Don’t get hacked!

In an era defined by digital connectivity, the need for online safety is more important than ever. The influence of the Internet, coupled with the exponential growth of online threats, demands companies and individuals to protect themselves and their data. From cyberbullying, data breaches to phishing, identity thefts, individuals need to start thinking about how to keep themselves and their data secure online. Customer identity security has become an absolute essential in today’s time and age.

In our rapidly evolving digital world, cyber security is paramount to safeguarding organisations against relentless cyber threats. As such attacks continually outpace security solutions, the need for a proactive approach has never been more pressing. Building a cyber-resilient company not only demands robust security measures but also a workforce educated about cyber security, including understanding the evolving threat landscape and implementing best practices.

Cultivating a culture of cyber awareness is not just vital; it’s essential to protect businesses and preserve the integrity of the digital realm.

Identity theft can have severe and long-lasting consequences for individuals, including financial losses, damage to their credit score, and even legal issues.

Individuals must protect their personal information and be aware of the risks associated with sharing details online. This includes being cautious of phishing scams, using strong and unique passwords, and regularly monitoring their credit reports.

Apart from this, organisations are also responsible for protecting their customers’ information and implementing strong security measures to prevent data breaches. This includes investing in cyber security solutions, regularly training employees on best practices, and conducting regular security audits to identify and address vulnerabilities.

Whether it is personal information, financial data or intellectual property, unauthorised access to such information can lead to identity thefts, financial losses or reputational damage. By implementing proactive security measures, conducting regular risk assessments, and establishing incident response plans, businesses can mitigate the impact of cyber security incidents and maintain the trust of their customers and stakeholders.

In safeguarding intellectual property (IP) assets, cyber security plays a crucial role too. Businesses invest significant time, effort, and resources in developing innovative products, services, and proprietary information. A robust cyber security framework helps protect trade secrets, patents, copyrights and other valuable IP assets from theft or unauthorised use, ensuring the competitiveness and sustainability of businesses.

Incidentally, the education sector has emerged as the most targeted industry for cyber-attacks, accounting for more than 7 lakh detected threats in April-June 2023, according to a study. The substantial number of attacks underscores the increasing vulnerability of educational institutions to cyberattacks, the study said.

The manufacturing industry stood second, reporting 3.29 lakh threats, and was followed closely by professional services with 3.28 lakh threats, the study by malware analysis lab SEQRITE Labs stated.

These numbers indicate that cybercriminals are diversifying their focus, targeting a wide range of sectors with malicious intent, the report highlighted.

In the education sector, the most prevalent threat was identified as W32.Neshta.C8. This malicious software has proven to be a formidable adversary, posing a significant challenge to educational institutions.

The manufacturing sector grappled with PIF.StucksNet. Professional services faced a similar threat landscape with Trojan.KillAv.DR.

The SEQRITE’s Threat Report also highlighted other notable sectors under attack. Government entities faced 22.6 lakh threats, followed by the automobile industry with 144.4 thousand threats, and hospitality and healthcare with 13.7 lakh threats. The BFSI sector, IT/ITES, power and energy, and strategic and public enterprises also reported significant numbers of detected threats.

Meanwhile, another report by Internet safety company Happinetz stated that about 88 per cent of parents surveyed fear early access to inappropriate content on the internet for children.

On the other hand, 55 per cent of 1,500 parents surveyed across 30 cities in India frequently hear about incidents related to unsafe Internet involving children, reflecting that it does not discriminate when it comes to adult content.

Compliance with industry-specific regulations and data protection laws is essential. Failure to meet regulatory requirements can result in legal consequences, financial penalties, and reputational damage.

Cyber security is crucial for protecting critical infrastructure, including power grids, transportation systems, healthcare networks, and government services. A cyberattack on such infrastructure can have severe consequences, impacting public safety and causing widespread disruption. Robust measures, including network segmentation, intrusion detection systems, and incident response protocols are essential to defend against potential threats and ensure the resilience of critical systems.

Remember Edward Snowden — the man who revealed secret documents detailing a massive US government spying programme?

The movie (Snowden) lays bare National Security Agency surveillance programmes that show little regard for citizen privacy, and the duplicitous statements the NSA makes about its activities.

The movie’s narrative tells the story of Snowden himself (fictionalised and dramatised somewhat), including his military training, his medical discharge and his work in the intelligence community. It provides a new vehicle for the layperson to learn about how the government uses modern communications technology.

The movie doesn’t take a nuanced view of why intelligence agencies do what they do. Nor does it provide sufficient context about the NSA’s practices in relation to those of agencies in other countries. Its portrayal of the technology involved (and of US government efforts to apprehend and prosecute whistleblowers) is, however, mostly accurate.

The film discusses three distinct aspects of the NSA’s efforts: data collection, analysis and the legal basis for surveillance. The movie accurately shows the agency’s systems for collecting bulk data from across the country – through direct connections to the networks of major telephone and internet companies, including AT&T, Verizon, Google, Microsoft and Facebook. The suggestion, though, is that not only are data collected on all citizens, but – misleadingly – that all citizens are being investigated continuously.

The film also depicts the NSA’s XKeyScore system, which can tap into all the data being collected. The information revealed by Snowden includes details on how XKeyScore can analyse the massive data trove, finding connections between people and matching voice patterns, among other abilities.

In the movie, scenes where analysts use XKeyScore, suggest that just by typing very basic data about individuals (such as a name or email address) into an on-screen form, analysts can easily find exactly what they are looking for. However, this is a bit misleading. Data mining is a very challenging problem, especially in a set so large as to contain every communication in the US. Lots of innocent data surround a very small amount of what might be called useful intelligence.

Over the next few months, the Indian government will add more legislation that will likely expand its powers. Digital rights activists and lawyers opine that this amounts to an attempt to reshape the Indian Internet — a move that could have profound consequences beyond India’s borders, forcing changes at Big Tech companies and setting norms and precedents for how the Internet is governed, leave alone the country’s 800 million users.

Meanwhile, in the latest turn of events, threat alerts issued by tech giant Apple to some iPhone users, cautioning them about “state-sponsored attackers attempting to compromise their iPhones remotely”, have stirred up a political storm in the country.

Opposition leaders, including Congress’ Shashi Tharoor, Shiv Sena’s (UBT faction) Priyanka Chaturvedi, AAP’s Raghav Chadha, Sitaram Yechury of Communist Party of India (Marxist), and Trinamool Congress’ Mahua Moitra, said on X (formerly Twitter) that they received the alert from the US-based company and accused the Centre of snooping on them.

In its message, Apple added that malicious attackers could remotely access sensitive data, communications as well as the camera and microphone of the compromised iPhones. However, the message also noted that it is ‘possible’ that this could be a ‘false alarm’ but advised recipients to take the warning seriously.

Following this, the Opposition took jabs at the Centre, using terms such as ‘Snoop Raj’ and ‘Peeping Toms’. Additionally, Moitra said she would write to Lok Sabha Speaker Om Birla, requesting him to summon the officials of the Ministry of Home Affairs (MHA) on this matter. She also urged the Parliament’s Committee of Privileges to address the issue.

Meanwhile, the Centre dismissed the allegations, with BJP leaders saying that the responsibility lies with Apple to provide clarification regarding the alerts. Former IT minister and BJP leader Ravi Shankar Prasad suggested that the Opposition leaders should direct their concerns to Apple and file FIRs in the matter instead of making accusations against the Centre.

As technology has evolved, cell phones have become increasingly embedded in our daily lives. This provides quick access to resources and information, but it can also give other people instant updates on our whereabouts, habits, and activities. Cell phones can be used to track your location and retrieve call and text history. Protecting accounts is the first line of defence to protect your information from cybercriminals.

By investing in cyber security measures, individuals, families and businesses can mitigate risks and avoid costly breaches, implementing measures to continuously monitor the security framework.

Views expressed are personal