Cybercrime evolving faster with AI, says forensic expert Krishna Sastry Pendyala – Hyderabad Mail | #cybercrime | #infosec


Question: Who is the cyber forensic expert featured in the video, and what is his background?

Answer: The expert is Krishna Sastry Pendyala, who has over 30 years of experience in cybercrime, cyber security, and cyber forensics . He worked with the Government of India for 22 years, serving in various departments including the Ministry of Home Affairs, the Intelligence Bureau, and the Directorate of Forensic Science . Over his career, he has handled more than 1500 cybercases and has testified in court as a subject matter expert.

Question: What was the first major case in India where electronic evidence played a crucial role?

Answer: According to Krishna Sastry, the 2001 Indian Parliament attack was the first prominent case in India where electronic evidence was of national importance . The laptop used by the terrorists served as crucial evidence, and its examination was a landmark moment for digital forensics in the country .

Question: How has the nature of forensic evidence evolved since the 1990s?

Answer: In the early 1990s, forensic investigations were primarily paper-based, focusing on handwriting analysis and forgeries of documents like suicide notes or checks . As technology grew, the legal definition of a “document” expanded to include electronic documents . This led to the rise of digital evidence data stored in zeros and ones which includes mobile phones, hard drives, and CCTV footage .

Question: What is the “Chain of Custody,” and why is it critical in cyber forensics?

Answer: The Chain of Custody refers to the chronological documentation of the seizure, custody, control, and analysis of electronic evidence . Because digital evidence is highly fragile and easily tampered with, investigators must document everything from the serial numbers of hard drives to the exact time a device was accessed To prove that evidence has not been altered, experts use Hash Values (digital fingerprints); if even a single character in the data changes, the hash value will no longer match the original

Question: How is Artificial Intelligence (AI) being weaponized by cybercriminals?

Answer: AI is significantly speeding up the rate of cyberattacks and reducing the skill level required to execute them Criminals use AI to create highly personalized phishing emails without spelling errors, making them harder to detect AI is also used to develop Deepfakes—cloning voices and creating fake videos—to deceive people into making fraudulent investments What are “Zero-click” malware attacks? Unlike traditional malware that requires a user to click a link or download a file, zero-click malware can infect a mobile phone without any user interaction This makes it extremely dangerous as victims, including high-ranking officials and scientists, have lost significant money to scams (like the Digital Arrest scam) initiated through these methods

Question: What are the signs that a device might be infected with a “RAT” or used for crypto mining?

Answer: A RAT (Remote Access Trojan) allows a hacker to remotely control a device, often hidden inside seemingly harmless apps like games Signs of such infections or unauthorized crypto mining (where a hacker steals a device’s processing power) include the device becoming unusually hot, the battery draining rapidly, or a sudden increase in electricity bills Modern malware is often designed to “disappear” from the Task Manager if a user tries to inspect running processes.

Question: What protection does the Digital Personal Data Protection (DPDP) Act provide?

Answer: The DPDP Act (expected to be fully implemented by May 2027) mandates that organizations must obtain explicit consent before collecting personal data They must clearly state why the data is being collected and how it will be used Misusing data for purposes other than what was agreed upon (such as a medical shop using a phone number for targeted diabetic ads without permission) can result in penalties up to 250 crore rupees.

Question: What is the “Dark Web,” and what happens there?

Answer: The Dark Web is a hidden part of the internet (making up roughly 96% of web data) that is not indexed by standard search engines and is often accessed via the TOR browser. It serves as a marketplace for illegal activities, including the sale of stolen bank account data, Aadhaar card information, drugs, and weapons, with payments typically made in cryptocurrency to maintain anonymity.

Question: Why are cooperative banks often targeted more frequently than larger banks?

Answer: While both large and cooperative banks offer the same digital channels (mobile banking, ATMs), cooperative banks often lack the financial resources to spend the recommended 8% to 14% of their IT budget on cyber security. This makes them “low-hanging fruit” for hackers compared to larger institutions like SBI or HDFC, which have more robust security frameworks mandated by the RBI.



Click Here For The Original Source.

——————————————————–

..........

.

.

National Cyber Security

FREE
VIEW