While Yahoo struggles with some of the most devastating breaches, disclosing a compromise of over a billion accounts in a breach that took place in 2013, India is trying to rocket its way to be among the biggest digital economies of the world. Are we ready to be there yet? The Yahoo breach disclosure comes only a couple of months after its previous disclosure of 500 million breached accounts in a separate incident that took place in 2014.
While the internet floods with news of Russia’s involvement in rigging the recent US elections, with the FBI and CIA concluding that Russian hackers indeed hacked American political institutions to tilt the elections in favor of Trump, the demonetization drive in India is pushing more organizations and users to go cashless. And they want to do it at an unfathomable pace. Airtel, Jio and Vodafone are making a lot of noise about 4G where as numerous smart phone companies continue to launch new smart phones one after the other.
While the Mirai (Japanese for “the future”) malware is taking down internet across the globe using insecure IoT devices, the Indian Aviation ministry gets ready to introduce biometric screening at Indian airports. With over a billion Aadhar cards (12-digit unique identification number issued by the Indian government to every individual resident of India) issued so far, the Indian government has not just the personal data like address and phone numbers but finger prints and iris scans of a billion people stored in the national digital registry. Managing that data is one big responsibility.
Soon other units in the government and private sector would want to use this data as well. But are they ready to manage that data securely? Even if the technology is in place, are the processes built and most importantly are the people ready? They have to not only handle this data securely but also watch out for cyber criminals. This might be overwhelming for employees who are new to internet and technology and there is a lot of gearing up that needs to be done.
In today world’s it is said, breaches are inevitable and what separates the best organizations from the rest is their ability to respond in the event of a breach. These are dangerous times and as we make our presence felt in the global digital economy, we will have more eyes watching us, including the bad ones. So, are we ready?
Institutions around the country have beefed up their infrastructure to accept digital payments and the likes of Paytm are promoting digital wallets and online shopping big time. But do users really understand the risks that internet brings along?
Last year, cyber criminals were able to fool ONGC into paying them about 200 crore rupees when they started interacting with them using an “ognc.co.in” email id instead of the expected “ongc.co.in” id. When this simple scam could not be caught by employees of ONGC, imagine how will the millions of Indians fare who are now using Paytm wallets, email and social networking accounts and have smart devices with unlimited 4G(for free!)? Do they even know there are risks of using the internet let alone be cognizant of the risks? A lot, and I mean a lot, of them are being exposed to internet and smart devices for the first time. I hope our government has these (and privacy) issues in mind as well.
The ‘Legion’ group has got the nation’s attention hacking into Twitter accounts of well-known personalities like Rahul Gandhi, Vijay Mallya and Barkha Dutt. They have released a lot of this data online and in an exclusive interview with the ‘Times of India’, they shared email addresses and passwords of 74,000 chartered accountants in the country. If chartered accountants’ accounts were compromised, what chance do the millions of Indians have if it comes to it? These are tough questions and if we want to participate in a Formula 1 race, we better not do it in a bullock cart. These are dangerous times.
Originally written on Linkedin – https://www.linkedin.com/pulse/you-ready-get-hacked-sahil-bansal?trk=prof-post