Hike in incidents of compromising govt, high-profile persons’ social media accounts: CERT-In

NEW DELHI, Jan 28: Recent trends show an increase in incidents where scammers attack and fraudulently take over social media accounts of high-profile persons and government organisations to perpetrate misinformation campaigns and scams, India’s federal cyber security agency said in a latest advisory.
The Indian Computer Emergency Response Team (CERT-In) said the security of such accounts was paramount to protect reputations as it also suggested some measures to check “compromise” of social media accounts, including usage of multi-factor authentication tools.“In today’s inter-connected world, social media plays a pivotal role in shaping public opinion and disseminating information. These platforms have become essential for individuals, governments and enterprises alike, offering a powerful medium for communication and engagement.
“However, the widespread influence of social media also carries significant security risks. The security of social media accounts is paramount to prevent misuse, protect reputations and ensure the dissemination of authentic information,” the advisory, accessed by PTI, said.CERT-In is the national technology arm to combat cyber attacks and guard the Indian internet space.
“Recent trends have shown an increase in incidents where scammers and threat actors take over social media accounts of high-profile personalities, official government accounts and enterprise accounts,” it said.
These compromised accounts are often used for misinformation campaigns, scams and other malicious activities leading to reputation damage, CERT-In said.
The ability of these actors to broadcast misleading or harmful content to large audiences underscores the critical need for robust security measures for social media accounts, it said.Cyber attack on the servers of AIIMS, country’s premier medical institution in Delhi, in 2022; hacking the official X handle of the NDRF, and similar unsuccessful attempts foiled by Indian agencies to attack the Indian Council of Medical Research (ICMR) servers in 2022 and the G-20 website in 2023 are some of the recent cases in example.The Union government had informed Parliament in August last year that as many as 36 websites of ministries and departments under the central and various state governments faced hacking incidents in the first six months of 2023.The CERT-In advisory suggested some best practices that can be deployed to mitigate the risks associated compromise and takeover of such social media accounts.
These measures include having strong password policies, multi-factor authentication, ensuring access control to such accounts, usage of dedicated secure devices and email accounts, avoiding usage of public devices, disabling geo-location permissions and exercising caution while using third-party apps. (PTI)