#FactCheck- Viral ‘Modi Massage Video’ Claim False, Features Content Creators

Introduction

Misinformation has been a significant concern in recent times, especially in the online information landscape. This past month, misinformation has been linked to the communal tensions that have flared up in the North Tripura district. While the law enforcement agencies were quick to respond, misinformation about the law and order situation spread rapidly. Shri Amitabh Ranjanon, Tripura’s Director General of Police, issued a public statement on 21st October 2024, Monday, clarifying “The state's law and order situation has improved, and misinformation is being spread about it”. This instance is a classic example of how misinformation can affect the delivery of good governance to citizens or hamper the relationship between the citizenry and the state mechanisms. Such misinformation undermines the efforts of the law enforcement agencies striving to maintain peace, and distorted narratives can colour public opinion about the authorities and create cycles of misplaced distrust. 

DGP's Statement

DGP Amitabh Ranjanon clarified during an event to commemorate Police Commemoration Day, stating that the state has recorded a lesser number of crimes this year compared to the last 10 years. He emphasized that senior police officials promptly respond to any law and order issues and additional forces have been deployed as necessary. Ranjan highlighted the peaceful celebration of Durga Puja as a testament to the effective law enforcement measures in place, demonstrating communal harmony. 

Impact of Misinformation in communal settings

Misinformation in communal settings can cause anxiety, fear, and distrust among community members, leading to conflicts. It undermines public confidence in law enforcement and government institutions. The spread of false information can erode trust in law enforcement and government bodies, hindering their ability to address and solve conflicts. Therefore, precise data and accurate information are essential in every environment to avoid the harm caused by misinformation. 

Preventive Measures Against Misinformation

1. Look for authenticated sources

In a digital landscape filled with information from various sources, it’s essential to differentiate between credible and unreliable content. Authenticated sources are typically reputable organizations and officials. Users must rely on authenticated sources to ensure the information's accuracy and credibility. Users must verify the source, confirm the claims made in the source by comparing them with other credible sources for accuracy, and follow fact-checking practices.

2. Exercise caution on social media information

Social media platforms can rapidly disseminate information, but they can also serve as breeding grounds for misinformation. The ease of sharing content can lead to the spread of unverified claims, rumours, or even outright falsehoods. Therefore, exercising caution when engaging with information on these platforms is crucial. Users must scrutinize headlines and images as well, especially since misleading images can distort the truth with the advent of AI.  One must always read beyond the headline and check the context of the images used and not make split-second decisions and impressions. Users must engage in critical thinking and share informed opinions responsibly, to promote discussions about the validity of shared content.

3. Role of Awareness

Awareness about misinformation is essential for navigating the complexities of modern communication. People can make better decisions and help create a more informed society by being aware of the strategies used to disseminate false information. Users need to become knowledgeable about typical misinformation strategies, hone their cognitive abilities to critically assess internet content, and verify the reliability of sources before they form opinions, make decisions or share ahead.

Final words

By integrating these simple best practices into our daily lives we can cultivate a more informed public, reduce the spread of online misinformation, and enhance critical thinking skills among peers and the larger digital community.

References

1. https://www.theweek.in/wire-updates/national/2024/10/21/cal8-tr-dgp.html
2. https://www.newindianexpress.com/nation/2024/Oct/21/tripura-dgp-says-misinformation-being-spread-about-states-law-and-order-situation
3. https://indianexpress.com/article/north-east-india/tripura/police-inaction-tripura-dgp-amitabh-ranjan-sharp-decline-crime-rate-9632509/
4. https://www.newindianexpress.com/nation/2024/Oct/21/tripura-dgp-says-misinformation-being-spread-about-states-law-and-order-situation

‍

In the tapestry of our modern digital ecosystem, a silent, pervasive conflict simmers beneath the surface, where the quest for cyber resilience seems Sisyphean at times. It is in this interconnected cyber dance that the obscure orchestrator, StripedFly, emerges as the maestro of stealth and disruption, spinning a complex, mostly unseen web of digital discord. StripedFly is not some abstract concept; it represents a continual battle against the invisible forces that threaten the sanctity of our digital domain.

This saga of StripedFly is not a tale of mere coincidence or fleeting concern. It is emblematic of a fundamental struggle that defines the era of interconnected technology—a struggle that is both unyielding and unforgiving in its scope. Over the past half-decade, StripedFly has slithered its way into over a million devices, creating a clandestine symphony of cybersecurity breaches, data theft, and unintentional complicity in its agenda. Let's delve deep into this grand odyssey to unravel the odious intricacies of StripedFly and assess the reverberations felt across our collective pursuit of cyber harmony.

The StripedFly malware represents the epitome of a digital chameleon, a master of cyber camouflage, masquerading as a mundane cryptocurrency miner while quietly plotting the grand symphony of digital bedlam. Its deceptive sophistication has effortlessly skirted around the conventional tripwires laid by our cybersecurity guardians for years. The Russian cybersecurity giant Kaspersky's encounter with StripedFly in 2017 brought this ghostly figure into the spotlight—hitherto, a phantom whistling past the digital graveyard of past threats.

How Does it work 

Distinctive in its composition, StripedFly conceals within its modular framework the potential for vast infiltration—an exploitation toolkit designed to puncture the fortifications of both Linux and Windows systems. In an emboldened maneuver, it utilizes a customized version of the EternalBlue SMBv1 exploit—a technique notoriously linked to the enigmatic Equation Group. Through such nefarious channels, StripedFly not only deploys its malicious code but also tenaciously downloads binary files and executes PowerShell scripts with a sinister adeptness unbeknownst to its victims.

Despite its insidious nature, perhaps its most diabolical trait lies in its array of plugin-like functions. It's capable of exfiltrating sensitive information, erasing its tracks, and uninstalling itself with almost supernatural alacrity, leaving behind a vacuous space where once tangible evidence of its existence resided.

In the intricate chess game of cyber threats, StripedFly plays the long game, prioritizing persistence over temporary havoc. Its tactics are calculated—the meticulous disabling of SMBv1 on compromised hosts, the insidious utilization of pilfered keys to propagate itself across networks via SMB and SSH protocols, and the creation of task scheduler entries on Windows systems or employing various methods to assert its nefarious influence within Linux environments.

The Enigma around the Malware

This dualistic entity couples its espionage with monetary gain, downloading a Monero cryptocurrency miner and utilizing the shadowy veils of DNS over HTTPS (DoH) to camouflage its command and control pool servers. This intricate masquerade serves as a cunning, albeit elaborate, smokescreen, lulling security mechanisms into complacency and blind spots.

StripedFly goes above and beyond in its quest to minimize its digital footprint. Not only does it store its components as encrypted data on code repository platforms, deftly dispersed among the likes of Bitbucket, GitHub, and GitLab, but it also harbors a bespoke, efficient TOR client to communicate with its cloistered C2 server out of sight and reach in the labyrinthine depths of the TOR network.

One might speculate on the genesis of this advanced persistent threat—its nuanced approach to invasion, its parallels to EternalBlue, and the artistic flare that permeates its coding style suggest a sophisticated architect. Indeed, the suggestion of an APT actor at the helm of StripedFly invites a cascade of questions concerning the ultimate objectives of such a refined, enduring campaign.

How to deal with it 

To those who stand guard in our ever-shifting cyber landscape, the narrative of StripedFly is a clarion call. StObjective reminders of the trench warfare we engage in to preserve the oasis of digital peace within a desert of relentless threats. The StripedFly chronicle stands as a persistent, looming testament to the necessity for heeding the sirens of vigilance and precaution in cyber practice.

Reaffirmation is essential in our quest to demystify the shadows cast by StripedFly, as it punctuates the critical mission to nurture a more impregnable digital habitat. Awareness and dedication propel us forward—the acquisition of knowledge regarding emerging threats, the diligent updating and patching of our systems, and the fortification of robust, multilayered defenses are keystones in our architecture of cyber defense. Together, in concert and collaboration, we stand a better chance of shielding our digital frontier from the dim recesses where threats like StripedFly lurk, patiently awaiting their moment to strike.

References:

https://thehackernews.com/2023/11/stripedfly-malware-operated-unnoticed.html?m=1

‍

Introduction

On September 27, 2024, the Indian government took a significant step toward enhancing national security by amending business allocation rules through an extraordinary gazette notification. This amendment, which assigns specific roles to different Union Ministries and Departments regarding telecom network security, cybersecurity, and cybercrime, aims to clarify and streamline efforts in these critical areas. With India's evolving cybersecurity landscape, the need for a structured regulatory framework is pressing, as threats grow in complexity. Recent developments, such as the July 2024 global cyber outage and increasing cyber crimes like SMS scams, highlight the urgency of such reforms. Under Article 77 clause (3), the President amended the Government of India (Allocation of Business) Rules, 1961, to designate clearer responsibilities, reinforcing India's readiness to tackle emerging digital threats.

Key Highlights of the Gazette Notification

• Telecom Networks Security: A new entry ‘1A’ matters relating to the security of telecom networks" has been added under the Department of Telecommunications, highlighting an increased focus on securing the nation's telecom infrastructure.
• Cyber Security Responsibilities: Cyber security responsibilities have been added as a new entry under the Ministry of Electronics and Information Technology (MeitY), "5B. This assigns responsibility to MeitY for cybersecurity issues, concerning the Information Technology Act of 2000, giving the ministry the mandate to support other ministries or departments regarding cybersecurity matters.
• Oversight for Cyber Crime: Under the Ministry of Home Affairs, Department of Internal Security, a new entry "36A Matters relating to Cyber Crime" is introduced. This emphasises that the MHA will handle cybercrime issues, highlighting the government's attention toward enhancing internal security against cyber threats.
• Cyber Security Strategic Coordination: Any matter related to the "overall coordination and strategic direction for Cyber Security," has been given to the National Security Council Secretariat (NSCS). This consolidates the role of the NSCS in guiding cybersecurity strategies at the national level.

Impact on Policy and Governance 

The amendments introduced through the notification are poised to significantly enhance the Indian government's cybersecurity framework by clarifying the roles of various ministries. The clear separation of responsibilities, telecom network security to the Department of Telecommunications, cybercrime to the Ministry of Home Affairs, and overall cyber strategy to the National Security Council Secretariat could seen as better coordination between ministries. This clarity is expected to reduce bureaucratic delays, allowing for quicker response times in addressing cyber threats, cybercrimes, and telecom vulnerabilities. Such efficient handling is crucial, especially in the evolving landscape of digital threats. These changes have been largely welcomed as it recognises the potential for improved regulatory oversight and faster policy implementation and a step forward in bolstering India’s cyber resilience. 

Conclusion 

The Government of India (Allocation of Business) Rules, 1961 amendments mark a critical step in strengthening India's cybersecurity framework. By setting out specific responsibilities for telecom network security, cybercrime, and overall cybersecurity strategy among key ministries, the government seeks to improve coordination and reduce bureaucratic delays. This policy shift is poised to enhance India’s digital resilience, providing a foundation for rapid responses to emerging cyber threats. However, success hinges on effective implementation, resource allocation, and collaboration across ministries. Addressing concerns like potential jurisdictional overlap and ensuring the inclusion of bodies like NCIIPC will be pivotal to ensuring comprehensive cyber protection. The complexity of cyber crimes and threats is evolving every day and the government's ability and preparedness to handle them with regulatory insight is a high priority.

References

• https://egazette.gov.in/(S(4r5oclueuwrjypfvr5b4vtzg))/ViewPDF.aspx 
• https://www.ptinews.com/story/national/govt-specifies-roles-on-matters-related-to-security-of-telecom-network-cyber-security-and-cyber-crime/1856627
• https://www.thehindubusinessline.com/economy/centre-to-further-streamline-mechanism-to-deal-with-cyber-security-cyber-crime/article68694330.ece
• https://telecom.economictimes.indiatimes.com/news/policy/govt-specifies-roles-on-matters-related-to-security-of-telecom-network-cyber-security-and-cyber-crime/113754501 

‍