Cyber Chaos: BeerBiceps’ YouTube Channels Hacked Amid India’s Rise to Global Cybersecurity Leadership
Ranveer Allahbadia, widely known as BeerBiceps, has recently broken his silence following the hacking of his YouTube channels late Wednesday night at around 11:30 pm. The cyberattack resulted in all of his videos being deleted and replaced with content featuring Elon Musk and Donald Trump. The hackers also renamed one channel to “@Elon.trump.tesla_live2024” and the other to “@Tesla.event.trump_2024.” Both usernames now lead to a “404 not found” page with the message, “This page isn’t available. Sorry about that. Try searching for something else.”
On the other hand, India has reached a significant milestone in its cybersecurity journey by securing a Tier 1 position in the Global Cybersecurity Index (GCI) 2024, released by the International Telecommunication Union (ITU). Achieving an impressive score of 98.49 out of 100, India has joined the league of ‘role-model’ nations, reflecting its robust commitment to global cybersecurity practices and standards. This recognition highlights the country’s proactive approach to fortifying its digital infrastructure and showcases its evolving role as a global leader in cybersecurity.
A key component of India’s cybersecurity strategy has been a strong focus on education and awareness. Targeted campaigns and educational initiatives have been instrumental in promoting secure online behaviour across various sectors, including private industry, public institutions, civil society, and academia.
The inclusion of cybersecurity in primary and secondary education curriculum further emphasises the nation’s dedication to nurturing a digitally aware and prepared citizenry. However, despite these efforts, recent data from the Kaspersky Security Network (KSN) for Q2 2024 indicates that Indian computer users remain vulnerable to a range of cyber threats, particularly those involving web browsers and social engineering. In light of this, Riya Adlakha, Assistant Editor at ObserveNow Media, engaged with cybersecurity experts to delve deeper into these challenges.
The KSN report reveals that from April to June 2024, over 10 million internet-borne cyber threats and more than 14 million local incidents were detected on computers in India. These figures illustrate a stark reality: approximately 20% of computer users in India were targeted by web-borne threats during this period. The data, derived from comprehensive scans by Kaspersky security solutions, shows that 10,612,449 different internet-borne cyber threats were blocked, impacting 19.7% of users. Additionally, local infections, including worms and file viruses, accounted for 14,938,343 local incidents, affecting 19.2% of users. These numbers highlight the significant and pervasive nature of cyber threats facing Indian users.
The National Commission for Women has noted a rise in cyber crime complaints targeting women. In 2023, the Commission received 608 such complaints, representing 2.2 percent of the overall complaints. By August 1st, 2024, 386 complaints had been registered, constituting 2.5 percent of the total complaints.
Among the myriad of cyber threats, file-less malware stands out as one of the most . Unlike traditional malware, file-less malware does not rely on files or objects stored on the disk, making it extremely challenging to detect. Instead, it operates stealthily within the system’s registry or uses WMI (Windows Management Instrumentation) subscriptions for persistence, evading traditional static analysis.
Cybersecurity expert Dr. Yusuf Hashmi in conversation with ObserveNow Media emphasised the gravity of this threat, stating, “File-less malware represents a significant threat as it operates in-memory, making it difficult to detect using traditional antivirus solutions. This type of malware can evade detection by not leaving a footprint on the disk, thus requiring advanced detection techniques like behavioural analysis and memory forensics. As cyber threats evolve, it’s crucial for users and organisations to adopt these sophisticated methods to stay ahead of attackers and protect sensitive data.”
There is a continued prevalence of social engineering attacks in India. 98% of cyberattacks rely on social engineering & an average business organisation faces over 700 social engineering attacks annually. Techniques such as phishing, baiting, and pretexting remain common, exploiting human psychology rather than technical vulnerabilities. With the advent of AI, cybercriminals are increasingly customising and automating these attacks, thereby expanding the threat landscape and posing severe risks to both individuals and organisations.
Basil Dange, CISO, Aditya Birla Sun Life Mutual Fund, emphasised “Users are both the weakest and toughest link within an organisation. Everyone wants the organisation to trust them, but most of the time, we see lags from users in terms of contributing to securing the organisation. All security controls fail if a user is not aware or gets compromised, either willingly or unwillingly. User awareness is becoming more important considering the sophistication of the latest attack patterns and trends. Cybersecurity awareness should be designed in such a way that it combines both personal and organisational benefits, showing how it can help users in their day-to-day lives. For example, in recent attacks using deep fakes, if a user is not validating the source and gets phishing links over SMS/Email, it can lead to credential compromise or even personal data leakage. At the same time, organisations should also implement security controls that are transparent to users and do not add delays to their daily operations.”
In the second quarter of 2024, organisations in India experienced the second-highest weekly attack rate per organisation in the Asia-Pacific (APAC) region, averaging 3,201 attacks per week. Check Point Research reported a 46% year-on-year increase in cyberattacks, significantly higher than the global average increase of 30%.
The cybersecurity landscape’s complexity requires not only technical defences but also a strong governance framework to manage and mitigate risks associated with the implementation of new technologies. Tejveer Bhogal, Head – Governance & PMO, Bennett, Coleman & Co. Ltd., underscored “With the advent of superlative technologies and their perseverance in human evolution, it is prudent to imbibe the conundrum of potential nuances unless safeguarded by a virtuous governance framework encapsulating the enterprise-wide risks associated with implementing such tools in a complex business environment. Additionally, it urges collaboration between various government and corporate establishments to carve out and develop a comprehensive policy that identifies the elements driving the bold and ambitious yet audacious goals of unearthing the uncertainties surrounding the plateau of the cyberspace sphere, as well as highlighting some crucial procedural aspects.”
As the cyber threat landscape continues to evolve, it is imperative for Indian computer users to stay vigilant and proactive. The increasing prevalence of sophisticated threats such as file-less malware and social engineering requires a comprehensive approach to cybersecurity. This approach should integrate robust technological solutions with continuous user education and awareness. The fight against cyber threats is ongoing, and as technology advances, so too does the sophistication of cybercriminals. By remaining informed and adopting a multi-layered approach to security, individuals and organizations can better protect their digital assets and ensure a safer digital future.