Daily Post 1309
INDIA’s TRYST WITH CYBER SECURITY
For a country which believes that a laptop is the final investment and not the cost pertaining to software, thinking and acting on the vulnerabilities of Zoom software is in the realm of the imaginary. The level of security which have been inbuilt into hardware, software and apps by way version control, upgrades etc has only let us survive thus far. Our effort has at best been minimalist. What is the required security they barely know and over a period of time they don’t even have the capability to know, understand, analyse, plan and respond. As if pirated software were not enough, there are tonnes of digital genies being born everyday.
The App world which we all fancy has left nothing of security, which we seemed to nodding for, in the changed world of digital transformation, while being locked in our houses. When malware like NSO’s Pegasus can rip apart a smartphone even without receiving a call, we are gleefully having a collage of icons of all colours, shapes and sizes called Apps on our smartphone’s screen. What permissions you have given to which app cannot even be sorted out by the best security researchers in the world. With keylogger on board a large on these Apps, we have already compromised our own phones.
The patch management is at an abysmal level. Till the Baltimore govt ransomware attack last May, there where a million machines yet to be patched for WanayCry in US itself. Taking any guess about this country would be wild goose chase. Think of machines using pirated software, their fate is sealed for good. Hardly of any software, do we know the source code, then how do we know what the machine is doing with out data. From the operating system to the app is an endless challenge, with the attitude of consumption of gadgets & data and not of technology is weighing heavily against us.
The firmware of a camera or the protocol of a router, none is in our control, what comes and goes no one knows. Whatever is not known is supposed to have not happened. It can also happen that the damage is being done on a permanent basis and we were unaware of it. The present IT ecosystem and the Indian attitude is completely cyber security averse and landing perforce into fully digital ecosystem can be extremely dangerous, at the first indications are out there in the open. The battle inside Indian IT companies is not greatly different. This is the last chance for cyber security, otherwise, we would lose whatever little competitive advantage this industry has.
ONLY AN AGGRESSIVE CYBER SECURITY STRATEGY CAN SUSTAIN OUR IT INDUSTRY AND THE ECONOMY.
Sanjay Sahay