Telcos increase vigilance as govt warns of phishing attacks using Covid-19 as bait
Airtel said it is monitoring the situation on a real-time basis and has upgraded the security operations centre to a higher threat-level status for the next 5-7 days.
Telecom companies have increased their vigilance of networks and systems following the government's recent warning on large-scale phishing attacks in coming days against individuals and businesses, where attackers may use COVID-19 as bait.
In a security advisory to its business-to-business customers, Airtel said it is monitoring the situation on a real-time basis and has upgraded the security operations centre to a higher threat-level status for the next 5-7 days and promised to send daily dashboards to customers.
Airtel said that due to the COVID-19 pandemic situation, most employees are continuing working from home, and this further increases their vulnerability, particularly to phishing attacks.
"These attacks threaten to not only disrupt critical business operations but also impact your brand's reputation... To defend against this looming combination of threats, organisations need to take the necessary steps to fortify their cyber resilience framework," it said while urging customers to initiate proactive steps to safeguard themselves against possible attacks.
Citing various reports, Airtel warned that cyberattacks can be initiated by exploiting various vectors such as e-mail/ phishing attack, suspicious webpages, internet links, unpatched/ un-updated systems connected on network, identity theft (poor ID management).
It asked enterprises to follow proactive measures, including continuous monitoring of network traffic for all channels, which include e-mail, internet and others, enabling geo-location monitoring for traffic coming from neighbouring countries. "If there is no business reason to receive such traffic, it needs to be blocked," it said also recommending that updated patches be installed on all assets and webpages, which are accessible via the internet.
It has suggested that all employees working from home be advised to update the anti-virus and other software patches, and awareness communication be carried out at regular intervals. When contacted, Vodafone Idea spokesperson said, "VIL's robust and secure network and IT systems are periodically audited and further strengthened to keep our networks protected and customer data secure. Intelligence received from the Government of India is appropriately used to increase vigilance and enhance security."
A Jio source said that the company has raised its vigilance levels and is keeping a close watch on traffic. Last week, India's cybersecurity nodal agency, CERT-In issued an advisory warning of the potential phishing attacks that could impersonate government agencies, departments and trade bodies which have been tasked to oversee disbursement of government fiscal aid.
The attackers are expected to send malicious e-mails under the pretext of local authorities that are in charge of dispensing government-funded COVID-19 support initiatives. "Such e-mails are designed to drive recipients towards fake websites where they are deceived into downloading malicious files or entering personal and financial information," Indian Computer Emergency Response Team (CERT-In) had said in its advisory dated June 19.
The advisory noted that the "malicious actors" are claiming to have two million individual/citizen e-mail IDs and are planning to send e-mail with the subject line 'Free COVID-19 testing for all residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad' in a bid to coax users to disclose personal information. "It has been reported that these malicious actors are planning to spoof or create fake e-mail IDs impersonating various authorities," it had cautioned.
CERT-In, in its advisory, outlined a list of steps for users to protect themselves, including not opening attachments in unsolicited e-mails even if it comes from people in the contact list. It has asked users to encrypt and protect their sensitive document to avoid potential leakage. It also urged people to use anti-virus tools, firewalls and filtering services and asked them to report any unusual activity or attack immediately to CERT-In.