#FactCheck-Deepfake Video Falsely Shows DRDO Chief Claiming ‘Agni-6 Was Washed with Cow Urine’

Introduction

‍

The way we interact, go about our daily lives and manage our financial resources has completely changed in this digital age. Tasks that were earlier done manually (and were extremely time-consuming) now happen in just minutes and seconds. As this convenience expands, so do the risks that come with it. The proliferation of digital technology has opened up a wide arena where we, as users, are getting exposed to a complex environment of emerging cyber threats at every step. This has become especially true for our senior citizens, who face heightened vulnerabilities owing to their age and situational factors. Therefore, getting an understanding of these risks and knowing how to respond to them is no longer optional.

‍

Cybercrime against senior citizens is rising every year. The elderly today are using and depending on smartphones, net banking, UPI (Unified Payments Interface) and social media more than ever. Scammers are preying on this circumstance and perpetrating well-planned cyber attacks on the senior population. A 2024 report from the United States Federal Trade Commission (FTC) that analysed cybercrime data for the year 2023 found that older adults lost more money per incident as opposed to the younger population. 

‍

This blog aims at providing practical and easy-to-follow cyber safety tips for senior citizens and a clear action plan on how to respond if they ever fall victim to a scam.

‍

Safe and Smart Browsing for the Elderly: Essential Cybersecurity Tips

‍

1. Device safety: Cybersecurity can be ensured with one simple rule, which is securing your device first. This is the first line of defence against cybercrime and can go a long way in preventing online attacks and scams. This device security can be established by using screen locks such as setting up a PIN, lock patterns, fingerprints, or even applying the face lock feature on smartphones and tablets. 

‍

The next step is to install a reputable antivirus on your device (such as laptops and desktops) and keep updating it from time to time. Enabling additional security features in your devices, such as ‘automatic updates’, further ensures that the phone’s Operating System (OS) and the Applications (apps) remain up to date. This guarantees that the device’s OS and the apps are fully upgraded to catch and fix any new security threats. Users should also beware of any unauthorised software. Suspicious links or messages that offer free software or updates should be avoided at all costs. 

‍

The Government of India’s 2024 cyber safety booklet also stresses the importance of keeping devices and apps equipped with the latest security patches to prevent exploitation of any known vulnerabilities. 

‍

2. Robust Passwords and 2FA: Weak passwords are one of the easiest entry points for cybercriminals. This is why it is crucial to have strong and robust passwords to keep accounts and devices absolutely secure. It is also important to make sure to avoid using very basic PINs, such as date of birth or predictable ascending digits such as ‘12345’. Also, similar passwords should not be used across various bank, email or social media accounts. While creating a strong password, ideally, one should use a combination of upper case and lower case letters along with mixed digits and special characters. If need be, one can jot down these complex passwords in a separate physical diary to keep a record and refer to it in case of forgetfulness. 

‍

Enabling two-factor authentication adds an extra layer of protection. Whenever and wherever possible, users should enable OTP (one-time password) based verification or app-based authentication codes. In case someone does end up stealing the user’s password, they would still need the second factor to log in.

‍

The Government of India supported the Information Security Education and Awareness (ISEA) initiative, which also provides guidelines that recommend the use of passwords and secure authentication as key cyber safety practices for senior citizens.

‍

3. Handle messages with caution: Most cybercrime instances against senior citizens are initiated with a phone call, an SMS or a WhatsApp message. Personal details such as OTPs, CVV (3-digit number on the back of a debit/credit card), ATM or UPI PIN, full debit/credit card number, net banking ID and password, etc., should never be shared over a call or a chat. Also, people need to be aware of the fact that genuine officials will never make any demands for such details over calls or messages. ISEA has specifically warned about frauds like phishing, where fraudsters call or message their victims pretending to be from banks, courier companies, telecom operators or from the government to trick seniors into revealing their personal details.

‍

A caller might say ‘Your KYC can get blocked, give OTP now’ or ‘Your card will get deactivated, click this link’. Hang up immediately! Do not click any links, do not share any number and do not install any app that they suggest (eg. remote access apps).

‍

4. Banking without worries: Online banking is truly a boon, especially for senior citizens. It eliminates the need to visit the bank in person for every small requirement. But this comfort and ease can serve us well only if we use it with a certain sense of vigilance and responsibility. 

‍

Users are advised to use only official banking apps that are downloaded from Google Play Store or the Apple App Store. It is also prudent to activate SMS or email alerts for all online transactions so that the user receives timely notifications of any withdrawal or transfer. Users should also avoid using public Wi-Fi connections for banking or UPI payments. It is better  to use your own mobile data or a home Wi-Fi with a strong password. This safeguards your financial transactions. India has a system in place called the Citizen Financial Cyber Fraud Reporting and Management System (CFCFRMS) that quickly responds to online financial fraud, especially with regards to UPI and net banking frauds.

‍

5. Think before you share: Beyond online banking and other essential activities on the web, lies the world of social media which has seamlessly woven itself into our daily routines. Therefore, gaining awareness about the safe usage of social media is extremely important. For starters, users should keep the privacy settings of their social media accounts as ‘Private’. They should also be mindful of accepting friend requests from strangers or unknown profiles, even if they claim that they know the user. Users must also avoid ‘oversharing’ on public platforms and social media accounts. It is always best to refrain from posting about personal details on social media such as finances, travel schedules or addresses. If a user receives urgent messages from a close friend or a relative asking for money, then it is better to first call them up directly to verify that the request is genuine. 

‍

The older generation should also be wary of fraudsters who, under false identities, build emotional relationships online and then start demanding money, gifts or even private photos from their victims. 

‍

6. Stay a step ahead: Lastly, senior users can stay a step ahead in this game by familiarising themselves with the typical scams that are targeted towards their age group. This know-how will prepare them to identify scam patterns and early warning signs. Discussing experiences or sharing knowledge with family members or peers can also help seniors bridge the gap between awareness and action.

Fallen for a scam? Don’t panic! Here’s what seniors should do next: An action plan for recovery and protection

‍

We are all human at the end of the day. Anyone can fall for a scam, even the most careful people. The important thing is how to ‘respond’ after getting scammed. As per the 2023 Internet Crime Complaint Center (IC3) Elder Fraud Report, prompt reporting after a scam can improve the chances of either freezing or retrieving the stolen money. If you have fallen for a scam, here is what you should do:

‍

1. Keep calm and disconnect: Though it may feel challenging, but the first instinct that victims should display is to keep their calm and hang up the phone. The victim should then block the number and refrain from responding to any further emails or messages. Any remote access app, screen sharing app or a support tool that were installed at the request of the caller, should be instantly uninstalled.

‍

2. Alert your bank right away: Time is of the essence when it comes to online financial frauds. If a user has been scammed and he is aware of it, then he should immediately call the official customer care number of his bank. It is to be noted here that this number should be verified from the bank’s website or from the user’s credit/debit card. Once the user is connected to the bank’s support staff, he should inform them clearly that he has been a victim of an online fraud. The support staff may guide the user regarding the options that he can undertake. These can be: blocking the cards, freezing the account or an attempt from the bank’s interface to try and stop or recall the recent transaction. 

‍

The Reserve Bank of India (RBI) has laid down certain guidelines on unauthorised electronic banking transactions that encourage quick reporting and provide a steady framework for customer liability. Also, if in case a victim feels that the bank’s response has been unsatisfactory, the complaints can be further escalated to the RBI Ombudsman.

‍

3. Reset online credentials: Once the victim has spoken to the bank and taken all necessary steps in that regard, the next step is to reset the passwords. Passwords for netbanking, UPI apps, email accounts, social media, shopping platforms, etc., should all be changed. The victim can also turn on two factor authentication for all important accounts. Incase some critical information like PAN (Permanent Account Number) or Aadhar or SSN (Social Security Number ) has been shared, the victim should be on the lookout for any identity theft in the form of unknown loans, new cards or credit enquiries. 

‍

4. Notify official cybercrime portals or authorities: The next step is to inform the relevant cybercrime authorities in your region. In India there is a government backed National Cyber Crime Helpline which is a part of the Financial Cyber Fraud Reporting and Management System. The aim of the helpline is to prevent further losses in digital payment frauds. Victims can also file a complaint on the National Cyber Crime Reporting portal. Other than these options, the victim can visit the nearest police station along with copies of their online complaint, bank statements, transaction receipts and ID proofs. 

‍

In the US, such complaints can be lodged with the IC3 which runs a specialised elder fraud program. The IC3 also publishes the annual Elder Fraud Report and lays down latest guidelines and trends regarding cybercrime.

‍

5. Preserve proofs of the scam: The IC3’s 2023 report notes that detailed and prompt reporting by the victim enables law enforcement and financial institutions to deploy ‘Financial Fraud Kill Chain’ procedures that help in tracing or freezing stolen funds. This is why it is very important to preserve the evidence of a cyber scam. Proper documentation can help banks and law enforcement agencies to properly investigate a case. If possible, the victim should save all messages, WhatsApp chats, emails, screenshots and voice recordings. Establishing a clear timeline of the events also helps. Minute details such as: when the first call was received, what was said and when the money exited the victim’s account, significantly help in piecing together the full picture. Victims should also keep a record of all bank statements and transaction alert messages related to the fraudulent activity. 

‍

6. Helping seniors heal: Apart from monetary damage, the emotional impact of a scam should also be acknowledged. Getting scammed can be deeply humiliating for senior citizens, especially at their age where everyday life may already feel quite overwhelming. Also, when it comes to their lifelong savings, the ramifications of becoming a victim of an online financial scam can be quite distressing for seniors. The US Department of Justice’s elder fraud content emphasises on the fact that senior victims need ample emotional support and should not be blamed or shamed for their predicament.

‍

Families and caregivers can guide the elderly victims step by step through the recovery process which includes taking the necessary technical steps, filling out forms and following up with banks or authorities. For large value frauds, repeated targeting or cases that involve identity theft, getting a legal consult for the victim is highly advisable. This kind of support and reassurance can help seniors reduce their anxiety and regain their inner strength.

‍

Secure today, safe tomorrow

‍

The rate of cybercrime against senior citizens isn’t showing any signs of slowing down. Scammers are refining their techniques every day. Therefore, the best long standing defence against cybercrime is to make cyber safety a regular habit. This can be achieved with the support of families, caregivers and communities. Beyond the practical steps, spreading awareness and maintaining an open dialogue is equally important. Senior citizens should feel comfortable asking questions, sharing concerns and continue learning from experiences, be it theirs or of others. Reinforcement of safe online practices should become ingrained at the core of every society. When cybersecurity practices merge with everyday life, seniors gain both protection and confidence. Simple and steady digital safety practices that come with guidance and reassurance empower the seniors to enjoy the benefits of technology without fear.

Simply put, the habits that are adopted today will lay the foundation for a secure and safer digital tomorrow.

‍

References  

• https://bankingjournal.aba.com/2024/11/ftc-older-adults-lost-up-to-61-5b-to-fraud-in-2023/
• https://www.cert-in.org.in/PDF/CSH_Booklet.pdf
• https://infosecawareness.in/concept/cyber-security-tips-for-senior-citizens
• https://cybercrime.gov.in/UploadMedia/instructions_citizenreportingcyberfrauds.pdf
• https://www.ic3.gov/annualreport/reports/2023_ic3elderfraudreport.pdf
• https://www.arklegal.in/post/how-to-report-cyber-crime-in-india
• https://www.pib.gov.in/Pressreleaseshare.aspx?PRID=1814120
• https://cybercrime.gov.in/Webform/crmcondi.aspx
• https://www.justice.gov/archives/stopfraud-archive/elder-fraud-and-financial-exploitation
• https://www.ftc.gov/system/files/ftc_gov/pdf/federal-trade-commission-protecting-older-adults-report_102024.pdf
• https://www.unionbankofindia.bank.in/pdf/cyber-security-customer-awareness-guide-vol-v.pdf
• https://cdnbbsr.s3waas.gov.in/s371e09b16e21f7b6919bbfc43f6a5b2f0/uploads/2024/11/20241111752149945.pdf
• https://www.dsci.in/files/content/documents/2024/CSAM24-Infographic_Cyber-Safety-Essentials-for-Senior-Citizens-v1.pdf

‍

Introduction

Ransomware is one of the serious cyber threats as it causes consequences such as financial losses, data loss, and reputation damage. Recently in 2023, a new ransomware called Akira ransomware emerged or surfaced. It has targeted and affected various enterprises or industries, such as BSFI, Construction, Education, Healthcare, Manufacturing, real estate and consulting, primarily based in the United States. Akira ransomware has targeted industries by exploiting the double-extortion technique by exfiltrating and encrypting sensitive data and imposing the threat on victims to leak or sell the data on the dark web if the ransom is not paid. The Akira ransomware gang has extorted a ransom ranging from $200,000 to millions of dollars.

Uncovering the Akira Ransomware operations and their targets

Akira ransomware gang has gained unauthorised access to computer systems by using sophisticated encryption algorithms to encrypt the Data. When such an encryption process is completed, the affected device or network will not be able to access its files or use its data.

The affected files by Akira ransomware showed the extension named “.akira”, and the file’s icon shows blank white pages. The Akira ransomware has developed a data leak site so as to extort victims.  And it has also used the ransom note named “akira_readme.txt”.

Akira ransomware steeled the corporate data of various organisations, which the Akira ransomware gang used as leverage while threatening the affected organisation with high ransom demands. Akira Ransomware gang threaten the victims to leak their sensitive data or corporate data in the public domain if the demanded ransom amount is not paid. Akira ransomware gang has leaked the data of four organisations and the size ranges from 5.9GB to 259 GB of data leakage.

Akira Ransomware gang communicating with Victims

The Akira ransomware has provided a unique negotiation password to each victim to initiate communication. Where the ransomware gang deployed a chat system for the purpose of negotiation and demanding ransom from the affected organisations. They have deployed a ransom note as akira_readme.txt so as to provide information as to how they have affected the victim’s files or data along with links to the Akira data leak site and negotiation site.

How Akira Ransomware is different from Pegasus Spyware

Pegasus, developed in the year 2011, belongs to one of the most powerful family of spyware. Once it has infected, it can spear your phone and your text messages or emails. It has the ability to turn your phone into a surveillance device, from copying your messages to harvesting your photos and recording calls. In fact, it has the ability to record you through your phone camera or record your conversation by using your microphone, it also has the ability to track your pinpoint location. In contrast, newly Akira ransomware affects encrypting your files and preventing access to your Data and then asking for ransom n the pretext of leaking your data or for decryption.

How to recover from malware attacks

If affected by such type of malware attack, you can use anti-malware tools such as SpyHunter 5 or Malwarebytes to scan your system. These are the security software which can scan your system and remove suspicious malware files and entries. If you are unable to perform the scan or antivirus in normal mode due to malware in your system, you can use it in Safe Mode. And try to find a relevant decryptor which can help you to recover your files. Do not fall into a ransomware gang’s trap because there is no guarantee that they will help you to recover or will not leak your data after paying the ransom amount.

Best practices to be safe from such ransomware attacks

Conclusion

The Akira ransomware operation poses serious threats to various organisations worldwide. There is a high need to employ robust cybersecurity measures to safeguard networks and sensitive data. Organisations must ensure to keep their software system updated and backed up to a secure network on a regular basis. Paying the ransom is illegal mean instead you should report the incident to law enforcement agencies and can consult with cybersecurity professionals for the recovery method.

Introduction

‍

Cyberwarfare has evolved into one of the most decisive instruments of statecraft and conflict. The increasing digitisation of critical infrastructure like power grids, water systems, transportation systems, healthcare networks, and energy sources has made these systems new targets in the war of algorithms. Military logic is evolving to paralyse the nation’s critical infrastructure to keep its resources engaged in repairing them and thereby break the nation’s ability to deter and counter attacks, all without firing a single bullet. 

‍

From Ransomware to an Invisible Sabotage: The changing nature of warfare

‍

The operational technology (OT) landscape has become the epicentre of cyber operations, all around the world. Once, which was insulated, related to industrial systems that controlled turbines, pipelines, or dams, they now stand connected to the Internet through supervisory control and data acquisition (SCADA) and the Internet of Things. These connections have also become gateways for attackers, besides enhancing the efficiency of the infrastructural lifelines of the nation.   

Groups like Volt Typhoon, Sandworm, Laurionite, and Cyberavengers have transformed the art of digital infiltration into a strategic shift. Volt Typhoon, which is linked to China, has used “living-off-the-land” techniques to exploit the legitimate administrative tools to remain invisible while scanning the critical infrastructures in the US. Sandworm, which is aligned with Russia’s GRU (Glavnoye Razvedyvatelnoye Upravlenie) or Main Intelligence Directorate (in English), has demonstrated the power of cyber sabotage in real time, as its attacks on Ukraine’s power grids in 2015 and 2021 had left millions in darkness, coinciding with kinetic missile strikes. Meanwhile, the Iranian-affiliated Cyberavengers group, which has weaponised the AI-assisted malware, such as IOCONTROL, that are capable of hijacking water and energy control systems. Each of these systems used in these operations reflects a shift from direct espionage activities to a state of strategic paralysis. 

In comparison to the traditional cybercrime activities that are aimed at stealing data and extortion of money, these campaigns repeatedly target the physical systems, which consist of the machinery that sustains civilian life and military preparedness.  

‍

The Military Logic behind Cyber Targeting: A Web of Vulnerabilities 

‍

A critical infrastructure is a complex ecosystem that covers power generation, transportation, communication, and manufacturing are all interconnected, which means a single compromised node can cascade into a national paralysis. For instance, a breach in the systems of the dam can flood an entire city, a grid shutdown can halt water supply to hospitals, and even affect air traffic. The 2015 Black Energy Malware attack in Ukraine has proved this possibility when three utilities were hacked, plunging thousands of homes into darkness. The Iranian hackers once again gained access to the Bowman Avenue Dam of New York and controlled its floodgates, which gave a chilling demonstration of the destructive reality of digital manipulation. 

‍

The systems remain vulnerable mainly for 3 reasons such as- 

‍

• Legacy Architectures: Many of these industrial systems were designed decades ago with no built-in cybersecurity mechanisms. 
• Slow Patching and Segmentation Gaps: All updates and segmentation between IT and TO networks often lag, providing open entry points for attackers. 
• Converging with IoT: The integration of smart sensors and cloud-based management tools has expanded the attack surface exponentially. 

‍

This interconnected fragility has turned our critical infrastructures into both a weapon and a target or a tool for coercion in modern hybrid warfare. Between 2023 and 2024, over 420 cyberattacks were witnessed in several critical global infrastructures, which averaged to 13 attacks per second, according to a news report. These were not just random acts of digital vandalism; they were deliberate and coordinated operational attempts by state-led actors from China, Russia, and Iran. 

‍

Developing a new Resilience as the new tool of Deterrence 

‍

Cyber deterrence no longer rests on the fear of retaliation, it relies on the need for resilience. Nations that can absorb attacks, maintain continuity, and recover rapidly would be the true superpowers of this digital age. Segmentation, real-time threat detection, and AI-assisted recovery models are vital pillars of this model of resilience. The logic of modern cyberwarfare is clear, which means that the more a nation digitizes, the more it will need to defend itself. 

However, as the line between war and peace blurs, safeguarding critical infrastructure is no longer just an IT priority; rather, it is a national security doctrine. In this silent theatre of cyberwarfare, survival will depend not only on firepower, but on firewalls. 

‍

References

‍

• https://rmcglobal.com/critical-infrastructure-under-siege-the-top-ot-threats-of-2025/
• https://ccdcoe.org/uploads/2018/10/Geers2009_The-Cyber-Threat-to-National-Critical-Infrastructures.pdf
• https://www.researchgate.net/publication/335752979_Cybersecurity_of_Critical_Infrastructure 
• https://arxiv.org/html/2510.04118v1 ‍
• https://www.anapaya.net/blog/top-5-critical-infrastructure-cyberattacks