News Fyi ALERT: Security agency warns of serious cyberattack on your WiFi devices, emails

ALERT: Security agency warns of serious cyberattack on your WiFi devices, emails

The attackers can target your Wifi connections take the remote access of it and bypass security to perform cross-site scripting, CERT-in has warned. The threat comes in wake-off ongoing LAC standoff with China on the borders.

ALERT: Security agency warns of serious attack on your WiFi devices, emails Image Source : PIXABAYALERT: Security agency warns of serious attack on your WiFi devices, emails

Issuing a serious online attack warning, CERT-In (India's nodal cybersecurity agency) has reported multiple security vulnerabilities which the foreign hackers are going to use. The attackers can target your Wifi connections take the remote access of it and bypass security to perform cross-site scripting, CERT-in has warned. The government has warned of a major upcoming phishing attack which promises free Covid-19 testing across India.

The threat comes in wake-off ongoing LAC standoff with China on the borders.

China connection: 

Earlier, a sophisticated state-based cyber actor” targeted Australia in an escalating cyber campaign that threatening all levels of government, businesses, essential services and critical infrastructure. 

"This is the actions of a state-based actor with significant capabilities. There aren't too many state-based actors who have those capabilities," Australian Prime Minister Morrison said.

Peter Jennings, executive director of the Australian Strategic Policy Institute think-tank, said only China had the capability and interest in launching such a massive cyber offensive against Australia.

“I’m absolutely certain that China is behind it,” Jennings said.

CERT-In Advisory against major phishing attack:

In an advisory, Cert-IN said, citing a report from independent researchers who said the attack is being planned by North Korea-based cyber criminals.

It stated, "Phishing campaign is expected to impersonate government agencies, departments and trade associations who have been tasked to oversee the disbursement of the government fiscal aid."

It further said, "Spoofed email ID which could be used for the phishing email is expected to be ncov2019@gov.in."

The CERT-In warning advisory added that there would be a phishing email subject line like free Covid-19 testing for all residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad.

"The malicious group claims to have 2 million individual email addresses and the attack campaign is expected to start on June 21," the Indian government stated.

"Such emails are designed to drive recipients towards fake websites where they are deceived into downloading malicious les or entering personal and nancial information," CERT-In said in the latest advisory dated June 19.

"It has been reported that these malicious actors are planning to spoof or create fake email Ids impersonating various authorities," it cautioned.

CERT-In, in its advisory, outlined a list of steps for users to protect themselves, including not opening attachments in unsolicited emails even if it comes from people who are in the contact list.

​Govt issues preventive measures

The government also issued preventive measures where it stated that 'not to open' or 'click' on attachment in un-solicited email, sms or messages through social media. It further directed to exercise caution in opening attachments, even if the sender appears to be known.

"Beware of email addresses, spelling errors in emails, websites and unfamiliar email senders," stated the advisory, warning every citizen not to submit personal financial details on unfamiliar or unknown websites or links.

"Beware of emails, links providing special offers like Covid-19 testing, aid, winning prize, rewards, cashback offers," the government advisory stated.