Unprecedented usage of internet has unveiled abundant opportunities for hackers to walk in. India has already witnessed several attacks of devastative nature with multi-dimensional impact. Author in this article has unfolded the unseen nature of cyberspace and has explained ways to be escaped from hackers.

With the advent of the internet, the world suddenly seems to have shrunk to a place where everything and everyone is interconnected more than any other point in history. From swanky international airports to local power-grid stations to our departmental store, everything is computerized and is connected to the Internet. And as more corporations and people tread deeper into the cyberspace, the more vulnerable they become to cyber-crime. In fact, one can argue that cyber-crime is now passé; this is the era of cyber-warfare. The Hollywood movie, Die Hard 4 highlights the danger of cyber-warfare. Entire countries can be brought to their knees by a single person sitting in his living room. The supply of electricity, water, entire communication and transportation networks can be brought to a standstill. And the worst part of it is, the movie could very well have been a real-life scenario. The question that looms large is what are we doing to stop the attack? Or how well can we foresee it coming?

India as a target

Although India did put in place an IT Act in 2000, thereby becoming one of the first countries to have such an act in place, very few of the legal fraternity or the big corporate executives are aware of its clauses or even existence. This leaves a lot to be desired as far as laws to securing our cyber space are concerned. The software market in India is approaching $60 billion as per records. Yet, there are glaring loopholes in its domestic IT Infrastructure, which makes it an easy target for hackers to play havoc. According to experts, India has the lowest rate of security measures for its IT Infrastructure with more than 6000 websites hacked and defaced in 2009, significantly higher than the 1700 odd websites which faced a similar fate the previous year. Symantec in its internet security threat report ranks India 5th in the world in cyber crime.

India is not the sole target in this cyber-warfare. There have been instances of cyber-crime reported from all over the globe. In 2007, Estonia was subjected to a distributed denial-of-service attack (DDoS) in which selected sites were targeted and forced to go offline. As a result of this attack, nearly all of the Estonian government ministry networks as well as two major Estonian bank networks were affected. Launching DDoS attacks and hacking into confidential information of corporations and countries are not the only types of cyber-warfare. Viruses, Worms, Trojans are being written and spread at an alarming rate, affecting anyone, from the biggest of corporations to the average user. These malicious programs infect systems and can either be used to gain access/control of the system or disable the system completely. This can cause an enormous financial, data and productivity loss.

Recent Attacks

A report by two Canadian cyber research institutes talks about the recent attack on the Indian government and big enterprises in India. Attacks were made on entities including the Tata Group and DLF; the national security council secretariat, the railway network, and the national informatics centre. And like a few other instances in the past and this time too fingers have been pointed at China. Most anti-virus programs and firewalls have failed to stop or prevent the damage caused by these malwares. The Home-Secretary for India, G.K.Pillai clearly mapped out the need of the hour in an interview with a popular interest magazine. According to him, India lacks a single body which is responsible for the cyber security of the government of India. He feels the different bodies and systems need to be unified so that there is one set of rules that is being followed across the boards; in all the departments and one rule under which criminals can be tried and prosecuted.

Expert Speak

The existing IT Act in India needs to be updated as there are no provisions to tackle new types of cyber-warfare that are emerging at an alarming rate. Though there have been two amendments made to the law, it seems inadequate. The conviction rate for cyber-crime in India is abysmally low. The updated policy should ensure that the situation changes and should make sure that the IT Infrastructure in the country is equipped to handle threats as and when they come and not remain sitting ducks. The government, according to experts, is working towards one such system, a policy that covers the cyber security issues, which will be applicable to the public and private sector. Until the laws are given more teeth and start to ensure decline in the instances of cyber-attacks, technology will remain the mainstay to protect the IT Infrastructure from falling like nine pins. Even with stricter enforcement of the laws, technology will need to keep up with protecting the valuable IT infrastructure and the assets managed or contained in those IP networks.

With hackers today having at their disposal highly advanced, sophisticated and state of the art million dollar tools, anti hacking tools and software needed to protect networks from harm, need to be equally advanced to match up to the enemies strategies in the battlefield. In order to put up a proper resistance system in place and boost our immune system we need an internet traffic management solution provider that can do the job within a single flexible system. And though many might argue no single solution will be a panacea, this is a critical tool in protection and management of the critical networks. Real time, dynamic tools, based on traffic intelligence – not just on static signatures which are updated periodically- can help service providers, mobile carriers and government organizations to facilitate and protect their large networks.
 
Large networks used by Governments as well as by corporations are very complex and are difficult to track, manage and monitor. Network managers need to have a clear view of all traffic, incoming and outgoing, in order to monitor their network effectively at all levels. This ensures greater threat visibility, prevention and threat neutralization time thus helping in threat escalation. Advanced real-time traffic intelligence technology employs new sophisticated mathematical algorithms that can make sense of traffic patterns and do so in a dynamic fashion. Today, large enterprises, carriers, and governments across the world are using these single flexible systems.

Road Ahead

When most people, institutions and corporations are so dependent on the internet for commerce, communication, and interaction, we must take clear steps to protect them in the cyber world.  While laws and enforcement will help in making the cyber world a safer place, it is critical that technology is also used to complement the laws in the battle to protect corporations and individuals from criminals operating in cyber space. Each of us must take responsibility and protect both our individual information and networks that all of us are responsible for running. As an individual or a corporate house, the onus is on us to begin to solve the problems related to cyber security by securing our networks first. A real-time traffic intelligence solution is the only way to achieve this.

—By: Yogi Mistry, Sr. Vice President, Narus.