Business Standard

Every 11 secs a company becomes a victim of ransomware attack: Pavan Duggal

Cyber crime incidents have reached a new high in the country. In different forms which a layman cannot even think of and just when a person thinks he is being benefited, the swindler plays the trick

cyber attack

In this digital era, where even a five-year-old knows how to scroll, swipe and tap, we all have accepted and adapted to modern technology.
Well, when people claim that they are tech-savvy and can deftly handle it, they often turn a blind eye to people masquerading as service providers behind the screen.
Cyber crime incidents have reached a new high in the country. In different forms which a layman cannot even think of and just when a person thinks he is being benefited, the swindler plays the trick.
According to the information presented recently in the Lok Sabha by Union Minister of State for Home Nityanand Rai, over 16 lakh cyber crime incidents have been reported in the country in the last three years, and more than 32,000 FIRs have been registered between January 1, 2020 and December 7, 2022 on this count.
What one must not miss out on is the fact that these are just registered cases, while there are many under-reported ones.
In the age of the internet, we have different kinds and uglier frauds happening online under the pretext of offering jobs, payment of electricity bills, cryptocurrency investment, insurance fraud, sextortion and more.
Swindlers reach out to people via SMS, call, email, or other ways to get personal information. They often use malicious links directing an individual to an app or website to hack into the computer, mobile device, or network to get sensitive information, such as bank account number, credit card details, and social security numbers.
IANS spoke to Pavan Duggal, Chairman of International Commission on Cyber Security Law, to delve deeper into this issue.
Here are the excerpts:
IANS: While technology is playing its role to curb cyber crime, fraudsters have over time transcended the tech space. What is your take on it?
PD: Today, we are in a very transient phase. The pandemic has resulted into the beginning of the golden age of cyber crime, which is going to continue for the next many decades with it being our direct competitor. Now, cyber crime is our default companion, and the new normal are cyber security breaches. Indians, unfortunately, are not quite ready to deal with this new wave of cyber crime.
With the emerging technologies like Artificial Intelligence, cyber criminals have got their huge potential for committing new kinds of crimes, with ChatGPT emerging as a very distinctive and potent ammunition for them, and we have far more challenges with it.
IANS: What are the types of cyber crimes trending for the last three years?
PD: Three topmost cyber crimes have come to the forefront -- identity theft, phishing and online financial frauds. Ransomware also comes under the broad category of online financial crimes.
Today, ransomware has become the number one fraud for corporates and governments. Every 11 seconds, a company is becoming a victim of a ransomware attack. We have to deal with these challenges at the national, institution, corporate and individual levels.
IANS: Is the government prepared enough to deal with online frauds?
PD: Well, I think cyber crime has never been a big priority for specific focal governmental action and that's a historical trend. When I look at the way we dealt with cyber crime for the last two-and-a-half decades, I find that it has been neglected enough.
It has to be a catch up game with cyber criminals, because they are always 20 steps ahead. Just because you are behind, it does not mean you stop running... You have to still keep on protecting your citizens, your communities, and your networks at large.
IANS: What does the law say about cyber frauds and fraudsters?
PD: First and foremost, we need to understand that we don't have any dedicated law on cyber crime. Secondly, we won't be sought to cover some cyber crimes under the Information Technology Act 2000, and also under the Indian Penal Code.
Number three, our laws are extremely weak when I look at them as potential response mechanisms to fighting cyber crimes.
IANS: Why is the nation seeing a famine of cyber crime convictions?
PD: When the Information Technology (IT) Act was enacted in 2000, it had numerous cyber crimes detailed under Chapter XI entitled 'Offences'. Most of those offences in those days were non-bailable, hence there was an element of deterrence.
Later, with the 2008 Mumbai attacks coming in, and with the IT Amendment Act 2008 getting passed by the Parliament, it was a different ball game.
While the Parliament expanded the scope of coverage of cyber crimes under the IT Act, it made one fundamental mistake by making all cyber crimes in the country bailable offences except three, that lead to deterrence being completely thrown out of the window. It has to be rectified.
IANS: How lenient has the judicial system been?
PD: I was the counsel for the complainant in India's first cyber crime conviction, which dates back to 2003. We were able to get the conviction with the help of the Central Bureau of Investigation (CBI), but when it came to sentencing the guy, the judge had a very lenient approach and he let off the cyber criminal on just probation for a period of one year.
The time has come that we must have dedicated cyber crime courts, because the existing courts are too much bogged down with criminal prosecutions. We also require new legal frameworks to deal with the misuse of emerging technologies for criminal purposes.
IANS: Cyber crime has been of low priority for the government despite crimes like money laundering and funding of terrorism from across the borders. Why is that?
PD: The government is now beginning to get serious and that's the reason why the ruling party is into an overdrive mode trying to come up with new legal frameworks.
For example, it has already proposed a new digital personal data protection bill and a draft telecommunications bill. The government is working on Digital India law and on amendments to the IT Act.
Post the Covid-19 pandemic, cyber crimes are not just representing challenges for individuals or organisations, they're potentially representing a challenge to the sovereignty, security and integrity of India.
The government is now focused on enhancing the effective mechanisms for enforcement of the existing provisions of law in these kinds of scenarios.
IANS: Cyber criminals are a threat to our economy as well. What is your take on this?
PD: They are a major threat. Cyber criminals are creating loopholes by means of which the GDP of our economy can bleed. It can ultimately have a huge impact on the economic growth of India in case we don't safeguard enough to protect it.
It is a threat to individuals, corporations, the nation and to the enjoyment of individual digital rights.
With the immense kind of cyber defamation, nuisance and harassment coming in, it is a different ball game altogether. It's not that a particular person is being attacked, let's presume that everybody's under attack.
I always believe there are two kinds of people in the world, one who knows that they have become a victim of cyber crime, and the second who does not know that they have become a victim of cyber crime.
We must start asking people to start inculcating cyber resilience as part of our day-to-day lives, thinking that we will be attacked. We should not get panicky about what happens after we get attacked... We should focus on trying to come back to normalcy as soon as possible. We should try to learn our lessons.

(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)

Don't miss the most important news and views of the day. Get them on our Telegram channel

First Published: Feb 19 2023 | 4:29 PM IST

Explore News