Energy Companies are Still Vulnerable to Cyber Attack
| Khushhal Kaushik, Global Cyber Security Expert, India - 17 Oct 2019

Writes Khushhal Kaushik, the First Indian Cyber Expert, Who Proved his Mettle at Global Stage

Many energy sector companies are still failing to update their systems. That's why they can't patch their systems for vulnerabilities. That’s why they are still easily vulnerable to that kind of script kiddies hackers,” says Khushhal Kaushik, the first Indian coveted cybersecurity professional featured in the UNESCO’s Annual Magazine.

BY ONKARESHWAR PANDEY

New Delhi, Oct 17, 2019: “Many energy sector companies are still failing to update their systems. That's why they can't patch their systems for vulnerabilities. That’s why they are still easily vulnerable to that kind of script kiddies hackers,” says Khushhal Kaushik, the first Indian coveted cyber security professional with enviable credentials in the global cyber security domain. His authority in cybersecurity domain can be justified by the fact that he is the first Indian Cyber security Expert to be featured by UNESCO’s Annual Magazine.

His knowledge, expertise, and experience have been instrumental in the development of much-needed cybersecurity policies across global conglomerates and governments. He has founded Lisianthus Tech with an aim to help companies in identifying and addressing security loopholes in their IT infrastructure. Recently BRICS CCI has appointed Khushhal as its Cyber Security Advisor. 

The story of Khushhal Kaushik, the exceptional Cyber Expert

Khushhal’s inspirational story is enough to inspire you and urge you to create your own future. He says, “Nobody has a perfect life, but it is important to work in a right direction so that everything will fall in place and you will live the reality of your dreams.” He centered his vision and worked hard on it which opened the door for him to carve his country’s name in the global cybersecurity domain.

From humble upbringing to imprint his name in the UNESCO magazine

Khushhal discovered his love for hacking from the initial days of childhood. The concern in the appropriate subject has honed his skills and sharpened him at a tender age. After finishing his graduation in the field of Information Technology, he made up his mind to explore more about the domain of cybersecurity. His keen interest in the field of cyber security provoked him to stand out from the crowd. After turning down the great offers of the notable company, he founded Lisianthus Tech Private Limited, an IT company that supervises several contracts and projects related to all aspects of web security for the corporate as well as the governmental sector. He proceeded to follow his passion for the technology that has boosted him to craft security-related strategy plans and implement them simultaneously.

Not just the cybersecurity, but also Khushhal is proficient in various business-related areas which involve enhancing business efficiency, regulating the business processes, boosting employer’s efficiency, high performance and many more. Due to his never-ending zest for new things, Khushhal is skilled in network management, business analysis, staffing, forecasting, infrastructure and whatnot. His unparalleled expertise in a diversity of domains supported him to emerge as an excellent entrepreneur and a tremendous Indian citizen.

How Khushhal helped the Indian police force in cybercrime cases?

Khushhal has added a golden feather in his cap by assisting the Delhi Police to resolve a cybercrime case of the Principal Resident Commissioner. The officer reported the instance to the Delhi Police, and he complained that his email was hacked by the intruder who was sending fraudulent emails to the other people. Due to the critical situation, the police officer had to handle it delicately. But before any legal step by the Delhi police officer, Khushhal served the officer to fix up the issue ethically within the span of some hours. The police force was really overwhelmed by the hellacious knowledge possessed by him. His curiosity and expertise in ethical hacking promoted him to gain appreciative letters from the Senior Officer.

Due to the addition in the number of cybercrimes, he presumed that the police officer should be enlightened on the topic of web security and cyber protection which will limit further cybercrimes. So, later, he planned a seminar for the Delhi and Gurugram Police and educated them on cyber security and cyber criminals.

Khushhal’s Achievement is not less than a dream come true

From receiving an award from many Governments for his cyber security achievements and advising in the domain of cyber security to the leaders of various countries is an achievement for Khushhal, who has been imprinting his name not just nationally but also internationally. Khushhal has bagged up infinite awards and achievement in his life and still, he is continually working hard on complex projects to make India free from cybercrime.

His Research paper on cyber security was selected and featured in the famous, UNESCO annual magazine, which made him the first Indian cyber expert to get highlighted in the prestigious magazine.

But, what actually Khushhal wrote in his article in UNESCO’s Magazine?

“According to my research, the initial infection vector involves the use of spam e-mails coming from the cyber criminals. These e-mails include a malicious attachment packet with an exploit for the Microsoft Windows remote code execution vulnerability exists (CVE-2017-0158). This vulnerability was exploited in many different attack campaigns in the past,” said Khushhal Kaushik while talking to Indian Observer Post.

His article describes how cybercriminals have targeted energy sector, why they do this and what technology use.

Here is his full article.

HOW HACKERS TARGET ENERGY SECTOR AND WHY

By Khushhal Kaushik

Cybercriminals have targeted energy sector workers with malicious emails containing spy software that, when opened, leaves the recipients vulnerable to snooping. All this means that companies operating in the energy sector should carefully consider the vulnerabilities of their data and proprietary systems.

Since many companies are using information systems in the energy business, I am figuring out how the cybercriminals are simulated by industrial cyber espionage. Whoever is behind this kind of attack may have a strategic aim or any other interest to hack the energy sector. According to my research, the initial infection vector involves the use of spam e-mails coming from the cybercriminals.

These e-mails include a malicious attachment packet with an exploit for the Microsoft Windows remote code execution vulnerability that exists (CVE-2017-0158). This vulnerability was exploited in many different attack campaigns in the past. When the user opens the malicious e-mail attachment, the exploit code is executed.

If the exploit succeeds, so it drops a malware, into compromised system and hides itself in the well-known file names such Documents and Settings\All Users\ Application further the malware introduces its payload to energy sectors, compromised system and acts as a reconnaissance tool allowing the cybercriminals to gather information about the compromised system or server including compromised server name, system hard disk size, all information about installed software: antivirus software, etc., and all the collected information is then sent to the hackers.

Once the hackers received the system configuration data, including details of any installed antivirus software, they infect the computer with additional backdoor. During this campaign the hackers distribute customized copies of Backdoor and Bots' which are specifically designed for the compromised systems.

The detailed information enables the hackers to make crucial decisions about how to proceed further with the attack. During my research, I have found that the malicious flies were infected from South Korea, China, Pakistan, USA, UK, Russia, Japan, India, Australia, Singapore, and a few attacks could be mentioned.

In 2010 Iran energy grid got compromised with Stuxnet – first digital weapon which was developed by the American and Israeli governments and used to wreak havoc on an Iranian nuclear facility.

Then, in, 2014 Norway, energy, and oil grid system was compromised with cybercriminals launch of a malware attack against 200 companies The attackers used spear-phishing attacks to trick companies’ executives into open malicious attachments.

In 2015, the Ukraine energy grid system was compromised with a malware program known as Black Energy to shut down compromised electricity substations in Ukraine.

Anonymous hacker groups some of which are from Russia, China, South Korea and supposed to be behind the attacks are not seem to be advanced, because they always hack with an old exploit vulnerability and use their attacks to distribute well-known threats that are available on the internet.

Because many energy sector companies are still failing to update their systems that's why they can't patches their systems for vulnerabilities. That’s why they are still easily vulnerable to that kind of script kiddies hackers.

But some hackers are more advanced and distribute denial-of-service (DDoS) attacks, steal sensitive information from corporate systems, disclose sensitive information gathered during the attacks, deface their social media accounts and websites.

The attacks from cyberspace will target companies working in every sector of energy industry which has software based systems to control production of in oil and gas and SAP systems that are widely used to control oil and gas production. And if there are any vulnerability they could be remotely abused by cyber criminals who are able to do everything from shut down plants and damage equipment.

Some of them want to do this for money, others for cyber terrorism or for collecting information for any third party like Wiki leaks and any country government agencies. This is a war without borders. (Reproduced from UNESCO’s magazine with courtesy).

Image - Khushhal Kaushik / UNESCO Magazine Cover

Here is the link to UNESCO’s Magazine in which Khushhal Kaushik’s article was published. http://www.isedc-u.com/en/71-energy-bulletins/3031-23-2017-energy-and-ecology.html

Contact us for:

ALSO READ

A Lodestar To Steer The Economy

By Parakala Prabhakar - https://bit.ly/35AMHNF

Kamini Roy, Her Bethune College, which was called a "Hindu Female School" initially

By Onkareshwar Pandey - https://bit.ly/2B87Wsa

Exclusive Interview with ICCR Regional Director (Kolkata) Gautam De

By Didhiti Ghosh, Bureau Chief (Kolkata), IOP - https://bit.ly/2kAya1J

Dr. Bindeshwar Pathak: India’s Living Legend and Golden Signature

By Onkareshwar Pandey - https://bit.ly/2lEizye

Dr. Kamla Dutt: Who Doesn’t Accept the Pseudo-Classification of Pravasi Sahitya

By Onkareshwar Pandey https://bit.ly/2lI4GyW

Exclusive Interview with Painter and Poet Turned Politician Jogen Chowdhury 

By Didhiti Ghosh - https://bit.ly/2lZFMuR

Achyut Samanta: A Man Who Brought Smiles on Thousands of Faces

By Onkareshwar Pandey - https://bit.ly/2Qhw8Bz

Exclusive Interview: Mahashay Dharampal Gulati, the Masala King, and owner of MDH

By Deepti Angrish - https://bit.ly/348DlIh

UAE Mourns Sad Demise of Veteran Indian, Who Brought Electricity to Dubai 

By Onkareshwar Pandey - https://bit.ly/2kn906L

EXCLUSIVE INTERVIEW WITH SHRI MANOJ K. BHARTI, IFS AND ADDL. SECY. (AD) MEA

Govt Has Given Freedom to States to Interact with the Outside World for Business: Manoj K Bharti

By Onkareshwar Pandey with Dr. Kavita Vikas - https://bit.ly/2LFY4gv

First Indian All-Female FICCI Business Delegation in Israel

Umesh Singh, Special Correspondent, IOP - https://bit.ly/2k9DSHy

Drug Trafficking in West Bengal, Higher than Afghanistan

By Didhiti Ghosh - https://bit.ly/2m5jVCt

With 3 Rear Cameras and Night Mode, iPhone 11 Pro launched

By Dr. Darshani PRIYA - https://bit.ly/2kaJ6CW

Fly 8 Times Faster than Sound, 10 Times Faster than a Current Aircraft

By Onkareshwar Pandey - https://bit.ly/2Zk0rN4

EXCLUSIVE INTERVIEW WITH DRKSREENIVASARAOSECRETARYSAHITYA AKADEMI

Good Multilingual Translators are the Need of the Hour- Dr. K. Sreenivasarao

By Onkareshwar Pandey - https://urlzs.com/5bVR3

On INDIAN OBSERVER POST - https://bit.ly/2B87Wsa

IOP ON FACEBOOKhttps://bit.ly/2SlmpLA

IOP TEAM, BUREAUS & WRITERS - https://bit.ly/2LxOU2I

INDIAN OBSERVER POST (IOP) is a Class, Creative, and Constructive News platform which publishes ONLY exclusive and Special News / Views / Interviews / Research Articles / Analysis / Columns / Features and Opinions on the national and international issues, politics, security, energy, innovation, infrastructure, rural, health, education, women, and entertainment. www.indianobserverpost.com 

(Onkareshwar Pandey is Founder, Editor in Chief & CEO, Indian Observer Post, and former Senior Group Editor- Rashtriya Sahara (Hindi & Urdu) and also former Editor, (News), ANIhttp://bit.ly/2mh7hih)


Browse By Tags



Latest News