A team of researchers including professors of University of Brighton published a report in July 2009 titled “Crime online — Cybercrime and illegal innovation”. It was picked up by online news channels and quoted in news items to propagate lies about so-called cybercrimes in the business process outsourcing (BPO) industry of India. The report tries to present data from the annual reports of the Indian Computer Emergency Team, and Symantec in a way that suits its story, of India being a centre of cybercrimes and in general being a weak state. We want to set the record straight.

Also Read   Related Stories News Now - MoU signed to set up rural BPO centres in 22 AP districts - Healthy demand outlook - UP announces incentives for IT/BPO, realty - NEWSALERT: Genpact opens remote operations center in Hyderabad - Hiring activity up 4.1% in September: Study - Etisalat DB inks Rs 750-cr BPO deals   Also Read   Related Stories News Now - Sensex makes remarkable recovery, regains 17K - Bharati to go by Sebi norms on Great Offshore offer - Galleon exits Edelweiss; sells 7% stake for Rs 255.54 cr - Suzlon Energy's three promoters pledge 2.8 cr shares - Draw export strategy of $300 bn: Assocham to govt More

In a section entitled “Global Distribution of Cyber Crime”, the report notes that, “cybercrime is a global industry, but the combination of poor economic opportunities and high skills is driving many developing regions to surface as major players in cyber crime”. It has observed that most cyber attacks are directed to the US and UK even though the origin of phishing activities is also concentrated in a few international locations, namely the US, Southern Asia and Eastern Europe. It also observes that the US is still the major generator of malware, and according to the latest Symantec report it is still the country with the most underground servers. China is the focus of attention when considering the future of cybercrimes even as Russia continues to be the original home of cybercrime, where high technical skills are combined with stumbling economy and a long tradition of organised crime. The report quotes “Sophos Security Threats reports of 2007 and 2008” to identify top 10 countries hosting web-based malware, according to which China is at the top followed by the US, Russia, Ukraine, Germany, Netherlands, France, Poland, the UK and Canada. India does not figure in this list.

The report observes that the cases of spam, hacking and frauds reported in India have multiplied 50-fold during 2004-2007. A closer examination of CERT-In reports, however, reveals that the number of spam cases and phishing websites hosted in India is very small. Of the 2,565 security incidents reported in 2008, there were 604 phishing incidents. In 2007, these were 1,237 and 392, respectively. What do these numbers indicate? Even the growth in incidents from 2007 to 2008 is only 4 times, while the absolute numbers are insignificant on global scale of incidents.

It is instructive to examine Microsoft Security Intelligence Report H2, 2008. It gives worldwide distribution of phishing sites in percentages. India has 0.125 to 0.25 – the same as Australia, compared to the US at 10 per cent, Russia 5 to 10 per cent, and China 2 to 5 per cent. Likewise, for malware hosting sites India is at the bottom with 0.0001 to 0.16 per cent — even lower than Australia — with the US 5 to 10 per cent, and China having malware hosts in excess of 10 per cent.

Clearly, facts tell a different story. India is neither a malware hosting country, nor does it figure anywhere as phishing sites hosting country.

Elsewhere, it observes that “Brazil, Turkey, Poland, India and Russia are expected to increase their share of malicious activity because they have rapidly growing Internet infrastructure. Countries that have a relatively new and growing Internet infrastructure tend to experience increasing levels of malicious activity unless security protocols and measures are improved to control”. This is strange logic. What makes the researchers presume that India will not put ‘security protocols and measures’ in place?

In fact, Indian companies employ highly qualified manpower, put them through intensive training in data security, and implement robust privacy and security policies, which are constantly monitored for compliance. The delivery centres are physically secured, and appropriate technology solutions are deployed to isolate customer networks. Employees are put through stringent background checks at the time of hiring, while the operational area is kept under electronic surveillance.

Finally, the report states that Russia, Brazil and China are world leaders in cybercrimes. It also observes that, “India, Russia and Brazil share a light regulatory regime, an acceptable IT infrastructure and a relatively weak state”. This statement is unwarranted and needs to be strongly condemned. India has a strong data protection regime under the Information Technology (Amendment) Act, 2008 along with several other enactments such as the Indian Penal Code. There are specific clauses like section 43A and 72A in the IT Act, 2008 that mandate implementation of reasonable security practices while processing personal information, and any disclosure of personal information without consent of the data subject constitutes a breach that attracts penal and civil liability including compensation and imprisonment. India is certainly not a banana republic.

(The author is CEO, Data Security Council of India which was set up by software body Nasscom as a self-regulatory organisation to promote best practices in data security and privacy)

Other Stories      - Sensex makes remarkable recovery, regains 17K - Bharati to go by Sebi norms on Great Offshore offer - Galleon exits Edelweiss; sells 7% stake for Rs 255.54 cr - Suzlon Energy's three promoters pledge 2.8 cr shares - Draw export strategy of $300 bn: Assocham to govt More

Tags : BPO | Crime online | CERT | Microsoft | malware   Read Business news in  Advertisements   Get financial advisory and solutions for your projects   Holidays starting at a delightful EMI of Rs 3481   Switch on and say hello to Monday morning !   Your dream home can now be a reality.   Visit Fortis for a preventive health check-up & get a 20% discount.   Follow the ups and downs of your investments. Try our new Portfolio Tracker   Kolkata Dock \ Freight contract for the British Gurkhas Nepal   Find how Midsize Businesses use ERP to gain competitive advantage   Trading in Forex is now as easy as 1-2-3   Discover an economical and cost effective way to market your products and services   Giftwithlove.com: Same day delivery of Flowers and Cakes to India   Download the E-book on the Future of Business Intelligence   Learn Best Practices for improving customer satisfaction   Know your customers better... download the free e-book on CRM