{"id":187184,"date":"2022-05-30T20:38:24","date_gmt":"2022-05-30T15:08:24","guid":{"rendered":"https:\/\/blog.forumias.com\/?p=187184"},"modified":"2022-05-30T20:38:24","modified_gmt":"2022-05-30T15:08:24","slug":"cyber-safety","status":"publish","type":"post","link":"https:\/\/forumias.com\/blog\/cyber-safety\/","title":{"rendered":"Cyber safety"},"content":{"rendered":"\n

Context<\/strong>:The recent ransomware attack targeting SpiceJet has put a spotlight on one of India\u2019s biggest cyber-vulnerabilities.<\/span><\/p>\n

Why India needs to strengthen its cybersecurity architecture?<\/h5>\n

Both government services and private sector businesses have moved en masse into the digital space,<\/strong> and their efforts have been embraced enthusiastically by India\u2019s 780 million broadband users. <\/span><\/p>\n

This means millions of Indian websites gather sensitive data, with the Unified Payments Interface (UPI) processing close to 5 billion transactions per month. Many of these apps and websites, and the databases at their back-end, are insecure<\/strong>. <\/span><\/p>\n

All are juicy targets because they contain huge amounts of sensitive personal data<\/strong>. <\/span><\/p>\n

Moreover, reports by various global IT security providers confirm that India is a favourite destination for digital bad actors<\/strong>. <\/span><\/p>\n

–<\/strong> It is believed to be the third-largest nation in terms of being the target of attacks<\/strong>. Known victims include Air India, SpiceJet, sundry logistics and shipping services, power utilities, and banking and health care sites. <\/span><\/p>\n

–<\/strong> According to the cybersecurity company Trellis, ransomware attacks targeting India jumped by 70% year-on-year<\/strong> in the fourth quarter (January-March 2022). In a large majority of known cases, human error allowed initial entry and exploitation.<\/span><\/p>\n

How does a ransomware work?<\/h5>\n

Ransomware injects malicious code that encrypts the website and locks the owner out. <\/span><\/p>\n

Then the bad actor demands ransom payment to decrypt and allow the owner access again. <\/span><\/p>\n

During this process, the data available may also be copied, which creates new potential targets.<\/span><\/p>\n

What are the challenges involved?<\/h5>\n

A complicated legal situation<\/strong>: The legal situation is complicated because India doesn\u2019t have a private data protection law, which means redress for the victims may be unavailable. <\/span><\/p>\n

Under-reporting<\/strong>: As, no service provider, government or private, wishes to suffer the loss of credibility that\u2019s involved in being publicly hacked, it means under-reporting.<\/span><\/p>\n

What is the way forward?<\/h5>\n

There are many things organisations may do to make themselves less vulnerable –<\/p>\n

a)<\/strong> Secure data, whether it\u2019s stored on the cloud or on their own servers.<\/p>\n

b)<\/strong> Identify and firewall the sensitive parts of their networks from the customer-facing bits.<\/p>\n

c)<\/strong> Ensure that access to the sensitive parts is controlled by multi-factor authentication<\/strong>.<\/p>\n

d)<\/strong> Ensure that internal communications, and transactions with sensitive information, are end-to-end encrypted<\/strong>.<\/p>\n

e)<\/strong> Actively probe their own networks for possible vulnerabilities<\/strong>.<\/p>\n

f) Build in redundancy<\/strong>, so that if their servers are attacked by ransomware, they can rapidly reload necessary systems and data.<\/p>\n

Above all, the stakeholders in the Indian digital ecosystem need to educate users and employees<\/strong> about cybersecurity. This has to be a cooperative process involving many private and government organizations, and it should be led by the Indian Computer Emergency Response Team.<\/p>\n

Source<\/strong>: This post is based on the article \u201cCyber safety<\/strong>\u201d published in Business Standard<\/strong> on 29th May 22<\/strong>.<\/p>\n","protected":false},"excerpt":{"rendered":"

Context:The recent ransomware attack targeting SpiceJet has put a spotlight on one of India\u2019s biggest cyber-vulnerabilities. Why India needs to strengthen its cybersecurity architecture? Both government services and private sector businesses have moved en masse into the digital space, and their efforts have been embraced enthusiastically by India\u2019s 780 million broadband users. This means millions… Continue reading Cyber safety<\/span><\/a><\/p>\n","protected":false},"author":10328,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"footnotes":""},"categories":[1230,9],"tags":[10503,216],"class_list":["post-187184","post","type-post","status-publish","format-standard","hentry","category-9-pm-daily-articles","category-public","tag-business-standard","tag-gs-paper-3","entry"],"jetpack_featured_media_url":"","views":{"total":0,"cached_at":"","cached_date":1704939161},"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/posts\/187184","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/users\/10328"}],"replies":[{"embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/comments?post=187184"}],"version-history":[{"count":0,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/posts\/187184\/revisions"}],"wp:attachment":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/media?parent=187184"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/categories?post=187184"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/tags?post=187184"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}