Information is gold and it can be robbed and stolen
When
Prime Minister Narendra Modi launched his digital economy initiatives—besides
making payments convenient, your money also became more vulnerable to cyber
attacks. According to KPMG India’s Crime Survey 2015, financial services and
insurance sector was the favourite target for cyber-attacks followed by
pharmaceuticals and chemicals. This is in sync with the fact that 63% financial
assets of the country are in the banking system followed by insurance at 19%,
according to the Financial Stability Board Peer Review Report of India 2016.
The
nature of cyberattacks on digital payment channels ranges from phishing to
merchant fraud, according to the KPMG report Digital Payments-Analysing The
Cyber Landscape, which was released in April. Mint Money has taken you through
some of the cyberattacks that happen. You can read about them here:
bit.ly/2jHhW51. Here is a look at a few more.
Cyber
espionage: This is the act of spying and obtaining unauthorised access to
information related to individuals, companies, militaries and governments, by
using hacking techniques. “Cyber espionage could be done by individuals or
sponsored by rival companies or states. In today’s digital era, information is
gold and when this information is related to vulnerabilities in systems... (it
can) be used to launch massive data breaches,” said Amit Jaju, executive
director, fraud investigation and dispute services, EY India. He added that
while information is protected by cyber security, these defences can be
bypassed by exploiting known vulnerabilities in the hardware or software used
to store and guard this information. These vulnerabilities are often not public
and are known only to the manufacturer of the devices or software. “Recently,
the hacking group ‘The Shadow Brokers’ leaked confidential vulnerabilities and
related exploits that affected millions of computers globally that were not
patched. This exploit was used by the creators of ransomware such as WannaCry
2.0 and PetWrap to wreck havoc across the globe,” said Jaju. Usually these
attacks happen at an organization level and do not target individuals.
Social
engineering: This is also called the science and art of human hacking. It has
become quite popular in recent years, given the growth of social media, email
and other forms of electronic communication. Social engineering simply means a
hacker uses emotional weakness of an individual to get access to passwords. “In
the information security field, this term is widely used to refer an array of
techniques used by criminals who obtain sensitive information, or to convince
targets to perform actions that could compromise their systems. Most cyber
criminals wouldn’t spend much time trying out complex technological hacks when
they know it’s much easier to use social engineering for their purposes,” said
Altaf Halde, managing director, Kaspersky Lab (South Asia). Through access to
social media accounts, hackers can then gain access to other details.
Therefore, never share passwords of your bank account and any social media
account.
Distributed
Denial of Service or DDoS: In case of a DDoS attack, the company that is
attacked will not be able to use its assets—which could be a website or the
network infrastructure. In this attack, a company’s online presence can get
damaged. For instance, if your bank is attacked, you may experience failed
online banking transactions. “This form of attack is also very common today. It
is a growing menace for small and medium businesses. Imagine a small e-commerce
company with a small budget. For hackers it is easy to take down its websites,”
said Saket Modi, chief executive officer and co-founder, Lucideus. And, the
cost of recovery from these attacks is massive.
Source | Mint – Wall street Journal
| 26 July 2017
Regards
Pralhad
Jadhav
Senior Manager @
Knowledge Repository
Khaitan
& Co
Upcoming Lecture | ACTREC - BOSLA Annual lecture series (125th birth anniversary of father of library
science, Padmashree Dr. S. R. Ranganathan) on Saturday, 12th August 2017 at Advanced Centre for Treatment,
Research and Education in Cancer (ACTREC), Kharghar, Navi Mumbai. (Theme | 'MakerSpace')
No comments:
Post a Comment