With Internet usage rising in India, the need for cyber security too is growing, says Ratnamala Dam Manna, Director, Security Technology, Symantec, while speaking to Senior Associate Editor Vicky Nanjappa.
With the fifth highest number of broadband subscribers, India was also home to the third highest volume of malicious activity in the APJ (Asia Pacific and Japan) region in 2008.
Security agencies have repeatedly spoken about this threat and it appears that terror groups are increasingly becoming active on the Internet.
To find out more on such threats and also to ensure that we live in a safe internet zone, we caught up with Ratnamala Dam Manna, Director, Security Technology and Response, Symantec Corp.
In a candid interview with senior associate editor Vicky Nanjappa, Dam Manna speaks at length on the extent of cyber threat to India. She also lays down a few guidelines which if followed could make our Internet world a lot safer. Excerpts:
How grave are cyber threats in India? Is it really serious or is there just a hype surrounding it?
Cyber threats are definitely a very serious issue globally as well as in India, which is witnessing a surge in almost every kind of cyber attack. According to Symantec's latest Internet Security Threat Report XIV, India had the fifth highest number of broadband subscribers in the APJ region in 2008 and the third highest volume of malicious activity, accounting for 10 per cent of the regional total.
This increase in malicious activities is due to a rapidly growing Internet infrastructure, a burgeoning broadband population and rampant software piracy.
The report also found that India had an average of 836 bots (also known as web robots) per day during 2008 and there were 103,812 distinct bot-infected computers in the country during the period. This was a staggering increase of nearly 250 per cent from the previous Internet Security Threat Report.
India also saw a huge surge in bot command and control servers from 40 in 2007 to 70 in 2008. Bot command-and-control servers are computers that botnet owners use to relay commands to bot-infected computers on their networks.
The sharp increase in bot-infected computers in India points towards low adoption of security measure that includes anti-malware, intrusion prevention and intrusion detection.
Another alarming trend for Internet users in India is the threat landscape being heavily infested with worms and viruses. In the APJ region, India ranked first on worms and viruses attacks prevalence chart. Nine of the top 10 malcodes found in India consisted of worms (55 per cent) and viruses (15 per cent) that disabled security-related processes, downloaded additional threats and stole confidential information.
When you analyse the cyber security system of our country as a whole, how geared up do you think we are to wade away a threat?
Though awareness about cyber security is growing in India, preventive measures are still far from being in place.
The constant evolution of the Internet is providing new avenues for malware authors and cybercriminals to exploit innocent users for financial gain. Social networking sites are just the latest among targets. However, organisations and users alike aren't taking enough steps to proactively ensure that their information and infrastructure are secure.
For instance, a survey conducted by Symantec in May 2009 found that Indian SMBs have the lowest deployment rate of security solutions across the APJ region, with less than 20 per cent of IT budgets being spent on security.
As mentioned earlier, India is among the top countries on cyber criminals' radar. To counter this threat, it is not only important to deploy a good security solution, but also ti install regular updates.
Could you tell us what measures ought to be taken individually to ensure that a site or a blog stays free of cyber attacks?
Websites and blogs are vulnerable to attack because of their open nature that encourages users to share information. However, following some guidelines can help stay protected from cyber criminals.
- The first and most important line of defence against cyber attacks is an updated security solution that protects the information as well as the infrastructure it resides on.
- Keep your OS (operating system), applications and other software components patched with the latest security updates.
- Use anti-virus, enable automatic updates and regularly check that these are installed correctly.
Internet security is an expensive affair. Maybe that is one of the reasons why many people prefer taking a risk. What are your views on the same?
With the explosion of malware variants and the evolution of cyber attacks, Internet security is not a luxury, it is a necessity. In 2008 alone, Symantec created 18,00,000 unique signatures - a 239 per cent increase from 2007.
For instance, we currently deliver protection for well over 10,000 new virus samples each day. A week of not updating would mean that a user is missing protection for 70,000 new unique virus variants. Imagine the risk if a user doesn't have security software at all!
In fact, the cost of losing valuable information - this could be confidential data or even credit card details - are many times higher than the investment in a good solution.
How risky have sites like Facebook or Twitter become? What are the threats that one can expect through a social networking site?
The very popularity of social networking sites makes them attractive to cyber criminals. With millions of Indians actively involved in social networking, attackers can easily target thousands of users by compromising even one of these sites.
Social networking sites enable users to share personal information, images, videos and other multimedia files with members of their network. People can even embed third-party applications to customise their pages. While these are the greatest strengths of social networking sites, hackers see them as a new attack vector.
Furthermore, as people reveal significant private information on these sites, attacks can use social engineering techniques to deceive users into downloading malware or disclosing confidential data.
The most recent instance was the denial-of-service attack on Twitter that brought the popular social networking service down for several hours on August 6, 2009 and slowed it down later.
A simultaneous attack slowed down another popular social networking site.
Symantec was one of the first to throw light on attacks through social networking sites, in its Internet Security Threat Report XIII released last year. The report found that social networking sites are easy for criminals to spoof and because social networking pages are generally trusted by users, phishing attacks mimicking them may be more successful.
Profiles on social networking sites often contain a significant amount of personal information about the user.
Spoofed social networking pages can include links to false download that require users to enter confidential information such as authentication information or credit card information that can subsequently be used for fraudulent purposes.
In fact this report showed that social networking sites topped the list when it came to the top countries hosting phishing attacks and the top targets phished.
Rank | Country | Percent | Sites attacked most |
1 |
USA |
66% |
Social networking site |
2 |
China |
14% |
Social networking site |
3 |
Romania |
5% |
Social networking site |
4 |
Guam |
5% |
Social networking site |
5 |
France |
1% |
Online auction site |
6 |
Germany |
1% |
Online payment site |
7 |
Italy |
1% |
Online auction site |
8 |
Canada |
1% |
Online portal |
9 |
Sweden |
1% |
Telecommunication provider |
10 |
The Netherlands |
1% |
Social networking site |
Could you give a list of guidelines to ensure that social networking sites are safe to use.
- Maintain a level of caution about any message from within a website or that appears to be sent by the website.
- Double-check the domain that appears at the top of the page. When clicking over to a social networking site, make a habit of looking at what appears in the address line. Be sure you are linked to a real site with a familiar URL.
- As a best practice, type the site address in the address bar directly, rather than rely on links from a message. Ensure you do this while navigating to a sales site.
- Use complex passwords and unique ones for each site.
- Maintain an up-to-date browser and operating system.
- Use security software.
- Be suspicious of requests to enter your account name and password
- Because of the relatively open nature of web technology, it is very easy for criminals to fake the look of web pages with very convincing graphics. Be very suspicious of obvious typos in text, odd words or phrases, or the feeling that the site just doesn't look right. It's easy to steal graphics, but thieves are often very clumsy writers.
- If you ever see an IP number in a URL, leave the site immediately. It is almost certainly a fraudulent site.
Another method to ensure that you are on the correct site is to check if there is an's' after the 'http' in the URL. This code often appears in e-commerce websites and essentially means that all transactions are secure and the site is legitimate.