PCI DSS COMPLIANCE AND WHY IT IS NECESSARY FOR CREDIT CARD INDUSTRY

Introduction

Snapchat's Snap Map redefined location sharing with an ultra-personalised feature that allows users to track where they and their friends are, discover hotspots, and even explore events worldwide. In November 2024, Snapchat introduced a new addition to its Family Center, aiming to bolster teen safety. This update enables parents to request and share live locations with their teens, set alerts for specific locations, and monitor who their child shares their location with.

While designed with keeping safety in mind, such tracking tools raise significant privacy concerns. Misusing these features could expose teens to potential harm, amplifying the debate around safeguarding children’s online privacy. This blog delves into the privacy and safety challenges Snap Map poses under existing data protection laws, highlighting critical gaps and potential risks.

Understanding Snapmap: How It Works and Why It’s Controversial

Snap Map, built on technology from Snap's acquisition of social mapping startup Zenly, revolutionises real-time location sharing by letting users track friends, send messages, and explore the world through an interactive map. With over 350 million active users by Q4 2023, and India leading with 202.51 million Snapchat users, Snap Map has become a global phenomenon.

This opt-in feature allows users to customise their location-sharing settings, offering modes like "Ghost Mode" for privacy, sharing with all friends, or selectively with specific contacts. However, location updates occur only when the app is in use, adding a layer of complexity to privacy management.

While empowering users to connect and share, Snap Map’s location-sharing capabilities raise serious concerns. Unintentional sharing or misuse of this tool could expose users—especially teens—to risks like stalking or predatory behaviour. As Snap Map becomes increasingly popular, ensuring its safe use and addressing its potential for harm remains a critical challenge for users and regulators.

The Policy Vacuum: Protecting Children’s Data Privacy

Given the potential misuse of location-sharing features, evaluating the existing regulatory frameworks for protecting children's geolocation privacy is important. Geolocation features remain under-regulated in many jurisdictions, creating opportunities for misuse, such as stalking or unauthorised surveillance. Presently, multiple international and national jurisdictions are in the process of creating and implementing privacy laws. The most notable examples are the COPPA in the US, GDPR in the EU and the DPDP Act which have made considerable progress in privacy for children and their online safety. COPPA and GDPR prioritise children’s online safety through strict data protections, consent requirements, and limits on profiling. India’s DPDP Act, 2023, prohibits behavioral tracking and targeted ads for children, enhancing privacy. However, it lacks safeguards against geolocation tracking, leaving a critical gap in protecting children from risks posed by location-based features.

Balancing Innovation and Privacy: The Role of Social Media Platforms

Privacy is an essential element that needs to be safeguarded and this is specifically important for children as they are vulnerable to harm they cannot always foresee. Social media companies must uphold their responsibility to create platforms that do not become a breeding ground for offences against children. Some of the challenges that platforms face in implementing a safe online environment are robust parental control and consent mechanisms to ensure parents are informed about their children’s online presence and options to opt out of services that they feel are not safe for their children. Platforms need to maintain a level of privacy that allows users to know what data is collected by the platform, sharing and retention data policies. 

Policy Recommendations: Addressing the Gaps

Some of the recommendations for addressing the gaps in the safety of minors are as follows:

• Enhancing privacy and safety for minors by taking measures such as mandatory geolocation restrictions for underage users.
• Integrating clear consent guidelines for data protection for users. 
• Collaboration between stakeholders such as government, social media platforms, and civil society is necessary to create awareness about location-sharing risks among parents and children. 

Conclusion

Safeguarding privacy, especially of children, with the introduction of real-time geolocation tools like Snap Map, is critical. While these features offer safety benefits, they also present the danger of misuse, potentially harming vulnerable teens. Policymakers must urgently update data protection laws and incorporate child-specific safeguards, particularly around geolocation tracking. Strengthening regulations and enhancing parental controls are essential to protect young users. However, this must be done without stifling technological innovation. A balanced approach is needed, where safety is prioritised, but innovation can still thrive. Through collaboration between governments, social media platforms, and civil society, we can create a digital environment that ensures safety and progress.

References

• https://indianexpress.com/article/technology/tech-news-technology/snapchat-family-center-real-time-location-sharing-travel-notifications-9669270/
• https://economictimes.indiatimes.com/tech/technology/snapchat-unveils-location-sharing-features-to-safeguard-teen-users/articleshow/115297065.cms?from=mdr
• https://www.thehindu.com/sci-tech/technology/snapchat-adds-more-location-safety-features-for-teens/article68871301.ece 
• https://www.moneycontrol.com/technology/snapchat-expands-parental-control-with-location-tracking-to-make-it-easier-for-parents-to-track-their-kids-article-12868336.html ‍
• https://www.statista.com/statistics/545967/snapchat-app-dau/

Disclaimer:

This report is based on extensive research conducted by CyberPeace Research using publicly available information, and advanced analytical techniques. The findings, interpretations, and conclusions presented are based on the data available at the time of study and aim to provide insights into global ransomware trends.

The statistics mentioned in this report are specific to the scope of this research and may vary based on the scope and resources of other third-party studies. Additionally, all data referenced is based on claims made by threat actors and does not imply confirmation of the breach by CyberPeace. CyberPeace includes this detail solely to provide factual transparency and does not condone any unlawful activities. This information is shared only for research purposes and to spread awareness. CyberPeace encourages individuals and organizations to adopt proactive cybersecurity measures to protect against potential threats.

CyberPeace Research does not claim to have identified or attributed specific cyber incidents to any individual, organization, or nation-state beyond the scope of publicly observable activities and available information. All analyses and references are intended for informational and awareness purposes only, without any intention to defame, accuse, or harm any entity.

While every effort has been made to ensure accuracy, CyberPeace Research is not liable for any errors, omissions, subsequent interpretations and any unlawful activities of the findings by third parties. The report is intended to inform and support cybersecurity efforts globally and should be used as a guide to foster proactive measures against cyber threats.

Executive Summary: 

The 2024 ransomware landscape reveals alarming global trends, with 166 Threat Actor Groups leveraging 658 servers/underground resources and mirrors to execute 5,233 claims across 153 countries. Monthly fluctuations in activity indicate strategic, cyclical targeting, with peak periods aligned with vulnerabilities in specific sectors and regions. The United States was the most targeted nation, followed by Canada, the UK, Germany, and other developed countries, with the northwestern hemisphere experiencing the highest concentration of attacks. Business Services and Healthcare bore the brunt of these operations due to their high-value data, alongside targeted industries such as Pharmaceuticals, Mechanical, Metal, Electronics, and Government-related professional firms. Retail, Financial, Technology, and Energy sectors were also significantly impacted.

This research was conducted by CyberPeace Research using a systematic modus operandi, which included advanced OSINT (Open-Source Intelligence) techniques, continuous monitoring of Ransomware Group activities, and data collection from 658 servers and mirrors globally. The team utilized data scraping, pattern analysis, and incident mapping to track trends and identify hotspots of ransomware activity. By integrating real-time data and geographic claims, the research provided a comprehensive view of sectoral and regional impacts, forming the basis for actionable insights.

The findings emphasize the urgent need for proactive Cybersecurity strategies, robust defenses, and global collaboration to counteract the evolving and persistent threats posed by ransomware.

Overview:

This report provides insights into ransomware activities monitored throughout 2024. Data was collected by observing 166 Threat Actor Groups using ransomware technologies across 658 servers/underground resources and mirrors, resulting in 5,233 claims worldwide. The analysis offers a detailed examination of global trends, targeted sectors, and geographical impact.

Top 10 Threat Actor Groups:

The ransomware group ‘ransomhub’ has emerged as the leading threat actor, responsible for 527 incidents worldwide. Following closely are ‘lockbit3’ with 522 incidents and ‘play’ with 351. Other Groups are ‘akira’, ‘hunters’, ‘medusa’, ‘blackbasta’, ‘qilin’, ‘bianlian’, ‘incransom’. These groups usually employ advanced tactics to target critical sectors, highlighting the urgent need for robust cybersecurity measures to mitigate their impact and protect organizations from such threats.

Monthly Ransomware Incidents:

In January 2024, the value began at 284, marking the lowest point on the chart. The trend rose steadily in the subsequent months, reaching its first peak at 557 in May 2024. However, after this peak, the value dropped sharply to 339 in June. A gradual recovery follows, with the value increasing to 446 by August. September sees another decline to 389, but a sharp rise occurs afterward, culminating in the year’s highest point of 645 in November. The year concludes with a slight decline, ending at 498 in December 2024 (till 28th of December).

Top 10 Targeted Countries:

1. The United States consistently topped the list as the primary target probably due to its advanced economic and technological infrastructure.
2. Other heavily targeted nations include Canada, UK, Germany, Italy, France, Brazil, Spain, and India.
3. A total of 153 countries reported ransomware attacks, reflecting the global scale of these cyber threats

Top Affected Sectors:

1. Business Services and Healthcare faced the brunt of ransomware threat due to the sensitive nature of their operations.
2. Specific industries under threats:
   1. Pharmaceutical, Mechanical, Metal, and Electronics industries.
   2. Professional firms within the Government sector.
3. Other sectors:
   1. Retail, Financial, Technology, and Energy sectors were also significant targets.

Geographical Impact:

The continuous and precise OSINT(Open Source Intelligence) work on the platform, performed as a follow-up action to data scraping, allows a complete view of the geography of cyber attacks based on their claims. The northwestern region of the world appears to be the most severely affected by Threat Actor groups. The figure below clearly illustrates the effects of this geographic representation on the map.

Ransomware Threat Trends in India:

In 2024, the research identified 98 ransomware incidents impacting various sectors in India, marking a 55% increase compared to the 63 incidents reported in 2023. This surge highlights a concerning trend, as ransomware groups continue to target India's critical sectors due to its growing digital infrastructure and economic prominence.

Top Threat Actors Group Targeted India:

Among the following threat actors ‘killsec’ is the most frequent threat. ‘lockbit3’  follows as the second most prominent threat, with significant but lower activity than killsec. Other groups, such as ‘ransomhub’, ‘darkvault’, and ‘clop’, show moderate activity levels. Entities like ‘bianlian’, ‘apt73/bashe’, and ‘raworld’ have low frequencies, indicating limited activity. Groups such as ‘aps’ and ‘akira’ have the lowest representation, indicating minimal activity. The chart highlights a clear disparity in activity levels among these threats, emphasizing the need for targeted cybersecurity strategies.

Top Impacted Sectors in India:

The pie chart illustrates the distribution of incidents across various sectors, highlighting that the industrial sector is the most frequently targeted, accounting for 75% of the total incidents. This is followed by the healthcare sector, which represents 12% of the incidents, making it the second most affected. The finance sector accounts for 10% of the incidents, reflecting a moderate level of targeting. In contrast, the government sector experiences the least impact, with only 3% of the incidents, indicating minimal targeting compared to the other sectors. This distribution underscores the critical need for enhanced cybersecurity measures, particularly in the industrial sector, while also addressing vulnerabilities in healthcare, finance, and government domains.

Month Wise Incident Trends in India:

The chart indicates a fluctuating trend with notable peaks in May and October, suggesting potential periods of heightened activity or incidents during these months. The data starts at 5 in January and drops to its lowest point, 2, in February. It then gradually increases to 6 in March and April, followed by a sharp rise to 14 in May. After peaking in May, the metric significantly declines to 4 in June but starts to rise again, reaching 7 in July and 8 in August. September sees a slight dip to 5 before the metric spikes dramatically to its highest value, 24, in October. Following this peak, the count decreases to 10 in November and then drops further to 7 in December.

CyberPeace Advisory:

1. Implement Data Backup and Recovery Plans: Backups are your safety net. Regularly saving copies of your important data ensures you can bounce back quickly if ransomware strikes. Make sure these backups are stored securely—either offline or in a trusted cloud service—to avoid losing valuable information or facing extended downtime.  
2. Enhance Employee Awareness and Training: People often unintentionally open the door to ransomware. By training your team to spot phishing emails, social engineering tricks, and other scams, you empower them to be your first line of defense against attacks.  
3. Adopt Multi-Factor Authentication (MFA): Think of MFA as locking your door and adding a deadbolt. Even if attackers get hold of your password, they’ll still need that second layer of verification to break in. It’s an easy and powerful way to block unauthorized access.  
4. Utilize Advanced Threat Detection Tools: Smart tools can make a world of difference. AI-powered systems and behavior-based monitoring can catch ransomware activity early, giving you a chance to stop it in its tracks before it causes real damage.  
5. Conduct Regular Vulnerability Assessments: You can’t fix what you don’t know is broken. Regularly checking for vulnerabilities in your systems helps you identify weak spots. By addressing these issues proactively, you can stay one step ahead of attackers.

 ‍

Conclusion:

The 2024 ransomware landscape reveals the critical need for proactive cybersecurity strategies. High-value sectors and technologically advanced regions remain the primary targets, emphasizing the importance of robust defenses. As we move into 2025, it is crucial to anticipate the evolution of ransomware tactics and adopt forward-looking measures to address emerging threats. 

Global collaboration, continuous innovation in cybersecurity technologies, and adaptive strategies will be imperative to counteract the persistent and evolving threats posed by ransomware activities. Organizations and governments must prioritize preparedness and resilience, ensuring that lessons learned in 2024 are applied to strengthen defenses and minimize vulnerabilities in the year ahead.

‍

‍

Introduction

The CID of Jharkhand Police has uncovered a network of around 8000 bank accounts engaged in cyber fraud across the state, with a focus on Deoghar district, revealing a surprising 25% concentration of fraudulent accounts. In a recent meeting with bank officials, the CID shared compiled data, with 20% of the identified accounts traced to State Bank of India branches. This revelation, surpassing even Jamtara's cyber fraud reputation, prompts questions about the extent of cybercrime in Jharkhand. Under Director General Anurag Gupta's leadership, the CID has registered 90 cases, apprehended 468 individuals, and seized 1635 SIM cards and 1107 mobile phones through the Prakharna portal to combat cybercrime. 

This shocking revelation by, Jharkhand Police's Criminal Investigation Department (CID) has built a comprehensive database comprising information on about 8000 bank accounts tied to cyber fraud operations in the state. This vital information has aided in the launch of investigations to identify the account holders implicated in these illegal actions. Furthermore, the CID shared this information with bank officials at a meeting on January 12 to speed up the identification process.

Background of the Investigation

The CID shared the collated material with bank officials in a meeting on 12 January 2024 to expedite the identification process. A stunning 2000 of the 8000 bank accounts under investigation are in the Deoghar district alone, with 20 per cent of these accounts connected to various State Bank of India branches. The discovery of 8000 bank accounts related to cybercrime in Jharkhand is shocking and disturbing. Surprisingly, Deoghar district has exceeded even Jamtara, which was famous for cybercrime, accounting for around 25% of the discovered bogus accounts in the state.

As per the information provided by the CID Crime Branch, it has been found that most of the accounts were opened in banks, are currently under investigation and around 2000 have been blocked by the investigating agencies.

Recovery Process

During the investigation, it was found out that most of these accounts were running on rent, the cyber criminals opened them by taking fake phone numbers along with Aadhar cards and identity cards from people in return these people(account holders) will get a fixed amount every month. 

The CID has been unrelenting in its pursuit of cybercriminals. Police have recorded 90 cases and captured 468 people involved in cyber fraud using the Prakharna site. 1635 SIM Cards and 1107 mobile phones were confiscated by police officials during raids in various cities.

The Crime Branch has revealed the names of the cities where accounts are opened

1. Deoghar 2500
2. Dhanbad 1183
3. Ranchi 959
4. Bokaro 716
5. Giridih 707
6. Jamshedpur 584
7. Hazaribagh 526
8. Dumka 475
9. Jamtara 443

Impact on the Financial Institutions and Individuals

These cyber scams significantly influence financial organisations and individuals; let us investigate the implications.

• Victims: Cybercrime victims have significant financial setbacks, which can lead to long-term financial insecurity. In addition, people frequently suffer mental pain as a result of the breach of personal information, which causes worry, fear, and a lack of faith in the digital financial system. One of the most difficult problems for victims is the recovery process, which includes retrieving lost cash and repairing the harm caused by the cyberattack. Individuals will find this approach time-consuming and difficult, in a lot of cases people are unaware of where and when to approach and seek help. Hence, awareness about cybercrimes and a reporting mechanism are necessary to guide victims through the recovery process, aiding them in retrieving lost assets and repairing the harm inflicted by cyberattacks.

• Financial Institutions: Financial institutions face direct consequences when they incur significant losses due to cyber financial fraud. Unauthorised account access, fraudulent transactions, and the compromise of client data result in immediate cash losses and costs associated with investigating and mitigating the breach's impact. Such assaults degrade the reputation of financial organisations, undermine trust, erode customer confidence, and result in the loss of potential clients. 

• Future Implications and Solutions: Recently, the CID discovered a sophisticated cyber fraud network in Jharkhand. As a result, it is critical to assess the possible long-term repercussions of such discoveries and propose proactive ways to improve cybersecurity. The CID's findings are expected to increase awareness of the ongoing threat of cyber fraud to both people and organisations. Given the current state of cyber dangers, it is critical to implement rigorous safeguards and impose heavy punishments on cyber offenders. Government organisations and regulatory bodies should also adapt their present cybersecurity strategies to address the problems posed by modern cybercrime.

Solution and Preventive Measures

Several solutions can help combat the growing nature of cybercrime. The first and foremost step is to enhance cybersecurity education at all levels, including:

• Individual Level: To improve cybersecurity for individuals, raising awareness across all age groups is crucial. This can only be done by knowing the potential threats by following the best online practices, following cyber hygiene, and educating people to safeguard themselves against financial frauds such as phishing, smishing etc.
• Multi-Layered Authentication: Encouraging individuals to enable MFA for their online accounts adds an extra layer of security by requiring additional verification beyond passwords. 
• Continuous monitoring and incident Response:  By continuously monitoring their financial transactions and regularly reviewing the online statements and transaction history, ensure that everyday transactions are aligned with your expenditures, and set up the accounts alert for transactions exceeding a specified amount for usual activity.   
• Report Suspicious Activity: If you see any fraudulent transactions or activity, contact your bank or financial institution immediately; they will lead you through investigating and resolving the problem. The victim must supply the necessary paperwork to support your claim.

How to reduce the risks

• Freeze compromised accounts: If you think that some of your accounts have been compromised, call the bank immediately and request that the account be frozen or temporarily suspended, preventing further unauthorised truncations

• Update passwords: Update and change your passwords for all the financial accounts, emails, and online banking accounts regularly, if you suspect any unauthorised access, report it immediately  and always enable MFA that adds an extra layer of protection to your accounts.

Conclusion

The CID's finding of a cyber fraud network in Jharkhand is a stark reminder of the ever-changing nature of cybersecurity threats. Cyber security measures are necessary to prevent such activities and protect individuals and institutions from being targeted against cyber fraud. As the digital ecosystem continues to grow, it is really important to stay vigilant and alert as an individual and society as a whole. We should actively participate in more awareness activities to update and upgrade ourselves.  

References 

• https://avenuemail.in/cid-uncovers-alarming-cyber-fraud-network-8000-bank-accounts-in-jharkhand-involved/
• https://www.the420.in/jharkhand-cid-cyber-fraud-crackdown-8000-bank-accounts-involved/
• https://www.livehindustan.com/jharkhand/story-cyber-fraudsters-in-jharkhand-opened-more-than-8000-bank-accounts-cid-freezes-2000-accounts-investigating-9203292.html

‍