Category Archives: Cybernetics
NEW DELHI: Rising at an alarming rate, the number of cyber crimes in the country may double to 3 lakh in 2015 and could pose serious economic and national security challenges, an Assocham-Mahindra SSG study has warned.
The increasing use of smartphones and tablets for online banking and other financial transactions have increased risks.
India has emerged as a favourite among cybercriminals, mostly hackers and other malicious users who use the internet to commit crimes such as identity theft, spamming, phishing and other types of fraud.
As per the study’s findings, total number of cyber crimes registered during 2011, 2012, 2013 and 2014 stood at 13,301, 22,060, 71,780 and 1,49,254 respectively.
“What is causing even more concern is that the origin of these crimes is widely based abroad in countries like China, Pakistan, Bangladesh and Algeria, among others,” Assocham Secretary General DS Rawat said.
Phishing attacks of online banking accounts or cloning of ATM/debit cards are common occurrences. Maximum number of offenders belong to the 18-30 age group, added the report.
With increasing use of information technology (IT) enabled services such as e-governance, online business and electronic transactions, protection of personal and sensitive data have assumed paramount importance.
“The economic growth of any nation and its security whether internal or external and competitiveness depends on how well is its cyberspace secured and protected,” said Rawat.
The attacks have mostly originated from the cyber space of countries including the US, Europe, Brazil, Turkey, China, Pakistan, Bangladesh, Algeria and the UAE, the study revealed.
Smartphone users rarely check for security certificates while downloading apps (games, music and other software) from third party or unsecured sites, the study said, adding that mobile banking apps store data such as PIN and account number, on the phone.
There is a risk that if the phone is hacked or stolen, then the information is compromised, the study said.
It further stated that mobile frauds are an area of concern for companies as 35-40 per cent of financial transactions are done via mobile devices and this number is expected to grow to 55-60 per cent by 2015.
Rising Internet penetration and online banking have made India a favourite among cybercriminals, who target online financial transactions using malicious software (malware). India ranks third after Japan and US in the list of countries most affected by online banking malware during 2014, the study said.
Andhra Pradesh, Karnataka and Maharashtra have seen the highest number of cyber crimes registered under the new IT Act in India. Interestingly, these three states together contribute more than 70 per cent to India’s revenue from IT and IT related industries.
Just how safe is your company data? According to the IBM Cyber Security Intelligence Index, U.S. businesses experienced over 1.5 million monitored cyber attacks in 2013 alone. Sensitive information regarding your internal operations, your customers and your employees is at risk if your organization does not take proper measures to secure its data. Take a look at these eight crucial security reminders for business leaders to keep in mind.
1. Password Character Requirements. There’s a reason why so many web-based consumer services require complex passwords. Unauthorized users are less likely to guess passwords when employees use a blend of phrases, upper and lower case letters, numbers, and punctuation. Work with your IT department to configure the password requirements for your employees.
2. Password rotation. Passwords that go stagnant are a liability for companies. For example, former employees might still be able to gain access to confidential information after they leave the company, if teams use the same outdated group email. Schedule password rotations every few months so that every user must update accounts with new passwords.
3. Session time out. This setting prevents a user’s account from remaining signed into a system after a certain period of time. For example, if a cashier leaves their point of sale terminal, their session should automatically expire after a delay so that no unauthorized users can attempt to operate the point of sale.
4. No outside hardware. No employee should be allowed to use external hardware in the office, such as storage devices or other peripherals, unless cleared by your company’s IT department. External devices can contain spyware or viruses that pose a significant risk to your computers and network. Additionally, this restriction reduces the risk of employees stealing internal data.
5. Installation restrictions. Employees should not be able to install unauthorized software on work computers or mobile devices, since unchecked installations can lead to malware infections. For example, a graphic designer might decide to download a freeware utility to complete a project. While they are well intentioned, this employee might accidentally install a trojan on their work computer.
6. Managed mobile devices. Mobile device management (MDM) software allows you to enroll in-house and BYOD technology in a system that deploys security configuration settings, company data and content over the air. This is an excellent way to enforce remote security restrictions, such as password updates or app restrictions. Once an employee leaves a company, company-related data can be quickly wiped from their device remotely.
7. Backup encryption. Copies of your company data can also be a weak point, if unauthorized users are able to view and edit these files. Work with your IT department to create redundant and encrypted backups of your business-critical data.
8. Remote wipe. Mobile device solutions like Android Device Manager and iCloud allow you to remotely wipe device data if your smartphone or tablet is lost or stolen. This will quell your fears about confidential data leaks, in case you forget your phone at a restaurant. Many of these remote security systems also help you track and lock your devices, so that you can attempt to recover your technology before erasing it.
Anyone from the newest intern to C-level executives can become a target of digital crime. Train your employees to observe data security best practices. Taking proactive measures will help your business stay ahead of threats.