#FactCheck-Fake Video of Mass Cheating at UPSC Exam Circulates Online

Introduction

‍

The recent cyber-attack on Jaguar Land Rover (JLR), one of the world's best-known car makers, has revealed extensive weaknesses in the interlinked character of international supply chains. The incident highlights the increasing cybersecurity issues of industries going through digital transformation. With its production stopped in several UK factories, supply chain disruptions, and service delays to its customers worldwide, this cyber-attack shows how cyber events can ripple into operation, finance, and reputation risks for large businesses.

The Anatomy of a Breakdown

‍

Jaguar Land Rover, a Tata Motors subsidiary, was forced to disable its IT infrastructure because of a cyber-attack over the weekend. This shut down was already an emergency shut down to mitigate damage and the disruption to business was serious. 

• No Production - The car plants at Halewood (Merseyside) and Solihull (West Midlands) and the engine plant (Wolverhampton) were all completely shut down.
• Sales and Distribution: Car sales were significantly impaired during a high-volume registration period in September, although certain transactions still passed through manual procedures.
• Global Effect: The breakdown did not reach only the UK, dealers and fix experts across the world, including in Australia, suffered with inaccessible parts databases.

JLR called the recovery process "extremely complex" as it involved a controlled recovery of systems and implementing alternative workarounds for offline services. The overall effects include the immediate and massive impact to their suppliers and customers, and has raised larger questions regarding the sustainability of digital ecosystems in the automobile value chain.

‍

The Human Impact: Beyond JLR's Factories

‍

The implications of the cyber-attack have extended beyond the production lines of JLR:

• Independent Garages: Repair centres such as Nyewood Express of West Sussex indicated that they could not use vital parts databases, which brought repair activities to a standstill and left clients waiting indefinitely.
• Global Dealers: Land Rover experts as distant as Tasmania indicated total system crashes, highlighting global dependency on centralized IT systems.
• Customer Frustration: Regular customers in need of urgent repairs were stranded by the inability to order replacement parts from original manufacturers.

This attack is an example of the cascading effect of cyber disruptions among interconnected industries, a single point of failure paralyzing complete ecosystems.

‍

The Culprit: The Hacker Collective

‍

The hack is justifiably claimed by a so-called hacker collective "Scattered Lapsus$ Hunters." The so-called hacking collective says that it consists of young English-speaking hackers and has previously targeted blue-chip brands like Marks & Spencer. While the attackers seem not to have publicly declared whether they exfiltrated sensitive information or deployed ransomware, they went ahead and posted screenshots of internal JLR documents-the kind of documents that probably are not supposed to see the light of day, including troubleshooting guides and system logs-implicating what can only be described as grossly unauthorized access into some of Jaguar Land Rover's core IT systems.

Jaguar Land Rover had gone on record to claim with no apropos proof or evidence that it probably did not see anyone getting into customer data; however, the very occurrence of this attack raises some very serious questions on insider threats, social engineering concepts, and how efficient cybersecurity governance architectures really are.

‍

Cybersecurity Weaknesses and Lessons Learned

‍

The JLR attack depicts some of the common weaknesses associated with large-scale manufacturing organizations:

1. Centralized IT Dependencies: Today's auto firms are based on worldwide IT systems for operations, logistics, and customer care. Compromise can lead to broad outages.
2. Supply Chain Vulnerabilities: Tier-2 and Tier-1 suppliers use OEM systems for placing and tracing components. Interrupting at the OEM level automatically stops their processes.
3. Inadequate Incident Visibility: Several suppliers complained about no clear information from JLR, which increased uncertainty and financial loss.
4. Rise of Youth Hacking Groups: Involvement of youth hacker groups highlight the necessity for active monitoring and community-level cybersecurity awareness initiatives.

‍

Broader Industry Context

‍

With ever-increasing cyber-attacks on the automotive industry, an area currently being rapidly digitalised through connected cars, IoT-based factories, and cloud-based operations, this series of incidents falls within such a context. In 2023, JLR awarded an £800 million contract to Tata Consultancy Services (TCS) for services in support of the company's digital transformation and cybersecurity enhancement. This attack shows that, no matter how much is spent, poorly conceptualised security programs can never stand up to ever-changing cyber threats.

‍

What Can Organizations Do? – Cyberpeace Recommendations

‍

To contain risks and develop a resilience against such events, organizations need to implement a multi-layered approach to cybersecurity:

1. Adopt Zero Trust Architecture - Presume breach as the new normal. Verify each user, device, and application before access is given, even inside the internal network.
2. Enhance Supply Chain Security - Perform targeted assessments on a routine basis to identify risk factors in diminishing suppliers. Include rigorous cybersecurity provisions in the agreements with suppliers, namely disclosure of vulnerabilities and the agreed period for incident response.
3. Durable Backups and Their Restoration - Backward hampers are kept isolated and encrypted to continue operations in case of ransomware incidents or any other occur in system compromise.
4. Periodic Red Team Exercises - Simulate cyber-attacks on IT and OT systems to examine if vulnerabilities exist and evaluate current incident response measures.
5. Employee Training and Insider Threat Monitoring - Social engineering being the forefront of attack vectors, continuous training and behavioural monitoring will have to be done to avoid credential disposal.
6. Public-Private Partnership - Interact with several government agencies and cybersecurity groups for sharing threat intelligence and enforcing best practices complementary to ISO/IEC 27001 and NIST Cybersecurity Framework.

Conclusion

‍

The hacking at Jaguar Land Rover is perhaps one of a thousand reminders that cybersecurity can no longer be seen as a back-office job but rather as an issue of business continuity at the very core of the organization. In the process of digital transformation, the attack surface grows, making the entities targeted by cybercriminals. Operation security demands that cybersecurity be ensured on a proactive basis through resilient supply chains and stakeholders working together. The JLR attack is not an isolated event; it is a warning for the entire automobile sector to maintain security at every level of digitalization.

‍

References

• https://www.bbc.com/news/articles/c1jzl1lw4y1o
• https://www.theguardian.com/business/2025/sep/07/disruption-to-jaguar-land-rover-after-cyber-attack-may-last-until-october
• https://uk.finance.yahoo.com/news/jaguar-factory-workers-told-stay-073458122.html

‍

Introduction

The unprecedented cyber espionage attempt on the Indian Air Force has shocked the military fraternity in the age of the internet where innovation is vital to national security. The attackers have shown a high degree of expertise in their techniques, using a variant of the infamous Go Stealer and current military acquisition pronouncements as a cover to obtain sensitive information belonging to the Indian Air Force. In this recent cyber espionage revelation, the Indian Air Force faces a sophisticated attack leveraging the infamous Go Stealer malware. The timing, coinciding with the Su-30 MKI fighter jets' procurement announcement, raises serious questions about possible national security espionage actions.

A sophisticated attack using the Go Stealer malware exploits defense procurement details, notably the approval of 12 Su-30 MKI fighter jets. Attackers employ a cunningly named ZIP file, "SU-30_Aircraft_Procurement," distributed through an anonymous platform, Oshi, taking advantage of heightened tension surrounding defense procurement.

Advanced Go Stealer Variant:

The malware, coded in Go language, introduces enhancements, including expanded browser targeting and a unique data exfiltration method using Slack, showcasing a higher level of sophistication.

Strategic Targeting of Indian Air Force Professionals:

The attack strategically focuses on extracting login credentials and cookies from specific browsers, revealing the threat actor's intent to gather precise and sensitive information.

Timing Raises Espionage Concerns:

The cyber attack coincides with the Indian Government's Su-30 MKI fighter jets procurement announcement, raising suspicions of targeted attacks or espionage activities.

The Deceitful ZIP ArchiveSU-30 Aircraft Acquisition

The cyberattack materialised as a sequence of painstakingly planned actions. Using the cleverly disguised ZIP file "SU-30_Aircraft_Procurement," the perpetrators took benefit of the authorisation of 12 Su-30 MKI fighter jets by the Indian Defense Ministry in September 2023. Distributed via the anonymous file storage network Oshi, the fraudulent file most certainly made its way around via spam emails or other forms of correspondence.

The Spread of Infection and Go Stealer Payload:

The infiltration procedure progressed through a ZIP file to an ISO file, then to a.lnk file, which finally resulted in the Go Stealer payload being released. This Go Stealer version, written in the programming language Go, adds sophisticated capabilities, such as a wider range of browsing focussed on and a cutting-edge technique for collecting information using the popular chat app Slack.

Superior Characteristics of the Go Stealer Version

Different from its GitHub equivalent, this Go Stealer version exhibits a higher degree of complexity. It creates a log file in the machine owned by the victim when it is executed and makes use of GoLang utilities like GoReSym for in-depth investigation. The malware focuses on cookies and usernames and passwords from web browsers, with a particular emphasis on Edge, Brave, and Google Chrome.

This kind is unique in that it is more sophisticated. Its deployment's cyber enemies have honed its strengths, increasing its potency and detection resistance. Using GoLang tools like GoReSym for comprehensive evaluation demonstrates the threat actors' careful planning and calculated technique.

Go Stealer: Evolution of Threat

The Go Stealer first appeared as a free software project on GitHub and quickly became well-known for its capacity to stealthily obtain private data from consumers who aren't paying attention. Its effectiveness and stealthy design rapidly attracted the attention of cyber attackers looking for a sophisticated tool for clandestine data exfiltration. It was written in the Go programming language.

Several cutting-edge characteristics distinguish the Go Stealer from other conventional data thieves. From the beginning, it showed a strong emphasis on browser focusing on, seeking to obtain passwords and login information from particular websites including Edge, Brave, and Google Chrome.The malware's initial iteration was nurtured on the GitHub database, which has the Go Stealer initial edition. Threat actors have improved and altered the code to serve their evil goals, even if the basic structure is freely accessible.

The Go Stealer version that has been discovered as the cause of the current internet spying by the Indian Air Force is not limited to its GitHub roots. It adds features that make it more dangerous, like a wider range of browsers that may be targeted and a brand-new way to exfiltrate data via Slack, a popular messaging app.

Secret Communications and Information Expulsion

This variation is distinguished by its deliberate usage of the Slack API for secret chats. Slack was chosen because it is widely used in company networks and allows harmful activity to blend in with normal business traffic. The purpose of the function "main_Vulpx" is specifically to upload compromised information to the attacker's Slack route, allowing for covert data theft and communication.

The Time and Strategic Objective

There are worries about targeted assaults or espionage activities due to the precise moment of the cyberattack, which coincides with the Indian government's declaration of its acquisition of Su-30 MKI fighter fighters. The deliberate emphasis on gathering cookies and login passwords from web browsers highlights the threat actor's goal of obtaining accurate and private data from Indian Air Force personnel.

Using Caution: Preventing Possible Cyber Espionage

• Alertness Against Misleading Techniques: Current events highlight the necessity of being on the lookout for files that appear harmless but actually have dangerous intent. The Su-30 Acquisition ZIP file is a stark illustration of how these kinds of data might be included in larger-scale cyberespionage campaigns.
• Potentially Wider Impact: Cybercriminals frequently plan coordinated operations to target not just individuals but potentially many users and government officials. Compromised files increase the likelihood of a serious cyber-attack by opening the door for larger attack vectors.
• Important Position in National Security: Recognize the crucial role people play in the backdrop of national security in the age of digitalisation. Organised assaults carry the risk of jeopardising vital systems and compromising private data.
• Establish Strict Download Guidelines: Implement a strict rule requiring file downloads to only come from reputable and confirmed providers. Be sceptical, particularly when you come across unusual files, and make sure the sender is legitimate before downloading any attachments.
• Literacy among Government Employees: Acknowledge that government employees are prime targets as they have possession of private data. Enable people by providing them with extensive cybersecurity training and awareness that will increase their cognition and fortitude.

Conclusion

Indian Air Force cyber surveillance attack highlights how sophisticated online dangers have become in the digital era. Threat actors' deliberate and focused approach is demonstrated by the deceptive usage of a ZIP archive that is camouflaged and paired with a sophisticated instance of the Go Stealer virus. An additional level of complication is introduced by integrating Slack for covert communication. Increased awareness, strict installation guidelines, and thorough cybersecurity education for government employees are necessary to reduce these threats. In the digital age, protecting national security necessitates ongoing adaptation as well as safeguards toward ever-more potent and cunning cyber threats.

References

• ‍https://www.overtoperator.com/p/indianairforcemalwaretargetpotential
• ‍https://cyberunfolded.in/blog/indian-air-force-targeted-in-sophisticated-cyber-attack-with-su-30-procurement-zip-file#go-stealer-a-closer-look-at-its-malicious-history
• ‍https://thecyberexpress.com/cyberattack-on-the-indian-air-force/https://therecord.media/indian-air-force-infostealing-malware

‍

Introduction

‍

We were all stunned and taken aback when multiple photos of streets in the U.S. surfaced with heavily drugged individuals loosely sitting on the streets, victims of a systematically led drug operation that has recently become a target of the Trump-led “tariff” war, which he terms as a war on drug cartels. The drug is a synthetic opioid, fentanyl, which is highly powerful and addictive. The menace of this drug is found in a country that has Wall Street and the largest and most powerful economy globally. The serious implications of drug abuse are not about a certain economy; instead, it has huge costs to society in general. The estimated cost of substance misuse to society is more than $820 billion each year and is expected to continue rising. 

On June 26, the International Day against Drug Abuse and Illicit Trafficking is observed globally. However, this war is waged daily for millions of people, not on streets or borders, but in bloodstreams, behind locked doors, and inside broken homes. Drug abuse is no longer a health crisis; it is a developmental crisis. The United Nations Office on Drugs and Crime has launched a campaign against this organised crime that says, “Break the Cycle’ attributing to the fact that de-addiction is hard for individuals. 

The Evolving Drug Crisis: From Alleyways to Algorithms

‍

The menace of Drug abuse and illicit trafficking has also taken strides in advancement, and what was once considered a street-side vice has made its way online in a faceless, encrypted, and algorithmically optimised sense. The online drug cartels operate in the shadows and often hide in plain sight, taking advantage of the privacy designed to benefit individuals. With the help of darknet markets, cryptocurrency, and anonymised logistics, the drug trade has transformed into a transnational, tech-enabled industry on a global scale. In an operation led by the U.S. Department of Justice’s Joint Criminal Opiod and Darknet Enforcement (JCODE) and related to Operation RapTor, an LA apartment was only to find an organised business centre that operated as a hub of one of the most prolific methamphetamine and cocaine distributors in the market. Aaron Pinder, Unit Chief of the FBI Hi-Tech Organised Crime Unit, said in his interview, “The darknet vendors that we investigate, they truly operate on a global scale.” On January 11, 2025, during the Regional Conference on “Drug Trafficking and National Security,” it was acknowledged how cryptocurrency, the dark web, online marketplaces, and drones have made drug trafficking a faceless crime. Reportedly, there has been a seven-fold increase in the drugs seized from 2004-14 to 2014-24. 

‍

India’s Response: Bridging Borders, Policing Bytes

‍

India has been historically vulnerable due to its geostrategic placement between the Golden Crescent (Afghanistan-Iran-Pakistan) and Golden Triangle (Myanmar-Laos-Thailand), and confronts a fresh danger from “click-to-consume’ narcotics. Although India has always adopted a highly sensitised approach, it holds an optimistic future outlook for the youth. Last year, to commemorate the occasion of International Day against Drug Abuse and Illicit Trafficking, the Department of Social Justice & Empowerment organised a programme to engage individuals for the cause. The Indian authorities are often seen coming down heavily on the drug peddlers and cartels, and to aid the cause, the Home Minister Amit Shah inaugurated the new office complex of the NCB’s Bhopal zonal unit and extension of the MANAS-2 helpline to all 36 states and UTs. The primary objectives of this step are to evaluate the effectiveness of the Narcotics Coordination Mechanism (NCORD), assess the progress of states in fighting drug trafficking, and share real-time information from the National Narcotics Helpline ‘MANAS’ portal with the Anti-Narcotics Task Force (ANTF) of states and UTs. 

‍

The United Nation’s War on Narcotics: From Treaties to Technology

‍

The United Nations Office on Drugs and Crime (UNODC) is leading the international response. It offers vital data, early warning systems, and technical support to the states fighting the drug problem. The UNODC incorporates cooperation in cross-border intelligence, overseeing the darknet activities, encouraging the treatment and harm reduction, and using anti-money laundering mechanisms to stop financial flows. India has always pledged its support to the UN led activities, and as per reports dated 26th March, 2025, India chaired the prestigious UN-backed Commission on Narcotic Drugs (CND) meeting held in vienna, wherein India highlighted the importance of opioids for medical purposes as well as the nation’s notable advancements in the field. 

‍

Resolution on June 26: From Commemoration to Commitment

‍

Let June 26 be more than a date on the calendar- let it echo as a call to action, a day when awareness transforms into action, and resolve becomes resistance. On this day, CyberPeace resolves the following:

‍

• To treat addicts as victims rather than criminals and to pitch for reforms to provide access to reasonably priced, stigma-free rehabilitation.
• To integrate anti-drug awareness into digital literacy initiatives and school curricula in order to teach frequently and early.
• To demand responsibility and accountability from online marketplaces and delivery services that unwittingly aid traffickers
• To tackle the demand side through employment, mental health services, and social protection, particularly for at-risk youth.

‍

References

• https://www.gatewayfoundation.org/blog/cost-of-drug-addiction/#:~:text=The%20estimated%20cost%20for%20substance,Alcohol%3A%20%24249%20billion 
• https://www.unodc.org/unodc/en/drugs/index-new.html 
• https://www.fbi.gov/news/stories/global-operation-targets-darknet-drug-trafficking 
• https://www.thehindu.com/news/national/dark-web-crypto-drones-emerge-as-challenges-in-fight-against-drug-trafficking-amit-shah/article69088383.ece 
• https://www.pib.gov.in/PressReleaseIframePage.aspx?PRID=2028704 
• https://www.newindianexpress.com/nation/2025/Mar/26/in-a-first-india-chairs-un-forum-on-narcotics-pledges-to-improve-access-to-pain-relief-and-palliative-care 

‍