Priyanka Joshi in New Delhi
Ankit Fadia, 27, is an independent computer security and digital intelligence consultant - better known as ethical hacker - who has worked with government agencies.
He tells Priyanka Joshi, whether preventive cyber security measures can ever be enough to keep virtual miscreants at bay.
...
Ankit Fadia on how to keep virtual miscreants at bay
Image: Ankit Fadia.Of late we've seen the rise of hacktivist groups like Anonymous that targeted high-profile websites, like the Supreme Court's, Congress's, BJP's and RBI's, to protest the Indian government's alleged role in the blocking of file-sharing sites such as The Pirate Bay and Vimeo. Is this the beginning of cyber activism in India?
Security professionals are aware that our government websites are very easy to exploit - be it by hackers from China and Pakistan or hacktivist groups like Anonymous.
The rise in hacktivist groups should act as a wake-up call for the government to tighten the security loopholes in official websites.
The government has seen that a ham-handed approach of taking down sites instead of asking for specific pages (that violate sentiments etc) to be removed never really works. All it does is create a lot of angst among the netizens.
Hacktivists, while they might not have wrong intentions, can exploit and get away easily since there's no one person that can be traced. Usually these groups discuss their attacks in chat forums and get together hundreds, if not thousands, of security professionals to attack a targeted site.
Such coordinated attacks will only increase as the government has laid down no security guidelines for its websites. Nor does it have dedicated security professionals manning the networks to prevent them from being exploited.
...
Ankit Fadia on how to keep virtual miscreants at bay
Image: Ankit Fadia.If hacktivists retaliate to every issue and continue to accept anyone who signs on to act on their behalf, wouldn't that push us towards a digital civil war?
That's the problem with the hacktivism movement. When thousands of hackers decide to bombard a site, the cyber attack is impossible to avert.
And the tricks available to bring down a site or crack into a site's database are so many that you wouldn't know how to control it. Our cyber laws are good enough, but we urgently need to train our security forces to be able to implement them effectively.
...
Ankit Fadia on how to keep virtual miscreants at bay
Doesn't this present an opportunity for the ethical hacking community to get active and align with the government and official agencies?
We are a community of individual professionals, some employed and some working independently.
The problem is that government or official agencies do not want to pay for all the external support we lend. Payments are almost always delayed or so less that it discourages others. How do they then expect us to help them out? We can't be expected to work for free.
...
Ankit Fadia on how to keep virtual miscreants at bay
In the wake of rumours concerning people from the Northeast, do you think restricting how individuals use social media sites is a solution?
Banning or blocking websites and social content on web is never going to work. Social media can be better used in communicating with the masses and it will always triumph over those trying to spread rumours.
If someone wants to spread a rumour, he can create another account as soon as one is blocked or switch to those multimedia apps that can blast messages to hundreds. But it's also true that the Indian government is far more lenient than the Chinese one which censors at source.
The government and the officials need to understand that social media is way too big to monitor and they can put it to good use.
...
Ankit Fadia on how to keep virtual miscreants at bay
Do you still help government agencies understand the ever-evolving tricks of cybercrime and hackers?
I recently trained more than 150 police officers of different ranks from Chhattisgarh. I teach them tricks like how to trace a fraudulent email, how to look through a computer hard disk for files etc.
Most states have cybercrime cells but the officials need to update their cyber skills regularly since virtual terrorism is evolving faster and the techniques are getting more complex with every attack.
article