Security News
Tensions between two of the biggest producers of connected devices are coming to a head, and will be changing the IoT landscape in 2023. In recent months, India and China have faced off over their disputed border in the Himalayas.
In remarks made to Indian outlet The Economic Times, minister of state for electronics and IT Rajeev Chandrasekhar said the government's plan was to "Crack down on enemies of India, state actors, those with vested interests, child sexual abuse, and religious incitement" - but not on general news or comment. Over the weekend, the minister also raised the topic of having Big Tech pay to link to news stories published by India's media.
The social media conglomerate also took steps to disable accounts and block infrastructure operated by spyware vendors, including in China, Russia, Israel, the U.S. and India, that targeted individuals in about 200 countries. A second set of 250 accounts on Facebook and Instagram linked to another Israeli company called QuaDream was found "Engaged in a similar testing activity between their own fake accounts, targeting Android and iOS devices in what we assess to be an attempt to test capabilities to exfiltrate various types of data including messages, images, video and audio files, and geolocation."
India's Telecom Regulatory Authority has announced a fresh crackdown on TXT spam - this time using artificial intelligence, after a previous blockchain-powered effort delivered mixed results. The TRAI's approach to managing spam - or Unsolicited Commercial Communication as it prefers to describe it - saw the regulator create a mandatory register of telemarketers and telecoms service providers, and require them to secure opt-ins from message recipients.
India's Home Ministry has asked state governments to crack down on illegal lending apps it says have led to "Multiple suicides by citizens owing to harassment, blackmail, and harsh recovery methods." A letter sent last week states: "Large numbers of complaints have been reported across India pertaining to illegal digital lending apps that provide short-term loans or micro credits at exorbitant interest rates with processing or hidden charges, especially to vulnerable and low-income people and use the borrower's confidential personal data like contacts, location, photos/videos for blackmail/harassment."
India's minister of state for electronics and information technology, Rajeev Chandrasekhar, has hinted strongly that he will again extend the deadline to comply with sweeping new information security reporting rules that were imposed as an essential national defence mechanism. After the deadline they were required to report many types of infosec incidents - even trivial ones like port scanning and phishing attempts - to India's Computer Emergency Response Team within six hours of detection.
India's Central Bureau of Investigation on Monday disclosed that it has detained a Russian national for allegedly hacking into a software platform used to conduct engineering entrance assessments in the country in 2021. "The said accused was detained by the Bureau of Immigration at Indira Gandhi International Airport, Delhi while arriving in India from Almaty, Kazakhstan," the primary investigating agency said in a press release.
India's government last week released a draft telco law that defines all over-the-top services as telecoms providers and therefore makes them subject to the same regulations imposed on carriers. The draft Indian Telecommunication Bill, 2022 [PDF] defines a telecommunications service as including "Broadcasting services, electronic mail, voice mail, voice, video and data communication services" delivered over fixed or mobile networks.
Akasa Air, India's newest commercial airline, exposed the personal data belonging to its customers that the company blamed on a technical configuration error. The bug was identified on August 7, 2022, the same day the low-cost airline commenced its operations in the country.
The government of India has scrapped the Personal Data Protection Bill it's worked on for three years, and announced it will - eventually - unveil a superior bill. The bill, proposed in 2019, would have enabled the government to gather user data from companies while regulating cross-border data flows.