Troubleshoot with Online Security
By CXOtoday Staff
Mumbai, May 15, 2008

With more and more people using the Internet, online security and online safety have gained paramount importance. Cyber culprits are from different strata of society, which shows the widespread reach of cyber crime. It's important for us to secure our computers with technology and act in ways that help protect us against risks that come with Internet use.

Microsoft India along with CII and CERT-In organized a seminar on information security to raise consumer awareness about cyber crime targeting children and youth who are increasingly using online facilities like chatting online, networking, etc.

It was a week long campaign which got huge response from the masses where they voiced their concern on security issues. The Seminar was a part of the ongoing CII campaign, which brought together participants from the banking, finance, government and consumers to a common platform to share views, thoughts, experiences and solutions to safeguard the Indian economy from cyber crime.

Most companies nowadays are becoming sensitive towards security of information, especially in the context of Network- Attached Storage systems (NAS) which is the most attractive entry point for hackers, because of its reliance and well-known protocols. Hackers penetrating NAS system can also build sniffing and password hashes, perform protocol downgrade attacks on Windows NT LAN Manager and LAN Manager authentication, and spy on clear text sent over Common Internet File System and Network File System protocols to 'sniff' valuable data.

"We must treat internet information as an asset", said Rakesh Kharwal, Security Marketing Manager, Microsoft. Thus to protect NAS systems and storage environments, IT storage personnel must regularly update server operating system security features to incorporate secure builds, patch processes and the latest malware definitions.

Emphasizing the importance of safe online access and sharing, Vikram Tiwathia, CIO of CII said that information security is not as much of a technical requirement but a social aspect. The dramatic increase of online game related crimes and continual monetary loss and damage has made the authorities realize that there is more to security than technology. Sanjeev Sofat, additional director (IT II) from Chandigarh Administration stated, "Cyber offences aim at monetary gain-on-line business fraud and e-banking remain at a high level of risk. Sophisticated crimes are committed by using intrusion programmes".

This CII effort is spread across six cities: Delhi, Mumbai, Kolkata, Chennai, Chandigarh and Bangalore. In these cities, they have been reaching out to 30 schools targeting more than 3000 children and teaching them to safeguard online identities and fraud prevention.

According to Shehar Kirani, vice president of Verisign, phishing is a global threat. India ranks third at 9.39 %, says the Anti-Phishing Working Group (APWG), a global pan-industrial and law enforcement association focused on eliminating fraud and identity theft due to phishing, pharming and email spoofing of all types. There were 339 phishing cases reported in '06, 392 phishing cases reported in '07, and 576 password stealing malicious code URLs reported in 2006.

APWG's latest report, published in January, reveals it received reports of 28,074 phishing attacks and 23,630 phishing websites in November 2007. Gartner, a global IT research and advisory firm, reports that phishers are collecting personal data from social networking websites. Andrew Walls, research director for Gartner's infrastructure protection group from Australia, said: "We are seeing phishing scams wherein personal data has been collected from online social networks such as MySpace and Facebook and then integrated into very personal and targeted emails."

Internet users here are at high risk as the country is yet to have a dedicated agency that monitors cyber frauds." Phishing sites have increased from 4000 to over 55000 in 18 months with the result that consumer distrust is growing at alarming speeds", said Shekhar Kirani, vice-president of Verisign.

In response to ways and means employed by Mumbai Police to control cyber crimes, Mukund Pawar, Inspector with Mumbai Police explained that the culprits are punished ranging from innocent cyber crimes to major cyber thefts. He suggested the need to scale up this initiative of CII to reach more consumers and will monitor, track down, and curb the growing number of cyber fraud cases in the country. Commending on the initiative taken by CII, Ayushman Sinha, senior analyst, Infosys Technologies stressed that convenient tools such as color coding are available to easily distinguish safe and unsafe websites.

CII along with CERT-In has established an "Information Security Advisory Forum", which will be a single unified line of communication between government, industry and law-enforcement agencies. They will focus on sharing critical information related to phishing and spam incidents.


Related Links:
Online Security
5 Tips for Online Security