Cybersecurity - Better Safe Than Sorry

The other day, my close friend received a call from the bank stating there was a large transaction on her debit card in London.  The amount was more than her monthly earnings!  She took instant action, reported the transaction to the bank and blocked the card, changed all passwords, did everything the bank asked her to do.  Thankfully the bank suspended the transaction.  But the stress of going through all that and the long wait before getting the money back in the account plus the hefty service charges paid to the bank, set me thinking that I should write something on cybersecurity But being as naïve in this matter as most of the general population, I asked my cousin Ameya, who is a technologist, to help me write something by providing points which I can elaborate.


Ameya has been kind enough to write a whole blog on the matter with inspiration and contribution from Nisha, his better-half, who teaches cybersecurity.  I am sharing the same below.



Right from my childhood, I have enjoyed watching crime investigation serials and reading detective stories, esp. Sherlock Holmes. I still do. 😊 But, gone are the days where the detectives needed to deduce using the power of observation, knowledge and deep thinking. These days, most stories have mobile location footprints, social media posts, CCTV footages, histories on devices and google searches to assist the investigators. But the ying-and-yang philosophy applies here too. Technology today is an equally potent ammunition for criminals, if not more.

In the last two decades, working close to technology has given me an opportunity to understand and watch this space - the internet, ecommerce, mobile phones, apps, social media - evolve and get deeper and deeper integrated into our lives. This blog is an attempt to create a level of awareness of the risks associated with this hyper-integrated cyber world. The risks are real and are huge! They apply to most (if not all) people, organizations, governments, industries – irrespective of the level of technology used by them. I do not attempt to talk about technical aspects of the risks or attacks here, nor do I attempt to list the precautions to be taken. Those are deeper subjects and change every day and perhaps may be topics for subsequent blogs.

 

Three stories: All of us, The Organizations We Deal With and Our Country/Government!

 

All of us could be possible victims!

One afternoon at work, like we always did, we were getting together for lunch. Some of us were wondering where one of our friends was. That day she arrived late – just in time for lunch. The entire lunch conversation that followed was about how she became a victim to a “google-pay / paytm” based fraud which many have fallen prey to. She attempted selling a sofa set on OLX; she received a call from an army personnel interested in buying it who wanted the sofa urgently at his home in Mumbai; he could not come personally to collect it; nor could he pay cash given his posting/duty.  So he offered to pay through Google Pay. But, instead of paying, the person withdrew money from my colleagues account – by tricking my friend into entering an OTP to receive funds.

Times of India, March 8, 2021
This was over 18 months ago. Just few weeks ago, Arvind Kejriwal’s daughter was also duped of Rs. 34,000/- through the same modus operandi. As per the reports I’ve seen till date, some arrests have been made, but the masterminds are yet to be found.

This is an example of a well thought-out story woven with “psychological tricks” (urgent need, army personnel, on duty, wanting to help home) that makes gullible individuals fall prey to it. 

More than 95% of the cyber frauds are due to lack of awareness or human errors.

 

Organizations we deal with

Imagine this – you go on a vacation with your family for a week. One of the stays is in a Marriot hotel. (Marriot owns many brands – Renaissance, Sheraton, LeMeridian, Courtyard, Four Points among others).  You return rejuvenated with many memories (and photos) to cherish!  A year down the line you read this: The Marriott hotel chain announced that one of its reservation systems had been compromised, with hundreds of millions of customer records, including credit card and passport numbers, being exfiltrated by the attackers. Your credit card details, your passport details are in the hands of the criminals and probably being sold on what they refer to as "The Dark Web."

Or you regularly order food from Zomato. Which was also hit by a similar attack. 

Times of India, March 8, 2021

Most organizations we transact with have information about us. Be it credit card, our transactions, our user ids and passwords, our addresses, our mobile device/computer details, likes/dislikes, et al. These are of interest to many, not just for financial gains, but for several other reasons too.

Not all of it is within our control! hence, being aware and vigilant is the need of the hour!

Just keeping a watch on our financial transactions, our emails, having strong passwords, changing them frequently are simple things within our hands which reduce the risks of us being impacted by crimes like these.

Our country and government

Many elections are being influenced by well-engineered social network management teams – from within the country or outside. Cyberspace is the new battlefield for wars these days.

Today’s paper carried a Swaminomics blog by Swaminathan Aiyer, claiming we should focus more on cyberattacks from China than on the toolkit issue. It speaks of the two power outages in the recent past in Hyderabad and Mumbai, being caused by cyberattacks. While that is not something that governments have publicly accepted, I know for a fact that in 2019, the Kudankulam nuclear power plant in Tamil Nadu was under cyberattack and had to shut down.

Such breaches are significant. These could have caused a disaster too. Blow up the entire power plant, or transportation network (air, rail, roads etc.). Just two weeks ago, a cyberattack allegedly tried to poison Florida’s water supply.

But thanks to systems being there in place, most of these attempts were stalled in time and major disasters averted. So, while the risks loom, it is not all that gloomy!

For fun you may recall the Italian Job movie where the road CCTV and Traffic Light networks being hacked into for the heist.

 

How Not to be Sorry

One of the quotable quotes from Readers Digest that has stayed with me is “Trust in God, but lock your car”.

So, while our governments and institutions are doing their bit to help our privacy, our safety and reliability of services. We still need to do our bit, we need to be aware and be vigilant.  There are hundreds of places to learn more. Go ahead and improve your awareness.

10 Simple tips:

1.       Any offer / promotion received via SMS/email/WhatsApp/phone which looks a little too good is fishy (Phishy!). Avoid falling into the trap.

2.       Having strong passwords: 8 or more characters, no words / names / birthdates

3.       Do not share OTP over phone. Please bear in mind that OTP or a passcode is needed only when you need to pay, not when you need to receive.

4.       Do not open email attachments from unknown senders

5.       Review privacy/visibility of your posts on social media – keep access to people you know

6.       Be careful of what you post – are you revealing more than needed?

7.       Any spurious activities on your social network, please act immediately. Change passwords!

8.       Be careful of what you download! It could contain malicious software which could steal information from your devices (especially .exe files)

9.       If you are transacting online, please do so from secure sites and your own devices.

10.   Be skeptical on what you read online (WhatsApp, Facebook, advertisements) until you validate and revalidate from at least two authentic sources

& there could be many more… but I’ll stop here.

If you are interested in more details, please find the link to the booklet released by government of Maharashtra:

 https://www.bankofindia.co.in/pdf/CyberSecurityAwarenessBookletbyGovtofMaharashtra.pdf

I hope you found the article interesting and helpful.  If you did so, please mention in the comments.  The greater the number of comments, the more pressure I can put on the lovebirds to contribute more to the blog! And of course, subscribe and follow to get alerts on new posts.

Disclaimer:  This is a personal blog. Any views or opinions represented in this blog are personal and belong solely to the authors. These do not represent views/ opinions of people, institutions or organizations that authors are associated with in professional capacity.

About the Authors:

Ameya is a technologist, a wanderer who dabbles with photography and cricket in free time.  Nisha is an Asst Professor who teaches Cybersecurity and Cyber forensics to budding engineers.  They are a foodie couple who enjoy travelling whenever they can fit it into their busy schedules.  I am proud to have such talented cousins! 

 


Comments

  1. Nice write-up. "Trust in god, but lock your car". The line says it all. The 10 point vigilance makes it easier for noon or rather oblivious users like me.

    ReplyDelete
  2. I am going to take your advice about changing passwords seriously.

    ReplyDelete
  3. This comment has been removed by a blog administrator.

    ReplyDelete
  4. It was a very good post indeed. I thoroughly enjoyed reading it in my lunch time. Will surely come and visit this blog more often. Thanks for sharing. https://python.engineering/cybersecurity/

    ReplyDelete
  5. Hi,
    Thank you for taking the time and effort to share your knowledge about mobile hacking. This material turned out to be really efficient and informative to me. Thank you for providing this information. All people know about the penalty for hacking cell phones

    ReplyDelete
  6. I would like to say thank you for all the great effort you have extended in sharing this educative article to us. Take care and have a nice day. enterprise cybersecurity

    ReplyDelete
  7. Thank you!

    ReplyDelete

  8. kula said:
    Sat, 22 Jan 2022 17:43:23 +0800
    You made such an interesting piece to read, giving every subject enlightenment for us to gain knowledge. Thanks for sharing the such information with us to read this.External Network Penetration Testing

    ReplyDelete
    Replies
    1. Thank you for your kind words.

      Delete
  9. This is a great article; the research work you have done on this 'topic' is remarkable. Thank you for posting this. For more information, visit daedalus industrial.

    ReplyDelete
    Replies
    1. Thank you for your kind words

      Delete
  10. Thanks for your post. I’ve been thinking about writing a very comparable post over the last couple of weeks, I’ll probably keep it short and sweet and link to this instead if thats cool. Thanks. CPM SEO

    ReplyDelete
    Replies
    1. Thank you. Yes, linking is absolutely fine with me, thank you

      Delete
  11. Protect your business with top-notch cybersecurity solutions and 24/7 monitoring from a trusted Managed Security Services Provider (MSSP).


    WyDur's Managed Endpoint Security solutions offer advanced protection against cyber attacks. With our cutting-edge technology and experienced team, you can rest assured that your devices and network are fully protected. Trust WyDur to keep your business safe and secure.


    Managed Security Services in Hyderabad

    ReplyDelete
  12. Your article contains very much information about cybersecurity. It is very informative and nicely describes services for the small businesses. I am thankful to you for sharing this article here.

    ReplyDelete
    Replies
    1. I am glad you found this helpful.

      Delete
  13. This was really awesome. kindly keep continuing the great work and share more ideas on cybersecurity with us. I like your post, this is very nice.

    ReplyDelete
    Replies
    1. Thank you for your words of encouragement

      Delete
  14. Managed cybersecurity has become an indispensable aspect of modern business operations. With the ever-increasing sophistication of cyber threats, organizations need proactive and robust security measures in place to protect their sensitive data and systems. Managed cybersecurity services offer a comprehensive and proactive approach to safeguarding businesses from cyberattacks. These services typically include continuous monitoring, threat detection, and incident response. Managed cybersecurity professionals use advanced technologies to identify vulnerabilities, analyze potential threats, and implement effective security measures. They stay updated with the latest security trends and continuously adapt their strategies to combat emerging threats.

    ReplyDelete
  15. Your interesting post explores the field of cybersecurity and highlights the importance of care and knowledge. The instances of fraud and data breaches highlight how crucial it is to exercise caution when interacting online. The useful advice you provided is crucial for improving our online safety. The need forManaged Cybersecurity Services Providers grows as we navigate this hyper-connected environment. The article provides a thorough overview of the changing cyber scene, from managed cyber security services to protection against threats in the United States, specifically in Cyber Security California. I appreciate the educational read.

    ReplyDelete
  16. In a digital age, 'Better Safe Than Sorry' has never rung truer. This insightful blog on cybersecurity is a must-read, emphasizing the importance of proactive measures in safeguarding our digital realms. Kudos for shedding light on this critical aspect! 🔐💻 #CybersecurityAwareness #StaySecure

    ReplyDelete
    Replies
    1. Thank you for your words of praise

      Delete
  17. There is a lot of information regarding cybersecurity
    in your post. It provides excellent information and a decent description of services for small enterprises. I appreciate you sharing this content with us.

    ReplyDelete
  18. It’s really a great post with lots of blog commenting sites. It’s very important for getting traffic and really thanks for sharing all.
    Digital Era

    ReplyDelete
  19. Thank you for precious information, Contact us today to learn more about our beneficial information about Cyberattacks In Aviation Industry and how we can help you protect your business.

    ReplyDelete
  20. Informative and well-written article. Thank you for sharing your knowledge with us. Contact us if you need assistance with Cyber Security Services The Best Cyber Security Providers

    ReplyDelete
  21. Cybersecurity - Better Safe Than Sorry encapsulates the fundamental ethos in our digital age. The saying resonates as a guiding principle, emphasizing the importance of proactive measures to protect against evolving cyber threats. In an era where data is a valuable commodity, the mantra 'better safe than sorry' becomes a rallying call for individuals and organizations alike. This mindset prompts us to prioritize robust security practices, recognizing that the cost of a breach far outweighs the investments made in prevention. As we navigate the digital landscape, embracing this philosophy ensures a safer and more resilient online experience for all.

    For More details, please visit: https://bluesteelcyber.com

    ReplyDelete
  22. You have given incredible substance here about the trendzguruji.me cyber. I'm happy to find this post as I tracked down heaps of significant information in your article.

    ReplyDelete
  23. Thank you for your blog! It was really helpful and inspiring. Your words made a big difference for me. I learned a lot and felt motivated. Keep sharing your wisdom; it's like a guiding light in my journey."
    Regard:cyber security certifications

    ReplyDelete
  24. Reliable partner guaranteeing cutting-edge technologies, quick issue response, and data integrity. Elite-level managed security services provider
    .

    ReplyDelete
  25. Thank You for sharing valuable information that should take precautions than regret Cyber security services

    ReplyDelete
  26. Comprehensive Cybersecurity Solutions for Business Continuity
    Cybersecurity services offer comprehensive protection for businesses, safeguarding data and systems from cyber threats. This encompasses proactive measures like vulnerability assessments and employee training, alongside reactive incident response to swiftly recover from attacks.

    ReplyDelete
  27. Thanks for the insightful post! It's concerning to hear about the rise in cyber fraud. Kudos to Ameya and Nisha for compiling this informative piece. The stories shared highlight the importance of cybersecurity awareness. The practical tips provided are invaluable in staying safe online. Let's all stay vigilant and protect ourselves in this digital age. Thanks again for sharing!

    ReplyDelete
  28. Interesting Article Thank you for sharing information Cyber security Services

    ReplyDelete
  29. Thank You for sharing informative blog Cyber Security Services

    ReplyDelete
  30. Thank you for sharing blog on understanding cybersecurity threats. Recently, my friend discovered a large, unauthorized debit card transaction in London. She acted quickly, reported it to the bank, and changed her passwords. Although the transaction was suspended, the stress and service charges inspired me to highlight the importance of cybersecurity. FYI Solutions offers cybersecurity services to protect against such threats. Stay vigilant!

    ReplyDelete
  31. Good to see this blog and it is true cybersecurity management is very important for any business. cyber security services

    ReplyDelete
  32. "Great post! I really appreciate the detailed insights you've shared here. The way you broke down the information made it easy to understand, and I found the examples particularly helpful."
    NEBOSH International Diploma

    ReplyDelete
  33. This comment has been removed by the author.

    ReplyDelete
  34. Looking for CMMC compliance in Los Angeles ? Our C3PAO services ensure your organization meets the Cybersecurity Maturity Model Certification standards. With expert guidance and tailored solutions, we navigate the complexities of CMMC assessments, empowering your business to thrive securely. Contact us today to safeguard your data and achieve compliance with confidence.

    ReplyDelete
  35. Thank You and that i have a tremendous proposal: Does Renovation Increase House Value home renovation companies near me

    ReplyDelete
  36. very nice… i really like your blog. Very useful informations. Thanks, we also provide service for cyber security companies near me.For More Information visit our website.

    ReplyDelete
  37. Testing agency is the best way or cyber security testing precise testing solution company is best company in India :cyber security testing company in India
    Please follow our website:

    ReplyDelete
  38. Wonderful Blog ! Strengthening Cyber Security Dubai is crucial—better to invest in protection now than deal with the consequences later.

    ReplyDelete

Post a Comment