One billion Android devices at risk of hacking: Report

New Delhi, Jul 18: India's national cybersecurity agency CERT-in, has warned people of credit card skimming spreading across the world through e-commerce platforms.

Attackers are typically targeting e-commerce sites because of their wide presence, popularity and the environment LAMP (Linux, Apache, MySQL, and PHP), the Computer Emergency Response Team (CERT-In) said in a notice on Thursday.

Recently, attackers targeted sites which were hosted on Microsoft's IIS server running with the ASP.NET web application framework, it said.

Some of the sites affected by the attack were found to be running ASP.NET version 4.0.30319, which is no longer officially supported by Microsoft and may contain multiple vulnerabilities, CERT-In said.

The notice also included a list of best practices for website developers including the use of the latest version of ASP.NET web framework, IIS web server and database server.

The advisory is based on research by Malwarebytes which found that this skimming campaign likely began sometime in April this year.

Credit card skimming has become a popular activity for cybercriminals over the past few years, and the increase in online shopping during the pandemic means additional business for them, too, Malwarebytes said in a blog post, adding that attackers do not need to limit themselves to the most popular e-commerce platforms.

Researchers from global cybersecurity and anti-virus brand Kaspersky had warned in December last year that more cybercriminal groups will target online payment processing systems in 2020. 

It said that over the past couple of years, so-called JS-skimming (the method of stealing of payment card data from online stores), has gained immense popularity among attackers. 

Kaspersky researchers in their report said they are currently aware of at least 10 different actors involved in these type of attacks.

Their number will continue to grow during the next year, the report said, adding that the most dangerous attacks will be on companies that provide services such as e-commerce as-a-service, which will lead to the compromise of thousands of companies.

In an unprecedented crisis despite Prime Minister Narendra Modi assuring the continuation of essential services like food and groceries, online marketplaces like Flipkart and Amazon along with delivery platforms like Bigbasket, Grofers and FreshToHomes hit a major blockade on Wednesday as local authorities shut warehouses and sent delivery boys back, even harassed them.

Millions of people across cities were left helpless at homes as essential items like fruits and vegetables, dairy and milk, meat and fish etc did not reach their doors despite placing orders well in advance. Later, the orders went dry.

While Grofers' warehouse in Faridabad was closed by the local law enforcement agencies, Bigbasket complained that the police stopped its delivery partners and "some of them were even beaten up by for no fault of theirs".

"We are not operational due to restrictions imposed by local authorities on movement of goods in spite of clear guidelines provided by central authorities to enable essential services. We are working with the authorities to be back soon,' Bigbasket tweeted.

In a statement to IANS, Bigbasket said that it will help to have better coordination between the Centre and state, and between the state and local police to "ensure that our delivery vans and bikes don't get stopped by the police. Bigbasket and bb daily are not taking new orders".

Furious people stormed the social media platforms, writing their plight to NITI Aayog CEO Amitabh Kant on Twitter.

"Sir, all e-commerce are down. Believe me I tried everything (Grofers, Bigbasket, Flipkart, Amazon, Big Bazaar), no delivery till 31st March or Server Down or No Service. Need to think how we can enable them through digital India," tweeted one user.

Kant tweeted back to Bigbasket: "They should give me specifics - State & location. I will act on it by getting in touch with concerned authorities & sorting it out. Govt guidelines exempt them. We will ensure that citizens are not impacted".

Kant also responded to Grofers: "Cold storages & Warehouses as well as delivery of all essentials goods including food, pharma thru E-Commerce are exempted under MHA order. I have spoken to CS & DGP, Haryana . They have taken immediate action to ensure that supply chains efficiently function for the citizens".

The subscription-based hyperlocal delivery startup FreshToHome sent messages to its customers, saying that despite the government declaring food delivery as essential, "we are facing hardships in continuing our operations".

"Please bear with us as we are working hard to unblock local authority hurdles," said the FreshToHome team.

Reports later surfaced that the Department for Promotion of Industry and Internal Trade (DPIIT) has initiated talks with the state Chief Secretaries asking them not to restrict movement of people engaged in home delivery of essential items, mentioned in the list of exempted items circulated by the Home Ministry.

Meanwhile, Flipkart said it has temporarily suspended its operations and services - including grocery items. The marketplace has decided to halt all orders from March 25 for all three supply chains -- groceries, non-large goods and large items.

"Flipkart has temporarily suspended orders as we assess the possibilities of operating in the lockdown. We are prioritising the safety of our delivery executives and seeking the support of the local governments and police authorities to meet the needs of our customers as they stay home during this lockdown," Rajneesh Kumar, Chief Corporate Affairs Officer, Flipkart, said in a statement.

E-commerce giant Amazon said the company has to "temporarily stop taking orders and disable shipments for lower-priority products.

"For all pending customer orders on lower-priority products, we are reaching out to customers and giving them a choice to cancel their orders, and receive a refund for prepaid items," said the company.

Witnessing a surge in demand, supermarket chain Biz Bazaar entered the fray, with launching doorstep delivery services in major cities like Delhi, Mumbai, Bengaluru and Gurugram.

However, within no time, Big Bazaar was flooded with calls, forcing the company to issue a statement, saying that "In light of the recent announcement, we are receiving an unprecedented number of requests for doorstep delivery. There could be a delay due to the restrictions on movements".

Already battling massive surge in demand, the online delivery platforms faced other issues too, including zero access to several high-rises across the country which have gone under complete lockdown with all entry and exit gates locked.

The Covid-19 pandemic has made an unprecedented impact on the Indian businesses, particularly small and medium enterprises (SMEs) and startups. According to a joint survey by FICCI and Indian Angel Network (IAN), the pandemic has hit the businesses of around 70% startups.

With uncertainty in the business environment and an unexpected shift in priorities of the government as well as corporates, many startups are struggling to survive, it says.

In a nationwide survey on the 'Impact of Covid-19 on Indian Startups' involving 250 startups, 70% participants said their businesses had been impacted by Covid-19 and around 12% had shut operations.

The survey shows only 22% startups have cash reserves to meet the fixed cost expenses over the next 3-6 months, and 68% are reducing operational and administrative expenses.

Around 30% of the companies said they would retrench employees if the lockdown was extended too long. The 43% startups have already started 20-40% salary cuts over April-June.

Over 33% startups said investors had put the investment decision on hold and 10% said the deals had been scrapped. Only 8% startups had received funds as per the deals signed before Covid-19 outbreak, the survey revealed.

The reduced funding has forced startups to put a hold on business development and manufacturing activities, which has resulted in loss of projected orders.

The survey highlights the need of an urgent relief package for startups, including possible purchase orders from the government, tax relief and swifter tax refunds, and immediate fiscal support measures, including grants, soft loans and payroll grants.

Besides 250 startups, 61 incubators and investors also participated in the survey.

While 96% of investors accepted that their investments in startups had been impacted by Covid-19, 92% said their investments in startups would continue to be low over the next six months.

Around 59% investors said they would prefer to work with the existing portfolio firms in the coming months. Only 41% said they would consider new deals.

"A comparison of priority investment sectors before and during Covid-19 shows 35% investors are now looking at investments in healthcare startups, followed by EdTech, AI/Deep Tech, FinTech and Agri," said the survey.

Around 44% incubators surveyed said their day-to-day operations had been considerably hit by Covid-19. Most incubators are now supporting their portfolio firms by providing them virtual platforms to interact with mentors, investors and industries.

Dilip Chenoy, FICCI Secretary General, said, "The startup sector is stressed for survival at the moment. The investment sentiment is also subdued and is expected to remain so in the coming months. Lack of working capital and cash flows may lead to major layoffs over the next 3-6 months."

Indian startups needed an enabling ecosystem and flow of funds to continue operations, the survey said.

Padmaja Ruparel, President, Indian Angel Network & Co-Chair of FICCI Startup Committee, said, "In these uncertain times, as investors, we must play an important role to provide the Indian startups funding, mentoring and hand-holding support to stay afloat and come out at the other end of this crisis."

To that end, IAN recently announced a debt fund to help IAN portfolio companies raise working capital and ensure business continuity by partnering with debt providers.

This must be replicated on a wider scale, so a larger number of startups are provided the capital support to make it during these tough times, Ruparel said.