By: By Tarun Wig, Co Founder, Innefu Labs
IT and ICT has been entered in almost every socioeconomic activity and people become more dependent on the web and internet applications for their communication and other routine activities. The internet was invented for the growth of businesses and development of the society, but some are using it for cheating, forgery, blackmailing and other crimes, for them internet is the easiest medium to make innocents their soft-prey.
High connectivity and the increasing trend of online transactions have multiplied the risks to manifolds. The number of cyber crimes in India is increasing at an alarming rate. Presently, the number of registered cyber crimes in India is around 149,254 and expected to reach up to 300,000 by 2015 end. The cases include data theft, hacking, cyber extortion, phishing attacks of online bank accounts or cloning of debit cards and many such, resulting in monetary and reputation loss.
As per the PWC 2014 Global Economic Crime Survey, the risk of cybercrime had increased
from 39 per cent in 2011 to 48 per cent in 2014, means a 9 percent increase in less than 3 years. Also, 45 per cent of financial services organizations in the country are affected by cybercrime frauds. The Mumbai police claim that they get at least five cases of cyber crime every month, card fraud also rose by 300 per cent from 2012 to 2013.
Businesses Are The Prime Targets
With the future of urbanization heading towards smart cities, technologies such as Internet of Things (IOT), information and communication technologies (ICT), virtualization, cloud
computing and machine to machine (M2M) are very popular but have potential drawbacks as well. In a recent incidence a highly experienced businessman becomes the victim of cyber fraud when someone allegedly hacked into his Gmail account. The dry fruit trader had asked his foreign associate to transfer the due payment of the consignment to Bank of New York Mellon, a New York-based financial institution that has a tie- up with Karnataka Bank. But, the foreign associate received mails in which businessman requested him to transfer the money in a London-based bank. His Gmail account was hacked, his mails got intercepted and hacker changed the account details. Money got transferred through the foreign associate, but not in the account of the trader.
Challenges Before The Law and Security Agencies
The concept of Digital India and electronic services is flourishing fast in our country. Though the idea is very advanced it requires an effective techno legal framework and strong cyber security measure to be in place. There are many cyber security challenges in our country that needs to be addressed on priority. The country has registered 107% of Common Annual Growth Rate in the last few years. It is not a grave problem for India only, the entire world is experiencing the same problems. Even developed countries like the US and Japan are not free from this smart age problem. The foremost problem is that cyber criminals usually operate from an overseas location and it is very difficult to penalize them, until and unless we sign extradition treaties with majority of UN members. The reality is that they are rarely caught or sued. The ASSOCHAM study has revealed that such attacks have originated from Brazil, Turkey, UAE, Bangladesh, the US and China. This proves that there is a need of strong cyber security measures, in order to curb the growing cyber crimes.
Preventions Using Smart Solutions
A report released by the Online Trust Alliance states that 90 percent of the breaches could be avoided with basic cyber security practices. This implies that better security solutions like stronger passwords, data protection during rest and transit, multi-factor authentication, data loss prevention and many such best practices should be applied right from an individual up to enterprise level.
Hence, people should be very careful while sharing any information on the internet. Multi-Factor Authentication (MFA) with protocol level decoding provide an additional security layer apart from the usual ‘username and password’ authentication, independent of the application and operating system. It can be implemented individually as well as on a large scale.