As new cybersecurity features are being developed, the hackers and cybercriminals are also coming up with newer forms of cyberattacks
Nironjan Roy. Illustration: TBS
Nironjan Roy. Illustration: TBS
Zero-click spyware manufacturing companies
This hacking device is openly available for sale in the technological world although sale is believed to be restricted among the government agencies. Companies in some countries, particularly Israel, Latvia and Estonia produce and sell this zero-click spyware.
According to reports in the US media, NSO Group is a Israeli firm which makes Pegasus and has been involved in ‘zero-click’ hacks since 2017. In a 2019 lawsuit, Meta Platform Inc, previously known as Facebook Inc, had accused NSO Group of using the technique to implant spyware on the devices of many people who used WhatsApp.
NSO disputed Meta’s allegation and has continuously refuted the allegation saying that they sell their technology exclusively to government and law enforcement agencies as technique to track down terrorists and criminals.
Despite its denial, NSO Group was also blacklisted by the US in November for supplying spyware to some governments.
Other reports suggest that there are some other tech companies, including three from Israel, which make and sell zero-click spyware. Arity is another company which sells zero-click spyware and other kinds of exploits among the governments and companies that work with intelligence and law enforcing agencies in India, Ireland, Israel, Italy, Poland, Singapore, Spain, Turkey, The UAE, Ukraine and other countries.
There is one Delaware, USA based company known as Zerodium, which pays for information about vulnerabilities that would allow for zero-click attacks and then sells this information to customers who may use it to implant spyware.
Banks in Bangladesh must be vigilant
These new forms of cyberattacks have poised severe threats in the technological world. This threat has recently intensified following the Russia-Ukraine war. The war has been raging on three fronts: one is arms war, second is financial war and the third is cyberwar.
Armed conflict will directly affect fighting countries, but financial war will directly or indirectly affect many countries. But as recent experience suggests, cyberattacks can also be used to cripple the ability to provide services or worse, steal hundreds of millions of dollars.
So, all tech users, be it individual, government, or commercial, will have to be equally careful to protect themselves from new forms of cyberattacks. Especially, banks will have to remain extra vigilant and must exercise utmost care and tighten cybersecurity measures by putting close monitoring of devices in place.
Although there are no universally recommended preventive measures against DDos and zero-click attacks, some specific strategies may be considered such as installing the latest and most updated standard antivirus software; limiting and restricting the use of devices especially non-essential devices; carrying out frequent monitoring and scanning as well as frequent rebooting of the devices by a centralised IT team.
Disclaimer: The views and opinions expressed in this article are those of the author and do not necessarily reflect the opinions and views of The Business Standard.