Cyber Security and Ethical Hacking
Today, technology pervades every nook and cranny of our lives. In a report published in August 2017, nearly 50.7% of the population on Earth is connected to the internet! That is 3.82 billion people! Out of these, nearly 3.03 billion are present on one social media network or the other. Facebook alone has a network monthly active base of over 2 billion. These astounding figures are just the start as nearly 2 million new internet users are added each month to the network creating a big opportunity for all the stakeholders.
Most of the people who are accessing the internet are doing it due to the pervasion of mobile phones. This little piece of technology that can fit into your hand has revolutionised the entire internet ecosystem. There are more than 5 billion unique mobile users in the world. Nearly 92% of the total internet users access the internet through their mobile phones.
As we have seen so far, there is a huge ecosystem that has unlimited tapping potential. This fact is being realised by everyone – from a small businessmen to behemoths such as Amazon. In fact, the biggest companies of today are no longer oil and other manufacturing conglomerates, rather they are the tech companies.
- ‘Data’ is the new gold in the world today. Due to the presence of a large number of people on the internet , there is a huge amount of data being generated every second . There are 7883 tweets, 882 photos uploaded on Instagram and over 72 thousand videos watched on youtube each second of the day. This creates a lot of data to be mined and analysed.
- Ecosystem creation. There are companies that have gone in to provide end to end solutions for various problems. Look at Apple, its devices together provide a complete solution for your entertainment and communication needs.
- Opportunity to advertise your product or service. This is especially beneficial for local and small businessmen who are given a platform to be able to compete with the larger companies. This is the reason that net neutrality is being fought for on a large scale. This is also the reason that the ‘gig’ economy is on the rise.
- Rise of new currencies – bitcoin, peercoin, lite coin and many more to invest in has created a new class of investors and securities.
However, if there are positive opportunities, there are certain threats as well:
- Data can be stolen. There is an increasing incidence of identity theft and fraud due to unsuspecting users uploading personal information on spurious websites. This creates a huge problem. As all records go digital, we are under constant threat of attack on all kinds of information – financial details, medical records, online activity and much more.In Q3 2016 alone, 18 million new malware samples were captured. That is more than 200,000 per day!
- There’s a new kind of blackmail and ransom opportunity on the rise – Wannacry Ransomware is a good example. More than 4,000 ransomware attacks have occurred every day since the beginning of 2016 according to a report from the FBI.The amount of phishing emails containing a form of ransomware grew to 97.25% during Q3 2016, up from 92% in Q1 2016
- Cyberstalking and harassment is a problem that has made itself felt in the Indian population lately.
- Undue speculation and rise of cryptocurrencies has posed a problem as they can be used to bypass formal financial systems and are often the route to transfer ill gotten money or money being sent for illegal operations and terrorism.
- Cyberattacks are not only targeted at individuals or companies. More often than not, governments are at the receiving end of such attacks. This puts sensitive defence and security information at risk.
To fight this ever-growing threat , there are various tools that companies deploy. There are several security firewalls set up to ward off any unauthorised access to the stored data. Various security solutions are included that work on the user side as well such as two-factor authentication on Facebook.
However, when we talk about wider security, the first thing that comes to mind is Ethical hacking. Ethical hacking is a way of objectively analysing an organisation’s data security structure.The job of an ethical hacker is to purposefully penetrate security systems to fix these weak points.
These professionals employ methods similar to that used by malicious hackers, but they are required to be a step or two ahead of their vicious counterparts. Ethical or white hat hackers may be employed by the government, banks, or private firms to prevent cyber crime. They hack the system with the permission from the client and present a maturity scorecard for the network that highlights their overall risk.
Ethical hacking includes services like the following:
- Application Testing: Done to uncover flaws in the system at the very core or logical level
- Remote or war dialing: Used to test open-ended modem connections that remotely connect to a network
- Local network testing: Deals with testing of services, protocols, system devices and virtual private networks
- Wireless security: A method of measuring the level of security available in the framework as a whole
- System hardening: Done to strengthen the host and mend weaknesses
- Stolen laptop: Done using the PC of an important employee, this test examines for passwords and personal information stored in a dial-up software
- Social engineering: This type of hacking is very difficult to carry out as it involves people, personalities and employees.
Thus, a ethical hacker is essentially a hacker, which is often attributed to be a negative term, but one that allows companies to conduct third part security analysis of their systems. This is the reason that Ethical hacking’s demand is on the rise. According to Data Security Council of India, the cyber security market is expected to grow to USD 35 billion by 2025.
DOs and DON’Ts
Though you are protected by several layers of security, there are often certain dos and don’ts that one must adhere to in order to keep one safe from cyber-crimes.
- While you are banking, shopping or paying your bills online, check if the website’s URL begins with ‘https’. Also look for the padlock icon, which indicates that the connection is secure.
- Go for unique, and hard to guess passwords. Never keep the same password for different online accounts. Create a password that has a mix of uppercase and lowercase letters, special characters, and numbers.
- Use your primary email address to stay in touch with people you know or are acquainted with.
- For social media sites, use an email address that you do not use for important communications.
- Avoid using free, unsecured Wi-Fi for shopping or banking on the Internet and even for logging into your social media profiles.
- Delete old accounts that you do not use anymore.
- Before downloading any free software, research on the software and the website hosting it. Ensure the software’s publisher is verified.
- Access your bank’s website by manually typing its URL in the address bar. Never access it from an email or a text message.
- Never click on links or download attachments in unwanted, unexpected emails, even if such emails look like they are from a known source.
- Take regular backups of all your important files. Doing this is more important now that ransomware attacks are becoming so rampant. It is recommended to store the backup on external hard drives and connect them to your PC as less as possible. Alternatively, you can also use a trusted cloud-based backup service.
- Avoid making your personal information public on social media sites and the Internet in general.
- Avoid checking ‘Keep me logged in’ or ‘Remember me’ options on websites, especially on public computers.
- Never use your official email address for social media sites.
- Never use any of your personal information such as name, date of birth, address, etc., as your password.
- Never respond to pop-up ads that may come up on your screen. Close such pop-ups from the task manager.
- Avoid visiting inappropriate websites or websites that you are not fully aware of.
- Always log out of online accounts when you are done. This is especially important when you are using a public computer.
- Do not install software that comes as an attachment in emails.
- Avoid saving your credit/debit card information on websites and web browsers.
- Never share your personal/bank details on phone, email or SMS, even if the caller/sender seems genuine.
Today, cyber security is a crucial part of policy discourse be it in the government or corporate sector. Since, in the 21st century we have already stepped into a cyber-future, our dependence on technology and the internet will continue to increase. Thus, it essential that we recognise the importance of cyber security down to the individual level today.