India’s Prime Minister Narendra Modi on Thursday inaugurated the fifth edition of the Global Conference on Cyber Space (GCCS) in New Delhi and said the nation should ensure that digital space does not become a playground of dark forces.
“Cyber attacks are a significant threat to the global community. We need to ensure that the vulnerable section of the society does not fall prey to it,” Modi said while addressing at the inaugural session of the fifth edition of the Global Conference on Cyber Space (GCCS).
Among many things, he said the major focus area should be to build cyber warriors who will remain alert for the miscreants. And India has been troubled by this ever since it stepped in the digital world.
As per the information reported to and tracked by Indian Computer Emergency Response Team (CERT-In), a total no. of 44679, 49455, 50362 and 27482 cyber security incidents were observed during the year 2014, 2015, 2016 and 2017.
Cyber security issues in India
According to a KPMG report, almost 74% of the organizations in this country have not done a risk assessment including cyber security in the country. India is one of the most infected countries in the world, with respect to malware, and also unwanted (malicious) software.
In last one year alone, there have been numerous incidents that affected the country’s various organisations.
Data hacked put for sale on Darknet platform– On Sept 30, Cyber security solutions company Seqrite, along with its partner seQtree detected and notified the Indian government about a possible breach of India’s National Internet Registry – IRINN (Indian Registry for Internet Names and Numbers).
The data put up for sale in advertisement on the Darknet forum included many government organisations such as Telecom companies, UIDAI, Defence Research and Development Organisation (DRDO), Reserve Bank of India (RBI), Idea Telecom, Aircel, Bharat Sanchar Nigam Limited (BSNL), Bombay Stock Exchange (BSE), Mastercard/Visa, State Bank of India (SBI), Flipkart, Ernst & Young (E&Y), and Wipro among many others.
Mirai botnet malware: A botnet malware named Mirai took over the Internet targeting home router users and other IoT-based devices. The malware affected 2.5 million IoT devices. CERT—In had also issued an advisory regarding the attack back in October 2016.
WannaCry: Ransomware WannaCry swept the world in May. CERT-In immediately put out an advisory notice. Reports of the ransomware were reported to have hit banks in India, and some businesses in Tamil Nadu and Gujarat as well during the first wave of the attack. Railwaire users were also most affected by the ransomware.
Petya: India was also on the top 10 list of countries to be hit by Petya ransomware attacks, with the country faring worst among other Asia Pacific (APAC) countries, cyber security firm Symantec said in a blog post last month. Globally, India took the 7th spot with less than 20 organisations being affected as per the Symantec’s analysis.
Data breaches: Zomato, a food delivery startup, reported in May that it was affected by a data breach which led to details of 7.7 million users being stolen. The leaked information, listed for sale on a Darknet market.
magicapk– Reliance Jio recently got affected by a data breach. A website called magicapk.com went up last month, allowing anyone to search for personal details of Jio customers.
Cyber security need of time
In the modern world, data travels from one platform to another and it’s important to secure data in all its forms. For e-commerce companies, it’s important not only protect their own data, but it is also imperative to protect the weakest link in the chain, and that is customers.
Data, whether its mine or yours, should only be accessible to those who are authorized to see it. Not otherwise. And there is a lot that needs to be done in this regard.