Remember that staple of 1990s Bollywood kidnap drama? A van pulls up next to a school, the baddies grab the son or daughter of a well-to-do parent and then there is the ransom demand for a couple of crores of rupees. This is all so yesterday. The plot today has moved from suburbia to Cyberia -- and the most lucrative heists are not humans, but gigabytes of data.
With the sudden surge in popularity of portable devices, there is so much data about you that is available on the device. From your internet banking apps to your social media channels to work emails, every single touch-point of your personal and professional life finds a little corner on your smart phone.
This has made the smart phone extremely vulnerable to attackers for whom all of this data means nothing but money per megabyte! Now, extrapolate this scenario to your neighbourhood hospital frequented by you and your family. If a hacker were to break into the database of all patient and payment records, he/she is basically the owner of invaluable data that can be used or misused at will.
The easiest and most popular way to make money from all of this data is to offer it back to the institution -- for a hefty price. In IT security parlance, this is called Ransomware, a vulnerability whose statistics are alarming.
A recent survey by endpoint and network security solutions provider, Sophos, found that 2 of 3 Indian businesses have been the target of ransomware -- the highest percentage of any nation in the world. And healthcare is the sector most targeted -- 76 percent have received Ransomware threats recently.
One in two devices in any organization have been infected with Ransomware and other Net threats. A separate study by McAfee last week came to a similar conclusion: Health care in India experienced 211% increase in disclosed security incidents in 2017. One health record typically attracts a ransom of $50 (Rs 350)
Every couple of months, a new vulnerability becomes apparent. Worms like WannaCry and NotPetya become popular and organizations scurry to find patches. But with something like Ransomware, one cannot make any predictions on possible date and time of occurrence. In fact, Sophos claims that a substantial number companies have been victims of Ransomware attacks more than once in a span of a few months.
In order to counter this problem, Sophos has found a solution which is in line with the thought process of hackers. The company, in its latest security product, Intercept X, has included a machine learning capability that continually monitors threats that their customers encounter, and becomes more intelligent. In other words, there's a robot of sorts that learns every day about new kinds of threats, so it can predict the occurrence of one or at least decipher one as soon as it hits the network.
The good news is India, along with Canada and Mexico has the highest levels of machine learning technology and one third of respondents to the survey already use predictive threat technologies such as deep learning and machine learning.
So the cyber baddies are out there -- eyeing your data. But net security robocops are pushing back -- for now.
—IndiaTechOnline
