Today when the world is moving forward towards digitisation, there are still many aspects about which we either don’t care or they are overlooked. Apart from physical safety, the second important thing is keeping safe in the virtual world.
Virtual safety is becoming a serious concern. We don’t give a single thought before saving personal or professional information which can be very important and crucial, which can lead to a potential loss to an individual or business.
In 2015, two Indian business tycoons paid more than $5 million each to keep such information as a secret and from going public. A group of hackers stole their data from company’s server which included data that could put them in serious trouble if exposed. Eventually, to save them, a huge ‘ransom’ was paid. Only after that did the businessmen realise that their company servers were compromised from a long time and there was no certainty that it would not happen again.
This was the first said case of ransom-hacking which also involved corporate leaders of India. However, there are thousands of such cases each year that are not even reported.
India stands in top 5 countries across the world when it comes to ransomware – malware attacks that force its victim to pay a ransom.
How are these ransom attacks occurring? How does the hacker get such crucial information? This is a major question any individual will have in mind. Manan Shah – Co-founder and CEO Avalance Global Solutions answers this with some real life examples and few techniques a hacker might use to blackmail you:
“These hackers from a remote location encrypts your phone or system data and then would demand for ‘ransom’ or ‘money’ to unlock the system which is been encrypted. In such case if you refuse they will threaten you to destroy all the information forever and decrypting the information is a very intricate process and may not work every time. So eventually you are force to pay for your own information.”
Dark web is a market for hackers and cyber criminals. There are many websites which sell the credit/debit card details, passwords and other online information at a very low cost of $2-$5. However, hackers can get much more out of such information and extract huge amount of money, adds Manan Shah.
A ransom hacking victim from a city in Gujarat says – “Ransom Hacking is like kidnapping one’s family member or loved one virtually.” He adds, “We own a business of export and import and sales enquiries from other countries are a day to day part of our business. Couple of weeks ago we received such enquiry with an excel sheet attached. We only realized after opening the file that our complete data is been suddenly encrypted. Every single piece of data related to our business was lost in a friction of few seconds. Then a message popped up on our screen which said that we would have to make a payment in Bit coins through the given ID. Spontaneously we disconnected our computers from the network and seek an expert help to recover the loss.”
Currently, there is a new trend the hackers are adapting. Now they are moving their focus from computers and servers to a commonly used daily devices like phones, cars, and also medical equipment.
Let’s take a hypothetical situation that could soon become a reality – hacking medical equipment. Just picture it, a machine is used to perform a remote surgery and everything is all set. The patient is on anaesthesia and a doctor from a remote location are set to perform the surgery. As the surgery is about to start the machine which is been used is encrypted, doctors lose control over the operating device and nothing works. On the other side the hackers who were well aware of the exact schedule and procedure which was to be performed, have hacked into the medical device. The patient is on the table, the surgery is crucial and until you pay the ransom the hackers will not unlock the machine. This is one of the scenarios we need to be well protected from in the virtual world.
How? What do we need to do? Manan Shah has some recommendations to conclude this —
- Do not ignore the security pop-ups that warn you about the unsafe websites.
- Pornographic websites have pop-ups and an accidental click can install a malware on your system.
- Always make sure that there are Multiple backups of your data
- Torrent sites are a usually an easy trap. Videos can be infected with the malware, so beware before you download.
- In case of a ransom hack, disconnect the computer from the network so that the cyber criminals cannot have further access.
- Consult a cyber security expert or an ethical hacker.
- Check the email addresses and URLs before opening. Fake emailer’s and spear phishing (an email that appears to be from an individual or business that you know) can be detected through illegitimate or incorrect company names or URLs. For example, http:// instead of https://; www.icic1banks.com instead of www.icicibank.com)
It is important to be Internet literate in the digital world. Awareness is the best safety measure one can adopt. The cyber criminals are waiting for that one wrong move.
There are 5 myths which should not be believed.
1) Going incognito or using a private mode can protect you
2) The emails you send and receive are secure and private.
3) You have privacy rights against social media companies
4) Password protected public Wi-Fi are safe
5) Turning off the phone/putting it on flight mode keeps you from being tracked.