Cyber Security; Does India Have Any Chance !?
We were expecting the product shipment from DHL to be delivered by 15 of May…. Wannacry hit the world on 12th. With no means of locating the shipment, since the cyber attack hit DHL too… our small business was left at the mercy of a few 20 something rebels… hitting the corporate world the only way they knew how. By hitting their pockets.
In the crossfire got caught were the hundreds of small businesses like ours. We incurred losses worth thousands of rupees and lost important clients because of this unfortunate incident. All this while I was thinking…if a small startup is so hugely affected by a cyber attack…imagine the hordes of money lost by big businesses.
A lot has been written by now about the famous ransomware virus named “WannaCry” which infect a huge part of the international corporate world a fortnight ago. The do’s and don’ts in a situation like that are all well documented on the internet by now. A novice like me has nothing new to add to that. But good for me, I recently won a case competition by IBM (Yeah that happened!!!) and despite not being an expert on cyber security….I have some exceptional insights.
WE AREN’T READY!
Like many cyber attacks, this one also started with phishing, meaning sending out emails claiming to be from a well-known source with links that will carry users to fraudulent sites, where their login details are compromised.. This was the first method used by WannCry hackers to fool companies .
The second thing they did was crypto-encryption….basically stealing the target computer’s password and holding it ransom until paid in bitcoins. These two, very common forms of hacking techniques brought down the entire world. In all the research that I did… therefore I developed one opinion. India is definitely not ready for a sophisticated cyber attack.
“Why?” you ask!!!
Let me break it down for you mate!!
LACK OF CYBER-LITERACY
My mom recently got onto Whatsapp. Since then she constantly tells me about some “Make easy money” offer she saw. And thats 1 out of 1.3 billion people…. a huge chunk of which is getting access to the internet. India has an internet penetration of over 26%…and this number is higher in urban areas. With growing penetration people are getting more and more cyber-literate. There is definitely a bright light there.
LACK OF SERIOUSNESS REGARDING CYBER SECURITY
As a country, we only see those things as a threat that are tangible.
A Nuclear Bomb…Threat,
A Handful of Terrorists….Threat,
A shady teenager stealing money from other people via his computer….. doesn’t sound so dangerous now does it.
Personally a part of me thankful for the Wannacry attack, despite the huge losses it caused. It actually opened the government’s and the public’s eyes about the seriousness of a cyber attack. The extent to which it can slow down the economy. And more than that, made us realize how susceptible we are to a cyber threats
CERT-In is responsible for providing solutions to cyber threats in India. Its the Indian chapter of the international organization CERT (Computer Emergency Response Team). This organization provides a lot of free services like its recent initiative named “Cyber Swatchata Kendra” which removes botnet viruses form your system.
I know of this because I had to present this knowledge before a panel of judges. Else, even I wasn’t aware of existence of such organizations. Just like me, and you and thousands others…people are hardly aware of such threats.
There is another reason for this cyber illiteracy according to me. Companies and governments never share anything with us about these attacks. If a company tells you that their database was hacked…and your credit card information was stolen…would you ever purchase from such a company. Same goes for governments. If you knew you are living amidst an environment of cyber warfare, where digitally so many criminals are active…would you feel safe?
So organizations follow this simple rule, if no problem is being reported… no reason to trash your image in public.
KEEP UPDATING THE RULES!!
The policies of CERT-In haven’t been changes since it was established. In my opinion, the criteria it uses for certifying any organization ” Safe” is useless. If you are not with the current times, in this field atleast, you are already out of the game!
Had it not been for Edward Snowden’s NSA leaks back in 2013, India would not have been even aware of such cyber threats. It was when Snowden disclosed that India was being monitored by NSA, that we got our first ever Cyber Security policy .
Lastly, the main reason for any problem in India is its lack of infrastructure. We are completely lacking when compared to the rest of the world. Last year during a huge storm named “Vardha” in Chennai, a major internet link got damaged.
This slowed the speed of the internet for the entire day. The whole nation was vulnerable on that day. This shows how much we lack in cyber security. When under a budget of $20.000 anyone hack our national grid.
Concluding this, all I can say is that the threat of cyber security is very real and very dangerous. This had bugged companies and government, big and small, all over the world. Until we take this seriously and actually work to eradicate cyber criminals, we can’t stop this epidemic.
It can be done by many ways. So many companies like IBM, Firefly,KPMG…etc provide cyber security services. These can help in increasing digital literacy of their employees. These companies can also work with colleges and young bloods to devise new innovative solutions. Lastly, they can hire ethical hackers and cyber bounty hunters to hunt down these cyber criminals
But most importantly while dealing with cyber criminals is
Cyber criminals are constantly coming up with new and improved ways to hack your and cause trouble. Be as imaginative as possible to keep up with them. Otherwise there is no way that the good guys can win this game!