Cyber swachhta: Essential steps to protect against cyber threats

Cyberspace is a complex one. There is an exponential raise in the number of internet users. Among the several sectors which are vulnerable to cyber attacks, telecom is one. Preventive vigilance plays an important role in combating cyber attacks. As swachhta is important in the physical world, cyber swachhta is also important in the cyber world.

Role of CERT-in in cyber swachhta

Indian Computer Emergency Response Team (CERT-in) was established in Jan 2004, by Ministry of Electronics and Information Technology (Meity) under section 70B of IT Act 2000. CERT-in is designated as the national agency to perform:

1. Collection, analysis and dissemination of information on cyber incidents

2. Forecasting and alerting on cyber security incidents

3. Emergency measures for handling cyber security incidents

4. Coordination of cyber incident response activities

5. Issuing guidelines, advisories, vulnerability notes and whitepapers relating to information on security best practices, procedures, prevention, response and reporting of cyber incidents.

Cyber Swachhta Kendra (CSK), which is a botnet cleaning and malware analysis centre, was launched on February 21, 2017. It is a collaborative effort between CERT-in, academia, ISPs and the industry. It notifies, enables cleaning and provides security to systems of end users from malware infections. Tools are developed for securing desktop and mobiles. Free bot removal is provided on the website for citizens.

Need was felt for the CSK because of the growth of ICT, increasing proliferation of botnets, global reports showing India as one of the top spam producing countries and the fact that remediation of botnets requires dedicated and continuous efforts.

The impact of CSK was 60 per cent reduction in botnet/malware infections and 90 per cent reduction in open/ vulnerable service events. 868 organisations in 10 sectors have been onboarded to CSK and the CSK website receives 1.5 million hits per day. Bot removal tool has been downloaded by 43.7 lakh users. 550 unique malware families have been observed by CSK.

Do Ts role in Cyber Swachata

Department of Telecommunication (DoT) plays an important role in controlling cyber crimes. The various types of cyber crimes are: Hacking, denial of service, virus dissemination, software piracy, pornography, cyber squatting, credit card fraud, botnet, NET extortion, phishing, spoofing, cyber stalking, cyber defamation, threatening, vishing etc.

1. DoT has power to grant licences to the Internet Service Providers (licensees) under Indian Telegraph Act, Information Technology Act. The licensee is obligated to provide, without any delay, all the tracing facilities to trace nuisance, obnoxious or malicious calls, messages or communications transported through its equipment and network, to the agencies of government of India when such information is required for investigation of crimes, in the interest of national security. Licensee shall provide necessary facilities to the government to counteract espionage, subversive act, sabotage or any other unlawful activity. DoT has mandated that ISPs will arrange for regular security audits of their networks by the third party and submit the audit reports to DoT. DoT ensures that the audit reports are complied with by the ISPs.

2. Mandatory Testing and Certification of Telecom Equipment (MTCTE) scheme: DoT as a licensor ensures that all the network elements deployed by the ISPs and end user devices are tested so that they will not degrade the quality of service or make the network unsecure.

3. Telecom Security Operation Centre (TSOC): DoT has developed the Telecom Security Operation Centre to ensure that the telecom network deployed by the service provider remains secure. Through this centre, DoT is monitoring the metadata of the data flowing in the network. Based on the characteristics of the meta data, DoT ensures that malicious data is not getting transmitted in the network. By monitoring the metadata on a 24 x7 basis, DoT can find out whether the security of the network is compromised, or whether the network is under DoS (Denial of Service) attack. This centre monitors data from more than 200 countries and thousands of national and international organisations. TSOC probes data of 134 ISP gateways (4 more ISP gateways are to be connected).

4. Telecom Computer System Incident Response Team (T-CSIRT): Going by the recommendation that there should be sectoral CERT, T-CSIRT was established to function as a Security Incident Management and Response team to collect information about the security incidents in the telecom network, investigate, find out the route cause and issue advisories so that such incidents don't recur.

5. Web site blocking: DOT issues the blocking instructions to the Internet Service licensees as received from MEITY.

6. Apart from playing the above roles, DOT addresses the issues of Time Synchronisation of Network Elements, Lawful Interception, Web content filtering, security testing through TEC (Telecom Engineering Centre) /NCCS (National Centre for Communication Security).

Cyber Swachhta - best practices

1. Device Swachhta

1. Regular updation of operating system, applications and other software of the system and mobile/ iPads etc. Auto updation on daily basis is a good practice.

2. Avoiding installation/use of pirated software, using only genuine software and applications.

3. Regular backup of important data/ files/ documents at regular intervals.

4. Locking the computer/ mobile screen when not in use.

5. Downloading applications from Google play-store or iOS App Store only. Unused applications should be uninstalled periodically.

6. Avoiding torrents and movie/ songs/ games downloads from unknown websites.

7. USB devices are not allowed in many organisations. For personal use of a USB device, it should be scanned with antivirus/ endpoint protection before its use. Autorun/ autoplay feature should be disabled in the computers, while using USB.

8. Disabling remote desktop connection and network file sharing on all devices.

9. Use of task manager to identify any unwanted programs running on the computer system.

10. Disposing of a computer or hard drive or mobile phone only after deletion and wiping of data.

2. Social Media Swachhta

1. Verification of the authenticity and identity of social media profiles before getting involved in any correspondence.

2. Never logging into social media accounts from untrusted systems. One of the good practices is to enable multi factor authentication for social media accounts.

3. Password Swachhta

Major cause of vulnerability in cyber space is passwords.

1. Password, OTP should not be shared through email, chat or any other electronic communication.

2. Passwords should not be revealed on questionnaires or security forms.

3. Guessable/weak passwords should not be used

4. Password recovery answers should not be guessable.

4. Financial Swachhta

1. It should be remembered that UPI PIN is not required while receiving payment.

2. Card Number, Expiry date and CVV number are confidential. They should not be shared

3. Email address, phone number and details of payment cards should not be entered on untrusted and unsecured websites.

4. When using public wireless networks, accounts, especially the financial accounts, should not be logged into

5. Biometrics should not be used at untrusted terminals/places.

6 .Public computers or Wi-Fi should not be used for carrying out financial transactions like online shopping, internet banking, UPI transactions etc.

5. E- Mail Swachhta

1. Link in the email should be checked before clicking. Email messages containing the link should be looked for misspelling or other irregularities. One should be careful when link is received through email from unknown person.

2. When a link is opened, sensitive information (online banking passwords, credit card details, debit card details etc.) should not be revealed.

6. Untrusted/ unexpected pop-up advertisements in browser and mobile applications should not be clicked on.

Way forward

As telecom networks are expanding, cyber users are also increasing. All the cyber users may not be tech savvy. Sometimes even educated persons can become victims to cyber crimes because of overconfidence. Service providers should not only make their networks secure but also educate the users, especially those in rural areas, about the cyber best practices so that they will not fall prey to cyber frauds. DOT can also play an important role in increasing the awareness about security challenges among the customers.

Through the 4G saturation project, BSNL will provide 4G services in remote areas and in villages where 4 G signal is not available hitherto. It can't be expected that all the users in these areas will be aware of likely frauds that can take place while they do online financial/ banking transactions using 4G signals. BSNL should educate these customers about dos and don'ts while using cyberspace so that the customers not only make the best use of 4G connectivity but at the same time can carry out financial transactions safely.