Col. Manoj Pal
New Delhi (India): Cyber attack on AIIMS Delhi server is fresh in our minds. The attackers of virtual world hacked the AIIMS Delhi servers through ransomware attack. The damage control was done by the techies and they successfully retrieved and recovered the data from five physical servers under attack. Do we need to read between the lines and more than what is written in newspapers and shown on televisions? The simple reason is that no one wish to be called a fool and so the management of AIIMS and its hierarchical governing body.
Security risks for business and individuals have phenomenally increased in the last few years with the penetration of mobile technology and availability of various platforms from banking, UPI, governmental services, shopping, gaming and name a thing. Every platform obtain data in some or the other forms to allow using the services and later proliferate it with interest groups at a cost. As the Bruce Schneier stated “Data is the pollution problem of the information age, and protecting privacy is the environmental challenge”. However, the smart a guy, is leaving the footprint for hackers to follow and fool.
The advancement and growth of technology specially in IT Sector, telecommunication, data management, banking and finances has been phenomenal and developing by leaps and bounds with every passing day. Spending on digital transformation of everything is increased by India and the world players in the field to tap the growing market. As the rapid growth opens up new opportunities but add element of risk of doing business in the connected world. Thus, it opens the avenues for hackers to exploit resulting in cyber attacks on large data base and a threat of cyber security. Cyber criminals are taking advantage of new and advanced methods to cause considerable damage to organizations reputation and also financial losses.
India’s software engineers and techies have proved to the world about their professional acumen and leading most of the big technology companies of the world. Yet the people of India are not so tech savvy and while using technology, ease of use is prime importance but the security. Due to inadequate knowledge and attached risks of clicking, people individually and working class of companies and organizations indulge in providing data unintentionally which may be prospective cybercrime or cyber fraud. “Phishing is a major problem because there really is no patch for human stupidity” as I quote Mike Danseglio.
India is one of the most vulnerable countries to cyberattacks and that to when there are adversaries all around, geographically like China, Pakistan and their agents within India. There are many who can not digest the progress India made in last two decades. The pandemic has forced almost everyone to go digital; has provided more loopholes to the cyber criminals in already porous cyberspace. India’s Computer Emergency Response Team (CERT-IN) reported that in the first half of 2022, over 674000 cybersecurity incidents occurred in the country. The businesses and companies intend to revamp cybersecurity and increasing the budget in the year 2023 to have robust cybersecurity framework. I quote “Companies spend millions of dollars on firewalls, encryption and secure access devices, and it’s money wasted; none of these measures address the weakest link in the security chain”, Kevin Mitnick.
The experts of cyber security talks about weak links refer to humans. We inadvertently provide data in personal capacity and official as well which leads to cyber attacks incurring data and financial losses to person and organization we work for. Toward the password protection and avoid too luring offers from unknown person or entity, cyber education and strict policy formulation is required. Chris Pirillo had very aptly said “Passwords are like underwear. Don’t let people see it, change it very often, and you shouldn’t share it with strangers”. We need to remind people time and again with aggressive campaigns and educated them about how costly a click may prove to them and their organisation.
