The Digital India initiative by our government is an ambitious move, to say the least. Indian Prime Minister Narendra Modi envisions a country in which a number of crucial sectors of our economy embrace the Internet to foster growth, expansion, and accessibility. Of the many things the government is working on, one is connecting rural areas with high-speed Internet networks. This has the potential to significantly ramp up our efforts in education, health, entertainment, and business among other spaces, and revitalise our economy as a whole. However, our cyber-security awareness and efforts continue to lag behind the curve.
A recent report said a large number of Internet users in the country don’t hesitate sharing their bank credentials with others. People also continue to download and install apps, music, and movies from unsafe sources – to save money – that is crippling their security and privacy, a conclusion security firm Norton by Symantec has reached. The company first shared the insight with a few journalists at a media conference in New Delhi on Thursday.
As more people come online, and access a smartphone for the first time, it has become more crucial than ever that they are aware of the security implications that these services and facilities come tied with. But as has been found, we continue to remain ignorant about the basics of how the Web works, and what these “smart” devices are doing behind the scenes.
The India-specific report by Norton by Symantec said that as many as 113 million users were affected by a form of online attacks in the past year. On an average, an affected individual loses roughly Rs. 16,000 dealing with the fallout of cybercrimes, and as many as 30 hours in the aftermath of such an attack. “In the past year, 48 percent of India’s online population or approximately 113 million Indians were affected by online crime,” said Ritesh Chopra, Country Manager, India, Norton by Symantec. The firm found these conclusions looking into an online survey of more than 17,000 devices users with age of 18 or above across 17 markets.
One would expect the younger generation – people with base age of around 24 years – to be more educated about how to handle their digital world, because they grew up in a period when the Internet started getting traction, and different companies cropped up to offer their services. But that isn’t the case. On the contrary, this subset of user base has been flagged as one of the most immature by Norton.
The firm reports that four out of ten such people live under the impression that they aren’t “interesting enough” to be a target of an online crime. Reality is, Norton said, seven in ten of such people have experience a form of cybercrime, with as many as five in just the last 12 months. People around the average age of 55, on the other hand, are in a better position.
That’s a dreadful statistic for a country with a young population and in which hundreds of thousands of smartphones are sold every few seconds, and thousands of people mark their arrival on the Interweb. And that also highlights the challenges we’ve in front of us that need to be sorted.
(Also see: Mobile Locked Unless You Pay the Ransom? Could Happen to You in 2016)
When asked if cyber awareness among people has gotten better over the past year, Chopra told Gadgets 360 that we’re seeing a mixed result. While many people are getting hold of these aspects of the digital world, there are thousands of new people that come online everyday that don’t.
The state of current security is already worrisome, with hackers devising new ways to circumvent the security our devices offer. We’re seeing an increasing number of sophisticated attacks in which our devices are locked down, and attackers demand for a ransom. Attackers have also found ways to hack IoT devices, and get access to the Wi-Fi network they are connected to compromise the whole networkand the devices that they are connected to. But these are sophisticated attacks that we can also understand when we’re aware of the basics, and have made others aware of them as well.
But aren’t our operating systems getting better? Google, Apple, and Microsoft continue to tout the level of sophistication their products and services have reached with each new iteration. Chopra told us that while good guys continue to protect us, bad guys are balancing the equation by finding vulnerabilities and new ways to hack at an equally staggering rate.
What exactly is compromising our security?
People trust others with their password
Norton said that as many as 60 percent of users in the country are sharing credentials of two email accounts with others (global average is 55 percent). Around 55 percent of people share the passwords of their social media accounts (global average is 43 percent), and a staggering 36 percent Indian users share credentials of their bank accounts as opposed to 27 percent across the globe.
Obsession with freeware and means to get free alternatives
Many users continue to flock to shady websites to get free apps, and download copyright infringed content. What many people don’t realise is that these files are highly likely to be riddled with malware or adware of some kind. As we’ve seen in the past, attackers are aggressively targeting such users.
Many users also like to use freeware products. While there are many great freeware apps and services available in the market, one has to understand the business model these providers maintain to sustain, said Chopra. As has been in the case of AVG – whose AVG Free security suite is highly popular – the company was found selling the data it had obtained from its users to marketers.
As has been previously reported, many apps on Google Play seek permission to information that they absolutely do not need for proper functioning. One needs to be careful while installing and needs to check the kind of things that particular app requires to function. A torch app must not get access to your contacts and text messages, for instance.
Easily sharing information
People continue to readily share their personal information such as their mobile phone number. “While entering this hotel, you provided your contact information at the registration desk.” said Chopra, giving a simple example of how people don’t think twice before sharing their information. “Who knows who goes through that register and gets your information,” he added, jokingly revealing that he often provides a fake data to avoid the consequences such as telemarketing companies mysteriously getting their number.
Not using a secure password
People continue to use same password for all the services, and these passwords are generally not secure (combination of at least eight letters, number and symbols). As we’ve seen in previous reports, there are plenty of people who still use passwords such as “12345.”
“I dream of Digital India where cyber-security becomes integral part of national security,” Modi had said earlier this year. At the current state, we’ve a lot of work to do if we want to stay secure.