Lets move to our topic.....
- What is cashless society.....
a society in which purchases of goods or services are made by credit card or electronic funds transferral rather than with cash or checks. Expand. Also called checkless society.
- How hackers Attract to this....And how they attack on us
With the current cash flow deficit, people are being forced to make digital payments. Without proper precautions and security policies, the highly reactive nature of cybersecurity leaves us vulnerable to cyberattacks.
One of the biggest financial data breaches in India, exposed in late October, had compromised the financial data of over three million users and victimised major banking companies. The breach occurred when a network of Hitachi ATMs infected with malware enabled hackers to steal users’ login credentials and make illegal transactions. Following this, companies issued new cards and asked customers to limit their ATM usage to those operated by their banks. However, a few weeks after the breach, the demonetisation announcement pushed people to do just the opposite — rush to withdraw money from just any functioning ATM. Till date, there has been no communication from banks or the Reserve Bank of India assuring the public that the infected ATMs have been taken out of service or fixed to prevent further breaches.
Digital transactions
Over the past week, digital payments have hit record transactions: PayTM said there was a 200 per cent increase in its mobile application downloads and a 250 per cent increase in overall transactions; MobiKwik said its user traffic and merchant queries increased by 200 per cent within a few days of the government’s announcement. Companies such as Oxigen and PayU have also seen a rise in their service usage.
This trend is certainly heading in the right direction if we are moving towards a cashless economy, but the speed of technological development and its integration into our economy far supersedes the speed of defence mechanisms and protocols that could mitigate cyberattacks. Cybersecurity is unparalleled and reactive in nature, which begs the question: is it safe to utilise these new payment platforms?
PayTM, for instance, is certified under the Payment Card Industry Data Security Standard (PCI DSS) 2.0 certification, which is the current industry security standard set by American Express, Visa International, MasterCard Worldwide and a few other international dealers. This is an essential certification for companies that store credit card information. PayTM and other such companies also use 128-bit encryption technology to crypt any information transfer between two systems. It takes more than a hundred trillion years to crack a password under 128-bit encryption. Needless to say, transactions via these companies are fairly secure, hence there is little doubt that companies taking advantage of demonetisation are employing their share of precautions for secure transactions.
However, this does not mean that these precautions won’t make us invulnerable. Apart from login credentials, hackers target other things. For example, just a few weeks back, hackers breached a British mobile company, Three Mobile’s database, putting at risk the private information of six million users, which was later used to purchase mobile accessories at the users’ expense. Other uses for stolen data include underground sales, identity theft, or targeted personal attacks such as extortion. According to the 2015 data breaches study by IBM and the Ponemon Institute, India is the most targeted country for data breaches.
While these attacks may appear sophisticated, there are easier methods that anyone with basic IT skills can deploy. These include creating fake mobile applications and spyware that steal information, or social engineering tactics that make you reveal your login credentials. Forums on the Internet are flush with step-by-step instructions on how to create fake websites that imitate digital payment platforms.
The larger concern, however, is that if companies like HDFC and ICICI, which are most likely proactive in updating their security systems, also experienced cyberattacks, what does that imply about unsuspecting users? Most new users, especially street vendors, have been forced onto the digital payments bandwagon. Are they aware of the security risks involved? And even if they are, what precautions can they take to minimise the potential damage from attacks?
- All Users are not that musch advance users for handling this digitalisation
Companies, customers, and the government should collectively participate to mitigate cyberattacks and minimise its damages.
First, all companies that offer platforms or services enabling digital payments should increase awareness among their customers of the risks, and educate them on ways to secure themselves. They must employ behaviour analytics and pattern analysis at their fraud prevention departments to predict suspicious behaviour. They must be proactive in looking out for any fake applications or websites that masquerade their service. They must monitor discussion boards, social media platforms, and forums that discuss hacking and fraud tactics, and implement measures to thwart such tactics.
Second, the government should check if the current policies regulating these platforms are adequate and update them regularly. People must be educated on the risks involved, strict policies must be enforced, and companies accountable for not meeting security standards must be held. Benefits that come from overlooking security precautions must be minimised, and public-private partnerships on live information sharing about cyberattacks and fraud should be strengthened.
Third, customers should educate themselves about the risks involved and take precautions. They must minimise vulnerability with two-factor authentication and change their password frequently. They must check the authenticity of applications by looking for the number of downloads and read reviews by other users — the higher the number of downloads and reviews, the higher the chances that the application is legitimate. Customers must also check for other application releases from that developer. For instance, they must check the Website’s authenticity by searching for the proper spelling of the Web address, check if the Website is secure by looking out for a green padlock symbol on the left side of the Web address, and keep Web browsers updated so they can recognise illegitimate sites easily.
Prime Minister Narendra Modi recently asked people to embrace the digital cashless world, reiterating that digitisation of economic activities is here to stay. In the midst of going cashless, we should not cast a blind eye to the security aspect of digital payments. We all share a collective responsibility to build a safe and secure digital infrastructure.
- Job platforms available after digitalisation
- Job platforms for ethical hackers
- Why we learn hacking and cyber security....?
Scope Of Ethical Hacking
With the growing number of threats, it is becoming difficult for companies to protect their critical data and systems from the external threats. This has created a huge demand for ethical hackers who can help them in securing their operations and offer them a third person view of their security systems. Ethical hacking is the process of trying to break into a company’s security system and expose the loop holes, with their permission. Ethical hackers use a series of tests such as penetration testing, vulnerability testing, etc. to understand the integrity and confidentiality of the company’s data. They also test for the accessibility and availability of the information.
“In the wake of digital transformation, cyber security has become a major issue and hence, more and more companies are hiring specialists of ethical hacking to protect themselves from cyber criminals. If you compare the industry to what it was a decade back, things look much more positive now. Banks, financial institutions are hiring a white hat or ethical hackers to protect their systems, networks, applications and more”, said Rahul Tyagi, VP - Training, Lucideus.
While automation is axing jobs of lower end and mid-level engineers worldwide, cyber security is a stream which has remained unaffected. Due to high demand, the average starting salary for ethical hackers ranges from average INR 4 lakh to INR 5 lakh. MNCs are ready to offer even more handsome incentives to professional cyber security agencies. Hence, ethical hacking is emerging not as a growing but also a money making career for youngsters who are willing to get into the cyberspace.
- Why we need more ethical hackers....?
An ethical hacker is someone who follows ethical principles to protect information and systems from the unethical hackers. Recently, many organizations have faced cyber-attacks leading to the growing need of having professional ethical hackerswho can safeguard their networks.
Stay with us
We'll return with new interesting topics and tricks
And we providing free ethical hacking and cyber security techniques so stay with our blogs....
Good bye ....
