Saturday, December 6, 2008

The threat to Cyber-Security

DESARAJU SURYA
Hyderabad: The Internet has been expanding thick and fast across the world and so is the threat to the cyber-security. In India, for example, the Computer Emergency Response Team (CERT) has reported about 800 new electronic vulnerabilities during 2007 in the country, a 20-fold increase compared to 2001. The total number of attacks -- including viruses, worms and cyber frauds in organisations -- are rising by about 15 per cent annually, with many types of attacks doubling in number, according to Gulshan Rai, director-general of CERT in the Union Ministry of Communications and Information Technology. Quoting a report prepared by Symantec, Rai pointed out that spam mails accounted for about 80 per cent of the total email traffic in the world. "The situation in India is not much different," he said, at the Internet Governance Forum conference at Hyderabad International Convention Centre. Taking part in a discussion on "Dimensions of Cyber-Security and Cyber-Crime", Rai said a survey conducted by CERT and PricewaterhouseCoopers showed that 57 per cent of the organizations providing one or other type of services experienced compromised systems in 2007, which was almost double compared to 2000. "Technology-oriented indicators clearly reflect that the monthly percentage of personal computers infected by a virus in the country has grown from just one per cent in 2001 to 17 per cent in 2007," the IT director-general noted. Information-stealing through social network sites was also on the rise, he added. Another worrying factor was the growing number of phishing cases, particularly among the Indian banks. "On an average, 7 to 8 cases of phishing are being reported per day in the country. Most of the phishing cases are hosted and registered in another country causing a problem in disabling them," Rai said.The most disturbing fact, according to Rai, was the increase in the number of cases of cyber incidents pertaining to domain name registry. "The registrars, the Internet Protocol address as well as the address of the registrants are found to be fake in many cases. We require a strategy to counter this as it involves cyber-security," Rai said. "Today, the computing systems control the management of power plants, air traffic control systems, energy distribution and the financial systems, to name a few. Banks, for example, rely on extensive distributed communication network and information services, both for customer interaction and inter-bank operations. The reliance of these installations and processes on the IT infrastructure makes that infrastructure itself extra critical and it is essential to safeguard it in the nation's interest," the IT authority observed.

No comments: