly but surely accelerated its journey on the road to sustainability.

Move #1: In her maiden budget, Finance Minister Nirmala Sitharaman announced that to make electric vehicles affordable to consumers, the government will provide additional income tax deduction of Rs 1.5 lakh on the interest paid on loans taken to purchase electric vehicles. This amounts to a benefit of around Rs 2.5 lakh over the loan period to the taxpayers who take such loans. To further incentivize e-mobility, the Budget said customs duty was being exempted on certain parts of electric vehicles.

An even greater emphasis was laid on providing affordable and environment friendly public transportation options for the common man. Phase II of the Faster Adoption and Manufacturing of (Hybrid &) Electric Vehicles (FAME) Scheme has an outlay of Rs 10,000 crore for a period of 3 years and has already commenced from 1 April 2019. Under the scheme, advanced battery and registered e-vehicles will be incentivized.

The Minister hoped that the inclusion of solar storage batteries and charging infrastructure in the FAME scheme would give a boost to manufacturing, which is needed for India to leapfrog and become a global hub for manufacturing of these vehicles.

The Impact: The announcement led to obvious cheers across the electric vehicles industry. Tech Mahindra, in partnership with Mahindra Logistics, announced introduction of EVs for employee transportation. The latter aims to take the tally of electric vehicles in its employee transportation fleet to 300, over the fiscal year 2020. (See: Tech Mahindra Partners with Mahindra Logistics to Introduce Electric Vehicles for Employee Transportation)

More recently, the Department of Heavy Industry has approved the sanction of 5,595 electric buses to 64 Cities, State Government Entities, and State Transport Undertakings (STUs) for intra-city and intercity operation under FAME India scheme phase II in order to give a further push to clean mobility in public transportation. (See: Soon, 5,595 new electric buses for 64 cities)

Move #2: The most significant manifestation of this drive is reflected in the recent decision of slashing of goods and services tax (GST) rates for electric vehicles and related services to 5%. While GST rate on all electric vehicles was reduced from 12% to 5%, the rate on charger or charging stations for electric vehicles be reduced from 18% to 5%. Also, hiring of electric buses of carrying capacity of more than 12 passengers by local authorities was exempted from GST.

Even more significant was the speed with which it was implemented. Within five days after the high-powered GST Council chaired by Union Finance & Corporate Affairs Minister Nirmala Sitharaman took the decision on 27 July 2019, it was implemented. The new rates thus came into effect from 1 August itself.

The Impact: The impact has been even more positive. Some stakeholders who had been waiting for such incentives to arrive, were quick to respond with their plans. Tata Power and Tata Motors announced their partnership to install 300 fast charging stations by the end of the FY2020, across key five cities namely Mumbai, Delhi, Pune, Bangalore and Hyderabad. (See: Tata to set up 300 EV charging stations in 5 cities)

Earlier, Tata Motors said it supplied 40 electric buses to the Jammu & Kashmir State Road Transport Corporation. Some of these buses are plying on the difficult terrains of the Jammu to Katra (Vaishno Devi) route and some buses will also ply in the valleys of Srinagar. (See: Tata Motors delivers 40 electric buses to J&K)

Interestingly, these electric buses have been manufactured at Tata Motors Dharwad plant, and will have a traveling range of up to 150 kilometers on a single charge. Adapted to local conditions, its Li-ion batteries have been placed on the rooftop to prevent breakdown due to waterlogging.

There has been a sudden spurt in the number of electric vehicles in the cars and two-wheeler segments as well. While Mahindra has been present in the EV segment ever since it acquired Reva Electric in 2010, Hyundai has recently launched Kona Electric and others are also rushing to launch their offerings. Maruti Suzuki is expected to bring its first electric car Wagon R E next year.

In fact, the recent slump in the automobile sector could help further accelerate the growth of the electric mobility segment in India. The sops being offered by the government could incentivize automobile players to give push to their e-mobility offerings.

Move #3: This one comes not from the government but from India’s largest business conglomerate, Reliance Industries. While it may arguably be seen as a mega outcome of the two moves discussed above, the sheer scale of RIL makes it a move as well.

In its latest annual report, the company has said, “Reliance has developed a future-ready Oil-to-Chemical strategic vision to, progressively, transform the Jamnagar refinery from a leading producer of fuels to chemicals.”

“The Jamnagar refinery product slate, at the culmination of oil-to-chemical transition, shall be only jet fuels and petrochemicals. All refined products priced below crude shall be eliminated for chemicals at initial stage. Final fuel de-risking shall target elimination of gasoline, alkylate and diesel, synchronised to the global evolution of E-mobility and transport fuel demand decline,” the report further noted.

The Impact: This move is bound to trigger a wide range of responses from multiple players, big and small, across industries. The fact that RIL has also announced a multi-billion-dollar stake sale deal with the world’s largest and lowest cost-per-barrel producer of crude oil, Saudi Aramco, would help ensure energy security as the country transitions to a less-fossil-fuel strategy.

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *