The other day, my close friend received a call from the bank stating there was a large transaction on her debit card in London. The amount was more than her monthly earnings! She took instant action, reported the transaction to the bank and blocked the card, changed all passwords, did everything the bank asked her to do. Thankfully the bank suspended the transaction. But the stress of going through all that and the long wait before getting the money back in the account plus the hefty service charges paid to the bank, set me thinking that I should write something on cybersecurity. But being as naïve in this matter as most of the general population, I asked my cousin Ameya, who is a technologist, to help me write something by providing points which I can elaborate.
Ameya has been kind enough to write a whole blog on the matter with inspiration and contribution from Nisha, his better-half, who teaches cybersecurity. I am sharing the same below.
Right from my childhood, I have enjoyed watching crime investigation serials and reading detective stories, esp. Sherlock Holmes. I still do. 😊 But, gone are the days where the detectives needed to deduce using the power of observation, knowledge and deep thinking. These days, most stories have mobile location footprints, social media posts, CCTV footages, histories on devices and google searches to assist the investigators. But the ying-and-yang philosophy applies here too. Technology today is an equally potent ammunition for criminals, if not more.
In the last
two decades, working close to technology has given me an opportunity to
understand and watch this space - the internet, ecommerce, mobile phones, apps,
social media - evolve and get deeper and deeper integrated into our lives. This
blog is an attempt to create a level of awareness of the risks associated with
this hyper-integrated cyber world. The risks are real and are huge! They apply
to most (if not all) people, organizations, governments, industries –
irrespective of the level of technology used by them. I do not attempt to talk
about technical aspects of the risks or attacks here, nor do I attempt to list
the precautions to be taken. Those are deeper subjects and change every day and perhaps may be topics for subsequent blogs.
Three stories: All of us, The Organizations We Deal With and Our Country/Government!
All of us could be possible victims!
One
afternoon at work, like we always did, we were getting together for lunch. Some
of us were wondering where one of our friends was. That day she arrived late –
just in time for lunch. The entire lunch conversation that followed was about
how she became a victim to a “google-pay / paytm” based fraud which many have fallen prey to. She
attempted selling a sofa set on OLX; she received a call from an army personnel
interested in buying it who wanted the sofa urgently at his home in Mumbai; he
could not come personally to collect it; nor could he pay cash given his
posting/duty. So he offered to pay through Google Pay. But, instead of paying, the
person withdrew money from my colleagues account – by tricking my friend into
entering an OTP to receive funds.
Times of India, March 8, 2021 |
This is an example of a well thought-out story woven with “psychological tricks” (urgent need, army personnel, on duty, wanting to help home) that makes gullible individuals fall prey to it.
More than
95% of the cyber frauds are due to lack of awareness or human errors.
Organizations we deal with
Imagine
this – you go on a vacation with your family for a week. One of the stays is in
a Marriot hotel. (Marriot owns many brands – Renaissance, Sheraton, LeMeridian,
Courtyard, Four Points among others). You
return rejuvenated with many memories (and photos) to cherish! A year down the line you read this: The Marriott hotel chain announced that one of its reservation systems
had been compromised, with hundreds of millions of customer records, including
credit card and passport numbers, being exfiltrated by the attackers. Your credit card details, your
passport details are in the hands of the criminals and probably being sold on
what they refer to as "The Dark Web."
Or you
regularly order food from Zomato. Which was also hit by a similar attack.
Times of India, March 8, 2021 |
Most
organizations we transact with have information about us. Be it credit card,
our transactions, our user ids and passwords, our addresses, our mobile
device/computer details, likes/dislikes, et al. These are of interest to many, not just for financial gains, but for several other reasons too.
Not all of
it is within our control! hence, being aware and vigilant is the need of the hour!
Just
keeping a watch on our financial transactions, our emails, having strong
passwords, changing them frequently are simple things within our hands which reduce
the risks of us being impacted by crimes like these.
Our country and government
Many
elections are being influenced by well-engineered social network management
teams – from within the country or outside. Cyberspace is the new battlefield
for wars these days.
Today’s
paper carried a Swaminomics blog by Swaminathan
Aiyer,
claiming we should focus more on cyberattacks from China than on the toolkit
issue. It speaks of the two power outages in the recent past in Hyderabad and Mumbai, being caused
by cyberattacks. While that is not something that
governments have publicly accepted, I know for a fact that in 2019, the Kudankulam
nuclear power plant in Tamil Nadu was under cyberattack and had to shut down.
Such
breaches are significant. These could have caused a disaster too. Blow up the
entire power plant, or transportation network (air, rail, roads etc.). Just
two weeks ago, a cyberattack allegedly tried to poison Florida’s water supply.
But thanks
to systems being there in place, most of these attempts were stalled in time
and major disasters averted. So, while the risks loom, it is not all that
gloomy!
For fun you
may recall the Italian Job movie where the road CCTV and Traffic
Light networks being hacked into for the heist.
How Not to be Sorry
One of the
quotable quotes from Readers Digest that has stayed with me is “Trust in God,
but lock your car”.
So, while
our governments and institutions are doing their bit to help our privacy, our
safety and reliability of services. We still need to do our bit, we need to be
aware and be vigilant. There are
hundreds of places to learn more. Go ahead and improve your awareness.
10 Simple tips:
1. Any offer / promotion received via
SMS/email/WhatsApp/phone which looks a little too good is fishy (Phishy!).
Avoid falling into the trap.
2. Having strong passwords: 8 or more
characters, no words / names / birthdates
3. Do not share OTP over phone. Please
bear in mind that OTP or a passcode is needed only when you need to pay, not
when you need to receive.
4. Do not open email attachments from
unknown senders
5. Review privacy/visibility of your
posts on social media – keep access to people you know
6. Be careful of what you post – are
you revealing more than needed?
7. Any spurious activities on your
social network, please act immediately. Change passwords!
8. Be careful of what you download! It
could contain malicious software which could steal information from your
devices (especially .exe files)
9. If you are transacting online,
please do so from secure sites and your own devices.
10. Be skeptical on what you read online
(WhatsApp, Facebook, advertisements) until you validate and revalidate from at
least two authentic sources
& there could be many more… but I’ll stop
here.
If you are
interested in more details, please find the link to the booklet released by
government of Maharashtra:
https://www.bankofindia.co.in/pdf/CyberSecurityAwarenessBookletbyGovtofMaharashtra.pdf
I hope you found the article interesting and helpful. If you did so, please mention in the comments. The greater the number of comments, the more pressure I can put on the lovebirds to contribute more to the blog! And of course, subscribe and follow to get alerts on new posts.
Disclaimer: This is a personal blog. Any views or opinions represented in this blog are personal and belong solely to the authors. These do not represent views/ opinions of people, institutions or organizations that authors are associated with in professional capacity.
About the Authors:
Ameya is a technologist, a wanderer who dabbles with photography and cricket in free time. Nisha is an Asst Professor who teaches Cybersecurity and Cyber forensics to budding engineers. They are a foodie couple who enjoy travelling whenever they can fit it into their busy schedules. I am proud to have such talented cousins!
Nice write-up. "Trust in god, but lock your car". The line says it all. The 10 point vigilance makes it easier for noon or rather oblivious users like me.
ReplyDelete:) thank u!
DeleteI am going to take your advice about changing passwords seriously.
ReplyDeletePlease do!
DeleteThis comment has been removed by a blog administrator.
ReplyDeleteThank you
ReplyDeleteIt was a very good post indeed. I thoroughly enjoyed reading it in my lunch time. Will surely come and visit this blog more often. Thanks for sharing. https://python.engineering/cybersecurity/
ReplyDeleteThank you !
DeleteHi,
ReplyDeleteThank you for taking the time and effort to share your knowledge about mobile hacking. This material turned out to be really efficient and informative to me. Thank you for providing this information. All people know about the penalty for hacking cell phones
I would like to say thank you for all the great effort you have extended in sharing this educative article to us. Take care and have a nice day. enterprise cybersecurity
ReplyDeleteThank You
DeleteThank you!
ReplyDelete
ReplyDeletekula said:
Sat, 22 Jan 2022 17:43:23 +0800
You made such an interesting piece to read, giving every subject enlightenment for us to gain knowledge. Thanks for sharing the such information with us to read this.External Network Penetration Testing
Thank you for your kind words.
DeleteThis is a great article; the research work you have done on this 'topic' is remarkable. Thank you for posting this. For more information, visit daedalus industrial.
ReplyDeleteThank you for your kind words
DeleteThanks for your post. I’ve been thinking about writing a very comparable post over the last couple of weeks, I’ll probably keep it short and sweet and link to this instead if thats cool. Thanks. CPM SEO
ReplyDeleteThank you. Yes, linking is absolutely fine with me, thank you
DeleteProtect your business with top-notch cybersecurity solutions and 24/7 monitoring from a trusted Managed Security Services Provider (MSSP).
ReplyDeleteWyDur's Managed Endpoint Security solutions offer advanced protection against cyber attacks. With our cutting-edge technology and experienced team, you can rest assured that your devices and network are fully protected. Trust WyDur to keep your business safe and secure.
Managed Security Services in Hyderabad
Your article contains very much information about cybersecurity. It is very informative and nicely describes services for the small businesses. I am thankful to you for sharing this article here.
ReplyDeleteI am glad you found this helpful.
DeleteThis was really awesome. kindly keep continuing the great work and share more ideas on cybersecurity with us. I like your post, this is very nice.
ReplyDeleteThank you for your words of encouragement
DeleteThank you for sharing the article, great information.
ReplyDeleteBest Cybersecurity Services Company/a>
👍
DeleteManaged cybersecurity has become an indispensable aspect of modern business operations. With the ever-increasing sophistication of cyber threats, organizations need proactive and robust security measures in place to protect their sensitive data and systems. Managed cybersecurity services offer a comprehensive and proactive approach to safeguarding businesses from cyberattacks. These services typically include continuous monitoring, threat detection, and incident response. Managed cybersecurity professionals use advanced technologies to identify vulnerabilities, analyze potential threats, and implement effective security measures. They stay updated with the latest security trends and continuously adapt their strategies to combat emerging threats.
ReplyDeleteYour interesting post explores the field of cybersecurity and highlights the importance of care and knowledge. The instances of fraud and data breaches highlight how crucial it is to exercise caution when interacting online. The useful advice you provided is crucial for improving our online safety. The need forManaged Cybersecurity Services Providers grows as we navigate this hyper-connected environment. The article provides a thorough overview of the changing cyber scene, from managed cyber security services to protection against threats in the United States, specifically in Cyber Security California. I appreciate the educational read.
ReplyDeleteIn a digital age, 'Better Safe Than Sorry' has never rung truer. This insightful blog on cybersecurity is a must-read, emphasizing the importance of proactive measures in safeguarding our digital realms. Kudos for shedding light on this critical aspect! 🔐💻 #CybersecurityAwareness #StaySecure
ReplyDeleteThank you for your words of praise
DeleteThank you so much for this nice information.
ReplyDeleteData Analytics Services
IoT Analytics Services
Striim Consulting Services
There is a lot of information regarding cybersecurity
ReplyDeletein your post. It provides excellent information and a decent description of services for small enterprises. I appreciate you sharing this content with us.
It’s really a great post with lots of blog commenting sites. It’s very important for getting traffic and really thanks for sharing all.
ReplyDeleteDigital Era
Thank you for precious information, Contact us today to learn more about our beneficial information about Cyberattacks In Aviation Industry and how we can help you protect your business.
ReplyDeleteInformative and well-written article. Thank you for sharing your knowledge with us. Contact us if you need assistance with Cyber Security Services The Best Cyber Security Providers
ReplyDeleteCybersecurity - Better Safe Than Sorry encapsulates the fundamental ethos in our digital age. The saying resonates as a guiding principle, emphasizing the importance of proactive measures to protect against evolving cyber threats. In an era where data is a valuable commodity, the mantra 'better safe than sorry' becomes a rallying call for individuals and organizations alike. This mindset prompts us to prioritize robust security practices, recognizing that the cost of a breach far outweighs the investments made in prevention. As we navigate the digital landscape, embracing this philosophy ensures a safer and more resilient online experience for all.
ReplyDeleteFor More details, please visit: https://bluesteelcyber.com
Thank you for sharing the valuable information.
ReplyDeleteBest Cybersecurity Services.
You have given incredible substance here about the trendzguruji.me cyber. I'm happy to find this post as I tracked down heaps of significant information in your article.
ReplyDeleteThank you for your blog! It was really helpful and inspiring. Your words made a big difference for me. I learned a lot and felt motivated. Keep sharing your wisdom; it's like a guiding light in my journey."
ReplyDeleteRegard:cyber security certifications
Reliable partner guaranteeing cutting-edge technologies, quick issue response, and data integrity. Elite-level managed security services provider
ReplyDelete.
Thank You for sharing valuable information that should take precautions than regret Cyber security services
ReplyDeleteComprehensive Cybersecurity Solutions for Business Continuity
ReplyDeleteCybersecurity services offer comprehensive protection for businesses, safeguarding data and systems from cyber threats. This encompasses proactive measures like vulnerability assessments and employee training, alongside reactive incident response to swiftly recover from attacks.
Thanks for the insightful post! It's concerning to hear about the rise in cyber fraud. Kudos to Ameya and Nisha for compiling this informative piece. The stories shared highlight the importance of cybersecurity awareness. The practical tips provided are invaluable in staying safe online. Let's all stay vigilant and protect ourselves in this digital age. Thanks again for sharing!
ReplyDeleteInteresting Article Thank you for sharing information Cyber security Services
ReplyDeleteThank You for sharing informative blog Cyber Security Services
ReplyDeleteThank you for sharing blog on understanding cybersecurity threats. Recently, my friend discovered a large, unauthorized debit card transaction in London. She acted quickly, reported it to the bank, and changed her passwords. Although the transaction was suspended, the stress and service charges inspired me to highlight the importance of cybersecurity. FYI Solutions offers cybersecurity services to protect against such threats. Stay vigilant!
ReplyDeleteGood to see this blog and it is true cybersecurity management is very important for any business. cyber security services
ReplyDelete"Great post! I really appreciate the detailed insights you've shared here. The way you broke down the information made it easy to understand, and I found the examples particularly helpful."
ReplyDeleteNEBOSH International Diploma
This comment has been removed by the author.
ReplyDeleteLooking for CMMC compliance in Los Angeles ? Our C3PAO services ensure your organization meets the Cybersecurity Maturity Model Certification standards. With expert guidance and tailored solutions, we navigate the complexities of CMMC assessments, empowering your business to thrive securely. Contact us today to safeguard your data and achieve compliance with confidence.
ReplyDeleteThank You and that i have a tremendous proposal: Does Renovation Increase House Value home renovation companies near me
ReplyDeletevery nice… i really like your blog. Very useful informations. Thanks, we also provide service for cyber security companies near me.For More Information visit our website.
ReplyDeleteTesting agency is the best way or cyber security testing precise testing solution company is best company in India :cyber security testing company in India
ReplyDeletePlease follow our website:
Wonderful Blog ! Strengthening Cyber Security Dubai is crucial—better to invest in protection now than deal with the consequences later.
ReplyDelete