How does WannaCry affect India?

Oct 24, 2017 by infocon in  cyber security Security

In emerging economies like India where the government is undertaking large scale digital initiatives and schemes, security has become a major concern. Cyber experts believe that the damage done by WannaCry ransomware is an issue of under-reported magnitude.

The use of pirated and outdated software is rampant among Indian users as well mid-size and small IT organizations. Fearing licensing issues, a huge number of these incidents will not be reporting the losses, concludes expert opinion on the latest cyber attack.

According to the Centre’s instruction to CERT-IN (Computer Emergency Response Team), “all the information of reported ransomware” have been collected into a report. Many of the cases across the country were isolated but the wave of attacks certainly shows that the impact to India is certainly a caution alarm.

The report states these places as worst hit by WannaCry:

1. 10% of Vadodara’s total computers in the District Administration Collectorate Office.

2.  Computers in Panchayat offices of Wayanad and Pathanamthitta districts in Kerala.

3.  120 computers connected with Gujarat State Wide Area Network in Gujarat.

4.  18 systems of Andhra Pradesh Police Department.

5.  Systems in the Tirumala Tirupati Devasthanams (TTD) Shrine in Andhra Pradesh.

6.  Computers of the Personnel Department of the Southern Railways’ Palakkad Division.

7.  Computers in several locations of the Police Department of Maharashtra.

8.  Many attacks happened in computers across Kerala and Tamil Nadu.

 

Bringing Information Security to book – Infocon initiative

Oct 21, 2016

How much information security is enough security ?

Infocon is an initiative by Prime Infoserv, Kolkata and Wordsmith has been a collaborator in the initiative. Any contemporary CXO who is not concerned with the theme and confusion called Information Security is either non-existent or soon will face bankruptcy judge.

Billions are lost by private and public institutions worldwide through loopholes in securing information. Information is literally money. If you are a financial institution and if your customer database is compromised, then the fall-out can be seriously embarrassing to catastrophic.

The Problem of Mr. K, a CIO of the castle called Kolkata 

Mr. K is a  CIO of a large healthcare company in Kolkata. His 60% life was spent without internet and when his career is at the matured peak, he finds that he needs to reckon with information security. His CEO has instructed him to “do something”. What he should do ?

In case of an enterprise, any “doing” needs management time, money and attention (follow-up). More important, no vendor appears to be able to answer the question : “How much information security is good security ? “How much I should spend, considering the solutions are correct ?” 

Mr. K, found to his great confusion that he is not able to get these “figures”.

In a autumn morning in Kolkata, post-Durga Puja last year,  I and Sushobhan, CEO of Prime met Mr. K in his East Calcutta office, overlooking the wetlands of Calcutta that appear to be merging with the Sunderbans.  Mr. K narrated his predicament, especially the most important one – “How much money and resource he should ask for approval ? ” from his top management to implement the solution selected. The problem with the solution was its very nature : the solution is directly connected to the threat – real, perceived, imagined or enmeshed in the business interest of the information security vendor.

The Mathematical Model

In other words, we need an analytic framework backed up by the cold, austere and objective mathematical perspective other than paranoia, vendor interest, disaster porn, technical jargon, hardware and software vendor with their exotic offerings lined up in the form of priests of some esoteric cult.

There is a mathematical model called Gordon-Leob model that does exactly that. It uses mathematical tools like probability, confidence interval, distribution to produce a mathematically verifiable statement

After the coffee, I and Sushobhan told Mr. K that he should spend no more than 37% of the amount X, where X is calculated by

X = Cost * Maximum probable vulnerability * Impact Constant * Quantified Risk

Mr. K was delighted. He is now at least dealing with arithmetic, not anxiety-metric.

In due course, we did find out X for his organization by using a 4 step method which is basically a combination of police work + detective work. In the first step, we did a vulnerability analysis and logged all known risks, in the 2nd step, we had assigned some metric to those risks in consultation with the company. In the 3rd step, we calculated the probabilities of such events, in the final step, we tabulated the impact and then estimated X.

Since then, we have been working in this area with clients in India, Bangladesh, UK and everywhere we found one common aspect : lack of awareness. Then the idea of Infocon was born.

Infocon 2016 is happening on 18th November – a platform for sharing our confusion, triumph, fear, best practices and combining our torches in a same direction to create a path in the literal jungle of information which not only has exotic fruits, flowers and scenes but ferocious enemies.

Why ‘WannaCry’ must be a lesson for all

Oct 24, 2017

May 12, 2017 is one of the most dreadful days of the year for cyber experts and its stakeholders. About 150 countries across the globe suffered a cyber-attack, affecting 200,000 computers.

It was the infamous “WannaCry” ransomware in which hackers locked people out of their computers, demanding a ransom of $300 in bitcoins. Medical care became inaccessible and factories were shut down for more than 2 days to minimize loss of confidential and further damage.

Here goes a brief on one of the most dangerous ransomware attacks in the Cyber-verse:

What is “WannaCry”?

“WannaCry” appears to have utilized a flaw in Microsoft’s software, discovered by the National Security Agency, which was quickly leaked by hackers. The malicious code that relied on the victims opening a zip file emailed to them, spread rapidly across networks locking away files one by one. From then on, the programme used Microsoft’s flaw to thrive.

Microsoft had released a security update which addressed the vulnerability in the sixteen year old Windows XP operating system, in March 2017. This update was exploited by the hackers to trigger the massive ransomware attack.

 

 

Who got affected?

Several computer networks worldwide were affected, including Telefonica as well as other major organizations in Spain. The British National Health Service (NHS), too, was forced to cancel scheduled patients.

FedEx, Deutsche Bahn, the Russian Interior  Ministry and Russian telecom MegaFon were barred from normal operating services. According to Quartz the three bitcoin wallets used in the attack received just under 300 payments totalling a sum of 48.8635565 bitcoins, which is the equivalent of about $101,000.

 

What is a ransomware attack?

The term ‘ransomware’ appeared in 2005 in the US with the first notable biggest threats to security. While cyber experts maintain it to be 2005, the history of ransomware goes back to 1989.

 

PC CYBORG advisory from 1989. Screenshot via Security Focus

 

According to Becker’s Hospital Review, the earliest ransomware attack occurred in 1989, targeting the healthcare industry. Tracing the same, the healthcare industry still remains a top target for such attacks even after twenty eight years.

Ransomware is a cyber-attack wherein hackers gain control over a computer system and block access to it until the demanded ransom is paid. Hackers get control of systems by downloading a type of malicious software onto a device within the network. This is usually done by getting a victim to click on download link by mistake. The link is normally attached with an email, which once opened, encrypts the hard drive. Once the software gets into the victim’s computer, it enables the hackers to launch an attack that locks all files it can find within that network.

The recent ‘WannaCry’, also known as Wanna Decryptor is a ransomware programme that locks all the available data in the system leaving the user with only instructions on what to do next and the Wanna Decryptor programme itself.

When the software is opened, it tells the users that the files on their computer have been encrypted. It then gives them a few days to pay up, warning that their files will otherwise be deleted. It generally gives them instructions to pay in Bitcoin, providing the Bitcoin address for it to be sent to.

 

 

What is the way out?

Larger organizations should ideally follow the guidelines provided by concerned institutions:

  • Apply the latest Microsoft security patches for this particular flaw.
  • Ensure all outgoing and incoming emails are scanned for malicious attachments.
  • Ensure anti-virus programmes are up to date and conducting regular scans.
  • Backup all key data and information.
  • Organize education programmes on malware so employees can identify scams, malicious links or emails that may contain hazardous viruses.
  • Run “penetration tests” against your network’s security at least once a year.

Many experts even suggested restoring all files from a backup. If that isn’t possible, there are tools that can decrypt and recover some information.

artificial intelligence, what is artificial intelligence, artificial intelligence notes, definition of artificial intelligence

Artificial Intelligence (AI) to affect 60%-70% of the current jobs

Oct 18, 2017

As the world moves from ‘globalization’ to ‘glocalization’, the era of digitization seems to make its entry into global markets too. We’ve stepped into the age of ‘digital disruption’ where every new technology succeeds over its predecessor, proving the former a failure.
Increasing digital market environments are becoming a goal for every contemporary business organization. Digital interventions of social, analytics, mobile, big data and cloud technologies are laying the foundation for transformation. When these are integrated into cognitive computing, robotics, internet of things, 3 D printing, they form multiple disruptive scenarios like P2P, remote healthcare, digital banks, etc.
From the industry perspective, digital disruption is blurring lines between practices and learning from one industry being implemented in the other. Proliferation of smart devices and surge of AI, is the new battleground that is taking many sectors by storm.
AI has become the new hiring manager as job losses are projected to be the next big story. A recent World Bank research shows that AI threatens 69% and 77% of jobs in India and China respectively. A report by US-based research firm HfS Research states that about 7 lakh low-skilled workers in IT and BPO industry in India are likely to lose their jobs 2022, due to automation and AI.
Further, AI is set to affect 60%-70% of the current jobs. They will either get marginalized or totally eliminated.
A number of AI-based startups like Skillate, Belong, Stockroom, etc. scan through resumes and contain automatically updating algorithms for CVs. All of these are slowly taking over jobs portals like monster.com, Indeed, etc.
AI is shaking up the recruitment industry. Companies like Airbnb, WeWork, are starting pay-per-use models in both products and services. This has consistently given rise to freelancers who enroll for project-based work in growing gigs economy. Projections show that 43% of the US workforce will be freelancers by 2020.
In the time interactivity, where AI ensures upgrade on the go, jobseekers often complained of websites becoming useless for their resumes. Many even complained of no update on feedback on their interviews.
With AI, the most prime concern is of privacy. It is naïve to believe that AI-based platforms only track data in the public domain. A lot of times, a candidate’s political bias might potentially affect the employer’s decision-making. Or in the digitally-dominated world, potentially employable candidates who don’t use a lot of computers, may miss out on opportunities.
It is largely expected by cyber specialists that gradually, a person’s digital footprints will significance in the future.

Leave a Comment

Your email address will not be published. Required fields are marked *

Comment *

This site uses Akismet to reduce spam. Learn how your comment data is processed.