Tag: Cyber Security

Indian Government’s New Policy Proposal Threatens Our Online Privacy

The latest draft of the National Encryption Policy released by DeitY has found itself on the receiving end of ridicule and scathing criticism. Being condemned as an obsolete move that puts India decades behind in the tech-world, the proposal is seen as an attack on privacy on the internet.

The draft aims to “enable information security environment and secure transactions in Cyber Space for individuals, businesses, Government including nationally critical information systems and networks”.

This proposition is facing criticism because inherent within it is the implication of weakening of the encryption codes that would make private files on the internet accessible to the government. Apple offers an advanced version of iMessages where the company itself has no record of the messages of its users, and fights it out with the US government in the court regarding the latter’s involvement in the virtual existence of its citizens.

Back home, India asks its citizens to make themselves more vulnerable in Cyber Space in the form of regulation regarding the internet. It goes ahead to talk of plans of imposing a 90-day-compulsory-period of storage on all data exchanged using services like WhatsApp or iMessage, which make use of an end-to-end-encryption technology.

“All information shall be stored by the concerned B / C entity for 90 days from the date of transaction and made available to Law Enforcement Agencies as and when demanded in line with the provisions of the laws of the country.”

The complete draft of this new policy has been posted by DeitY on their website. The authorities ask for comments on the decision which can be sent to [email protected], until October 16, 2015.

September 21, 2015
How to Effectively Block Someone on Facebook

In the physical world, it may be difficult for you to cut some annoying people from your life. And admit it, we’ve all been in that situation where we wish we could ‘block’ that obnoxious boss, a lecherous acquaintance or maybe a spiteful ex, without confrontation. Facebook understands this and makes it super easy to shut someone out, without being harassed. Here is a three-step process to severe ties, instantly. Just virtually, of course.

1. Go to the profile of the person you wish to block.

2. Click the three dots “…” alongside Message and a list will appear

3. Select ‘Block’ to restrict the person from sharing things with you.

How Does Facebook Blocking Help?

As soon as you confirm, the user will be blocked from receiving any notifications from you. Blocking is not permanent and you may choose to unblock anyone, anytime. It’s extremely efficient and the person will not be notified about the blocking. He/She can’t even find you on the social networking site, even if they try. If that sounds a bit harsh, then there are options to unfriend them or hide the particular post which you don’t want to see on your wall.

Let the blocking begin.

May 29, 2015
Blackberry Launches SecuTablet, a Samsung Galaxy Tab S With Advanced Security Features

Samsung’s Galaxy Tab S devices had one of the best displays in the market. They are great portable entertainment companions. But what if they could also be used for carrying confidential or classified information? BlackBerry has taken up the task and is ready to bring out a device called SecuTablet that is basically an updated Galaxy Tab S.

Blackberry is known world over for its superior security technology. During the last year’s Sony Pictures hacking crisis, it was the old BlackBerry phones in the storage that came to rescue to establish secure communications. Now in the age of portability and mobility, the people handling sensitive information will also have to be on the move. The security of such information can be essential to businesses and governments.

The SecuTablet is basically a Galaxy Tab S with a Security bundle to keep data safe.

SecuTablet can be used as a regular tablet. It lets you access the usual Android apps and features. The tablet is the result of cooperation between BlackBerry’s SecuSmart wing and IBM. They have added a bundle of security features that keep the users data safe and prevents it from falling into the wrong hands. It also encrypts voice and data communication through a built-in Secusmart Security Card

The SecuTablet will not be available in any store near you. The device with its advanced security features comes at a price of $2,380. The device is currently being tested by the German government and may soon find takers in other governments and enterprises. Security of data and information has become a major concern amongst institutions and citizen’s alike after revelations by Edward Snowden. It’s no surprise that BlackBerry is trying to cash in on the concern with its advanced technology considering its smartphone business hasn’t been doing so well lately.

March 16, 2015
Indian Government Collaborates with Google to Launch an Internet Safety Program

Google has been expanding its SafeBrowsing initiative. The search engine giant recently added a new feature to its Chrome browser, that pops up a red flag in case users accidentally visit a site that prompts them to download malicious malware.

Now the Indian Government has joined hands with Google to launch an internet safety campaign, primarily aimed at young adults and children on sensitive issues like identity theft and online harassment. Government plans to involve various departments and ministries for consultation and dissemination of information on internet and data security as a part of this initiative.

[quote text_size=”small” author=”Chetan Krishnaswamy” author_title=” Google’s Public Policy India Head “]

To enable this and ensure that families and young people across India are safe, we’re working with CERT- In and MyGov to get the word out about good Internet practices and how to keep users safe online.

[/quote]

According to a PIB release, the campaign will be carried out by Department of Electronics and Information Technology, which comes under union ministry of Communications and Information Technology, in partnership with Google and the Indian Computer Emergency Resposne Team (CERT).

Meanwhile, Department of Electronics and Information Technology (DEITY) Additional Secretary suggested an annual programme to raise awareness of key policy makers on matters concerning cyber safety. The initiative would include roundtables, workshops, Security Cafes, contests for young adults, policymakers and NGOs. However, an exact date of launch has not been specified yet.

February 26, 2015
Pre-installed Software On Lenovo Laptops Makes Them Prone To Hacking: Report

One of the world’s largest PC manufacturer Lenovo Group is in the news for all the wrong reasons. Cyber-security experts are reporting that the Chinese manufacturer had pre-installed a virus laden software on its laptops that apparently makes its devices prone to hacking,

Users back in June reported of a pre-installed programme called Superfish that was an adware.

[quote text_size=”small” author=”Robert Graham” author_title=”CEO of U.S.-based Security Research Firm Errata Security”]

Superfish was malicious software that hijacks and throws open encrypted connections, paving the way for hackers to also commandeer these connections and eavesdrop, in what is known as a man-in-the-middle attack.

[/quote]

Meanwhile, Lenovo officials in January said on a web forum that Superfish has been temporarily been removed from consumer computers. The officials though did refrain from making any official comments during the Lunar New Year holiday in China.

Security experts believe that Lenovo has been negligent, and these computers are still vulnerable even after uninstalling Superfish. The software gives itself total control to take over connections and declare them as trusted and secure, even when they are not secure. If the allegations are substantiated, it will be a major blot on the companies brand identity and may affect future sales.

February 20, 2015
Britain and USA Team Up to Stage Cyber Wargames

In an attempt to bolster their cyber defence from online attackers, intelligence agencies from the U.S and Britain will conduct planned cyber attacks on each other’s financial and other critical sectors. These intended cyber attacks will be conducted to test and measure their online defences. Countries all around the globe are attempting to take on the increased concerns over vulnerabilities of critical online infrastructure.

U.S President Barack Obama and British Prime Minister David Cameron agreed upon this initiative on Friday. The joint effort has come amid concerns over the growing threat of online cyber attacks following the massive Sony hack last year.

Both countries will begin work on a series of large scale joint exercises to assess each other’s online infrastructure. The first attack is expected to take place later this year on the financial sector. Other online ‘war games’ exercises will include premeditated attacks on energy and transport sectors.

[quote text_size=”medium” author=”David Cameron”]

This is an evolving threat which poses a real risk to our businesses and that’s why we’re taking our cooperation with the U.S. to an unprecedented level, This is about pooling our effort so we stay one step ahead of those who seek to attack us

[/quote]

Meanwhile, Britain’s MI5 along with their communication intelligence agency, known as GCHQ will work with their US counterparts in the NSA (National Security Agency) and FBI (Federal Bureau of Investigation) to further bolster the exchange of information.

In addition, the two governments will also invest in training next-gen cyber agents; to lay down norms and standards to ensure big multinationals are getting constant advice on how to protect their systems.

January 19, 2015
Expert Believes ‘Digital India’ Plan Flawed, Needs a Practical Cyber Security Policy

The present Indian government has put particular focus on the communication infrastructure of the country. The focus is especially on making India a powerful force in the digital era. It envisions mobile connectivity for every Indian and developing the nation through an e-governance system. The Digital India program is the most visible action plan by the government. But experts are asking the Indian authorities to take a breather and first work out a clear strategy for cyber security.

Cyber Security is an important element of a communication infrastructure. It is not just necessary to establish these protocols but to enforce them as well. Currently, according to the Director of the cyber warfare program at the Tel Aviv University’s Institute for National Security Studies, Mr Gabi Siboni, the strategy arena is where India is lacking. This was reported by Economic Times.

According to Mr. Siboni, the paper published by the Indian government released last year on the subject lacked clear direction. The paper envisions a huge infrastructure that would employ over 5 lakh professionals trained in cyber security to protect the national interests in 5 years. But the paper doesn’t mention how these professionals will be acquired or trained.

The report points out that there has been a heavy increase in the number of cyber security attacks on this country’s institutions. According to data gained from the Indian Computer Emergency Response Team (CERTIn), the attacks have increased to a massive 62,189 until May this year from a meagre 23 reported incidents in 2004. This has also increased the costs to businesses whose infrastructure is targeted through such attacks.

Mr. Siboni has pointed out that currently the attackers are way ahead of the defenders. So it’s absolutely necessary to define the minimal defence strategy for civilian, business and government security. There is no fool-proof way of securing the cyber arena but if you have a clear strategy to deal with them, you can repel these attacks to a certain extent. We hope the Indian authorities are taking notice.

October 22, 2014