Virtual world and Cyber Security: Two sides of the same coin
With rigorous penetration of internet in Indian population, most of them are directly or indirectly exposed to the virtual world. The Internet revolution is surely welcoming but we are also inviting some unwanted guests to the party. These guests are none other than malware, virus, adware, and many other fancy terms.
The latest one to explain is the Ransom Ware attack, which made infected PC next to inoperable. In return, the attacker asked for money to unlock the computer. Some People won’t mind these attacks and simply format their hard drives. But imagine if the attack was made on bank’s server, or on a corporate firm having data worth millions.
There’s a saying that precaution is better than to cure. To your surprise, you don’t need to be an IT expert to avoid being victim of such attacks. To discuss cyber security in details, I recently met Mr. Jaimin Shah, MD & CEO of DEV IT Ltd and also the chairman of Domestic Council of NASSCOM.
Talking about the precautions, he explained that most of the vulnerabilities are not as worse as they seem to be. Cyber security is not taken seriously by most of the people and they do not realize the threat they invite to their identity.
There are many instances when people have not only lost their data, but also a lot of money. That’s because their computer or laptop was infected with a spyware, which used to track every key pressed on the keyboard. That ultimately resulted in stealing of bank and credit card details.
What I personally learnt from the meeting was that Cyber-security is just a technical term and it is hyped a lot. Actually, safeguarding our identity or data is not as tough as it seems to be. My discussion with him was fruitful and he explained a lot of things in very simple language that everyone can understand. To make it easier for the audience to understand and learn basic cyber-security measures, I have listed them down point wise.
1. The very first thing we discussed was that to use original licensed software. He explained that if particular software is chargeable, then they are there to provide all kind of support and safety updates. For instance, the recent Ransom Ware bug penetrated PC’s because of a loop hole in the Microsoft Windows. Surprisingly, Microsoft was aware of it and they did release a patch for it before a month of the actual attacks. The victims were only those people who were either using a pirated copy or the ones who did not update their Windows.
2. Next thing he explained was to use the built-in firewall in Microsoft Windows. It is the firewall that stops most of the attacks done on a PC. Many of us would have got warnings from Windows Firewall when we try to install some or the other software on our PC and Laptop. It is the proof that thing is working and it should be turned-on all the time.
3. Another simple thing to do is to have a licensed Anti-virus on the PC. In addition, the user should also regularly keep it updated with latest virus definitions. The Anti-virus not only protects the PC from viruses, it also has parental control, Email scanner, Phishing protection, and many more security features.
4. Taking things a little advanced, Mr. Shah added that most of the normal users are still not able to sort the email they receive. There are many instances where people have clicked on a link they received through email. These links contain vulnerabilities that instantly affect the PC as soon as a user clicks it. A user should check the source of email before clicking any link in it.
5. Another thing to learn here is that most of the people do not understand file extensions and they click on whatever attachment they receive in their email. Most of the service providers like Gmail and Yahoo have built-in virus scanner, but sometimes they too fail to detect the threat. It is highly recommended to check the file extension before opening any attachment.
6. The next discussion was on identity protection. He explained that when accessing a public computers, one must always take care and not to save any passwords. It is advisable to not make online purchase or use online-banking on public computers. You never know if they have installed stealth keyloggers on the system.
7. Final thing we all should take care of is to check the source when transferring any data from Pen drive or a USB Hard Drive.
From this discussion, it is evident that there is no need to be a tech freak in order to protect privacy in the virtual world. All we need to do is to take care of small things which we all tend to ignore. From a business perspective, employees should also be informed about this and make sure they follow them.
Digital revolution is moving at a rapid pace and it will further move to next level with passing time. With every advancement, new threats will follow the course. The only resort is to educate people with basic cyber security measures and develop a habit to follow them on a regular basis.
On a closing note, what I extracted from our meeting is that that the Cyber Security is not a rocket science and also it’s not a one time job. Cyber security is an on-going process. The day you stop the process, is the day you have expose yourself to cyber attacks.
Next time, when the Nigerian prince sends you an email saying he wants to transfer his wealth to you, just delete the Email !