Newton’s third law holds that every action induces an equal and opposite reaction. Every possibility manifests within itself a counter possibility as death is ever present over life. The Internet has opened up a host of possibilities unheard of and unthought of, yet it contains within itself the germ of its own vulnerability, most notable among them being hacking.
Interestingly, long before the term hacking came to be associated with fraudulent acts like stealing personal and corporate data from computer networks, it was used for fun and constructive learning activities and had nothing to do with computers.
White hat hackers. Black hat hackers.
In common computer palace, we distinguish between two kinds of hackers. The terminology of hacking is shaped by the cliche of a good guy wearing a white cow boy hat. Ethical hackers or white hat hackers break in to the protected computer networks with due permission of the company that has employed them. Their job is to point out the loopholes in the security system to thwart potential hacking in the future. Unethical hackers or the black hat hackers do so with a malicious intent.
The thrust for digitization has boosted business potency and enhanced the accuracy, transparency and convenience in financial transactions but it has also exposed us to a huge risk of our life savings disappearing in the wink of an eye. To deal with the menace of hacking financial organizations, social media sites and important government organizations including the United States headquarters of defense, The Pentagon, invite bug bounty hunters. Bug bounty hunting is a collaboration between white hat hackers and companies who then handsomely reward the ones who identify the chink.
Most Vulnerable Targets
India has a robust cyber law in the form of Information Technology Act, 2000 which criminalizes hacking among other cyber crimes under India Penal Code. But when are laws ever enough to keep people from committing crimes?
According to 2016 NCRB ( National Crime Records Bureau) report, 11,592 cyber crimes were reported out of which a whooping 13.5% are against professional hackers.
The financial sector and government agencies have been the chief targets of hackers, not just in India but the world over.
Evidently money attracts the most number of criminals, trying to con people of their hard earned money. That is why the financial sector has been at the fore-front of the risk of data hacking. However, in the last few years banks have injected huge sums of money to battle cyber hacking. In 2017, in the U.S. the banks have invested over $1.5 billions to mitigate the risk of breach in security. The scenario is rather bleak in India. In 2017, the data of 32 lakh debit cards of half a dozen banks stood compromised which is symptomatic of our unpreparedness to tackle the risk of hacking.
With a large amount of official data being stored online almost all government sites belonging to central and state ministries have been taken to the cleaners in the last few years. This may be rather dangerous in view of India being surrounded by hostile neighbors on the both sides.
Most upsetting of them all, earlier this year the rumors were rife about the hacking of Aadhar data. With the government invested to making Aadhar the sine qua non of India citizens, it is likely to be more susceptible to hacking and misuse in the future as well.
What to expect in 2018?
The predictions for 2018 are far from encouraging. It is predicted that along with the extra layer of comfort in our lives, IoT (Internet of Things) will also added additional risk of hacking. With millions of devices connected to each other, 2018 may put people at fresh risk of financial frauds and identity thefts.
The good news is that as consumers are waking up to the risk of hacking most companies in 2018 are going to opt for RBA (Risk-Based Authentication) and MFA (Multi Factor Authentication) to create layered defense to deal with the menace of hacking.
Takeaways
Cyber space is as fragile as any other operational space. So long as it exists, crooks will continue to meddle with sensitive data and the skirmish between the stakeholders and hackers is likely to be an ongoing one. In order to overcome these attacks, the government ought to act nimbly for which first the governments, banks and companies need to come out of their defensive groove and admit the ramification of cyber security breaches.
Secondly the governments and private companies should take advantage of bug hunters, make them collaborators and not threaten them with legal notices.
Thirdly, the financial institutions and other establishments need to adopt a proactive approach rather than relying on reactive measures in dealing with the future threats.
References-
http://www.infoguardsecurity.com/5-industries-top-hit-list-cyber-criminals-2017/
Authored by Shailesh Thaware, Assistant Professor, Faculty of STEM, Vishwakarma University
