ENARADA, New Delhi
By Ajay N Jha
Yesterday itself apple said that its developer site was hacked on Thursday affecting at least 275000 log ins. Some information about its registered third party developers who may use it, have been stolen.
The portal developer.apple.com had been offline since Thursday without explanation, raising doubts among developers if it had suffered a disastrous database crashed and then it had been hacked.
A Turkish security researcher Ibrahim balic claims that he was behind the hack but insisted that his intention was to demonstrate that apple was leaking user information.
The breach is first known against any of apple’s web services. It has hundreds of millions of users of its i-tunes and apple store e-commerce system.
This is a grim reminder to the fact that Cyber Attack would hit even those who claim themselves to be safe.
The world today is becoming increasingly dependent on the internet for communications, information, efficient functioning of business and critical infrastructure as well as entertainment, shopping and social networking. While all this has made a tremendous improvement in the quality of life, it has also made us vulnerable to disruptive and damaging activities from known and unknown quarters within or beyond national boundaries.
The threats to cyber space have increased exponentially in recent years as our reliance on it has grown. The source could be a state espionage agency eager to keep a tab on what other countries are up to, or a business rival trying to steal commercial secrets or criminal gangs out to clean bank accounts or terrorist groups targeting to create economic collapse and social chaos by causing massive damage to telecommunications and transport services.
In most advanced countries both the government and business conglomerates have taken counter measures to protect themselves. Yet media continues to report on attacks on highly reputed public and private websites and computer networks. Many attacks and resulting loss of valuable data or intellectual property and financial damage go un-reported to save bloopers, embarrassments and reputation.
In many developing and emerging economies like India, the general level of threat perception, thought growing, is quite low. The fact is that even today, a majority of government and corporate leaders in India are not even aware of the dangers and sophistication of methods employed by the hackers these days.
Not only the state and military secrets coveted by the other state spying agencies as well as economic and commercial intelligence of value to business rivals, the hackers these days have no qualms in selling information they steal to the highest bidder including gangs engaged in credit card frauds and other criminal activities.
Besides the young techies and nerds who indulge in hacking for fun and as a challenge to break into important and tightly secured sites, crimes syndicates are on the prowl to steal passwords, account details and personal information to indulge in illegal money transfers, ATM withdrawals and other damaging activities.
Recent reports of IIM graduate from Srinagar being a part of the LET or many young techies from Mumbai, Pune and Bangalore directly or indirectly working as information providers for anti- national groups clearly underscores the dangers of hackers in league with terrorist groups disrupting essential services and causing large scale economic and social chaos. Unfortunately in many such cases, the origin of attack, the identity of perpetrator or the motivation for it is often difficult to ascertain and this facilitate the use of Information and Communication technologies(ICTs) for disruptive purposes.
One of the most spectacular such reported attack was Stuxnet, an advanced computer virus, allegedly used to target uranium enrichment facilities in Iran a year ago. Says Mr Babulal Jain, Senior Advisor to UN “After loading a standard anti-virus and firewall software, most of the authorities and corporate entities in India feel that they have secured their systems and networks from cyber intrusions. In their complacency and false sense of security, they conveniently ignore media reporting at regular intervals hacking of government and other websites and emails including that of White House and Pentagon”.
Mr Jain also says that “While many public authorities and corporates are too embarrassed to admit the failure of security and some are in the denial mode, most of them do not even come to know that somebody has stealthily entered their supposedly secure place and decamped with invaluable data and information”. Indian government at the central, provincial and municipals levels are themselves struggling to cope with this menace without significant success.
In fact, it was this realization which prompted national Security Council Secretariat to invite private sectors last year to jointly work with the government on a public private partnership (PPP) basis to find solution on a long term and sustainable basis in a constantly evolving situation.
More than that, a widespread public and corporate awareness programme needs to be launched to ensure that all internet users, whether individuals or corporate, start becoming conscious of their responsibility and take necessary measures to ensure safety and security of the cyber space.
The Prime Minister’s Office (PMO) has recently proposed a sum of Rs 1000 crore to be utilized over a period of four years to push India’s cyber security efforts. The government is going to initiate action to create several agencies and Special cyber security cell in order to respond effectively against Cyber Attack of any sort.
According to the outlines of the proposal, apparently based on the JWG action Plan, the department of Electronics and Information technology (DEITY) would be playing the coordinating role in securing integrated networks across India. Additionally, DEITY has also suggested the setting up a National Cyber Coordination Centre and a Disaster Recovery Centre as well as a Cyber security Assistance and certification facility and regional testing centres which would be implemented in the next two years. With these, India would be in a position to defend itself in the cyber wars waged against by forces inimical to India.
Cyber security challenges also remained a topic of debate and discussion at the 6th Annual World BPO/ITO Forum at New York held on 17-18th July 2013 in which more than 50 experts from across the globe deliberated on a variety of aspects.
Moreover, Babulal Jain and Jim Noble have teamed up to start Cyber security initiative through WICS (WBF International Service) to tackle the challenge and opportunities in cyber security arising in India. This involves widening the circle of awareness, conducting surveys and sample auditing in select sectors. Assessing the nature of threats and security solutions required, providing ready made products and custom built solutions, deploying well-trained personnel to monitor, track and prevent threats and repulse attacks, updating solutions for emerging threats and a 24X7 technical support with annual maintenance contract.
Says Jim Noble “Given the size and population of India with the number of internet and mobile phone users now touching over a billion, the growth rate of its economy and the large number of IT professional and entrepreneurs, the challenges faced in cyber security are daunting. But on the other hand, the huge opportunity it offers to global companies and service providers enter this dynamic market are equally attractive and not to be missed.”
This initiative of WICS aims to pursue the broad objectives outlined in the National Cyber Security Policy 2013 unveiled by the government of India to protect information and information infrastructure in cyberspace, build capabilities to prevent and respond to cyber threats, reduce vulnerabilities and minimize damage from cyber incidents through a combination of institutional structures, trained personnel, technology and international Cooperation. (CONCLUDED)
(Posted on July 22, 2013 @ 6.00pm)
(Ajay N Jha is a veteran journalist from both Print and Electronic media. He is the President and CEO of WICS Global Communications. His email id is Ajay N Jha <ajayjha30@gmail.com> )
The views expressed on the website are those of the Columnists/ Authors/Journalists / Correspondents and do not necessarily reflect the views of ENARADA.
