Advocate (Dr.) Prashant Mali's Blog

How A Student Hacked into Teachers WHATSAPP Account? A teacher from Kerala noticed that her WhatsApp account was logged out soon after an online class. Knowing this, she lodged a complaint with cyberpolice. Police cracked the case and found out that the culprit was her student, studying in high school, who logged into the teacher’s account. The technique used by the student was simple. The teacher was using a screen-share app in her phone during the class . So the students were able to see the screen and also the pop-up notification alerts coming into the phone. The ‘culprit’ student then tried to login WhatsApp with teacher’s number in his phone. And the OTP for verification came as pop-up alert in the teacher’s phone which was visible for all the students. Thus the student easily logged in to the account. The teacher did not have two-step verification on the phone and did not have a password. The account in teacher’s phone got logged out as WhatsApp does not allow simultaneous use on

Strategic Cybersecurity Thinking The ability to come up with effective plans in line with an organization's objectives within a particular cybersecurity situation. Strategic thinking helps cybersecurity managers review policy issues, perform long term planning, set goals and determine priorities, and identify potential risks and opportunities. Clearly, there needs to be a clear strategy as to what needs  to be done with respect to security. Such a strategy should determine the policies and  procedures. However in practice rarely a strategy for security is created. Most emphasis  is placed on policies, implementation of which is generally relegated to the lowest levels.  Rather it is assumed that most people will follow the policy that is created.  A strategic cybersecurity programme does not begin with tools and tactics, but with an articulation of one or more programme goals. Sun Tzu once said in The Art of War: “If you know the enemy and know yourself, you need not fear the resul

A Canadian insurance company infected by ransomware virus paid off the cybercriminals using its cyber insurance policy. Their British reinsurers, having to disburse 109.25 Bitcoins, wanted it back from the blackmailing cybercriminals. After infection, the unnamed Canadian company suffered a total lockdown of all of its systems and asked its reinsurance firm to pay the ransom so it could get back on its feet. Paying off blackmailers holding a company to ransom is never advisable, many a time it is against the local law. Despite a negotiation that made criminals bring down their initial demand of $1.2m to $950k, the decryption tool provided had to be run on each and every affected device on the company's network. It took five days to decrypt 20 servers and "10 business days" to unlock 1,000 desktop computers. Neither company was going to pay out and forget the incident. The English reinsurer hired Chainalysis Inc, a "blockchain investigations firm&q

Cyber Security Questions for Board of Directors. Although Board of directors have added cybersecurity risk to their agendas, there is no standard way for boards to think about cybersecurity, much less time-tested guidelines to help them navigate the issue. For boards, cybersecurity is an issue of enterprise risk. As with all enterprise risks, the key focus is mitigation, not prevention. This universally understood enterprise risk guideline is especially helpful in the context of cybersecurity because  no one can prevent all cyber breaches . Every company is a target, and a sufficiently motivated and well-resourced adversary can and will get into a company’s network. Consequently, terms like “cyber defense” are insufficient descriptors of an effective posture because they evoke the image that corporations can establish an invincible perimeter around their networks to prevent access by bad actors. Today, it’s more accurate to think of the board-level cybersecurity review goa

IoT Malware Types Revealed  The Internet of Things (IoT) is creating a new environment where malware can be used to create powerful botnets.  Recently, IoT devices have been used to create large-scale botnets—networks of devices infected with self-propagating malware—that can execute crippling distributed denial-of-service (DDoS) attacks. IoT devices are particularly susceptible to malware, so protecting these devices and connected hardware is critical to protect systems and networks. Linux.Darlloz The Linux.Darlloz was discovered in late 2013. The worm exploited an old PHP vulnerability (CVE-2012-1823) to access a system, it escalated privileges through default and common credential lists, it propagated through the network, and it established a backdoor on the system. While the original malware only infected computers running Intel x86 chip architectures, other versions were designed to target ARM, PPC, MIPS and MIPSEL chip architectures commonly used in IoT devices

What is SIPRnet? SIPRNet, or  Secret Internet Protocol Router Network , is a global United States military network system used for transmitting classified information, intelligence, targets, and messages at the secret level. SIPRnet support the various system such as the Global command systems and defense messaging system and also some other important planning documents over the secure path. it is based on the some method that are use for ordinary internet access but the main difference is that it has some dedicated path lines that are not seen in other communication systems. These lines are responsible for managing the secure communication with highly authenticated user access.  In other words, SIPRNet is completely parallel Internet, uses the same communications procedures and has been kept separate from the ordinary civilian Internet. Approximately 3 Million people with secret clearances have access to SIPRNet, which includes Pentagon and military officials, Intelligence age

Electronic Evidence/Digital Evidence & Cyber Law with case laws in India                                             By Adv. Prashant Mali [MSc.(Computer Science),LLB, LLM], Cyber Law & Cyber Security Expert. Email : prashant.mali@cyberlawconsulting.com The proliferation of computers and the influence of information technology on society as whole, coupled with the ability to store and amass information in digital form have all necessitated amendments in Indian law, to incorporate the provisions on the appreciation of digital evidence. The Information Technology Act, 2000 and its amendment is based on the United Nations Commission on International Trade Law (UNCITRAL) model Law on Electronic Commerce. The Information Technology (IT) Act 2000, was amended to allow for the admissibility of digital evidence. An amendment to the Indian Evidence Act 1872, the Indian Penal Code 1860 and the Banker's Book Evidence Act 1891 provides the legislative framework for transactions in