Don't WannaCry: How India can ward off Ransomware attacks - real and imagined

A 'data breach reporting and learning classification framework' ought to be operationalised.

 |  3-minute read |   29-05-2017
  • ---
    Total Shares

The recent Ransomware malware attack, what Interpol called the largest Ransomware outbreak in history, got the attention of ordinary Indians and organisations alike.

There is a burst of consciousness around the dense subject of cyber security now - about which there has been inadequate information, awareness and discussion so far.

The area of particular concern, however, is false facts, alerts and hoaxes regarding cyber matters, which circulate furiously every day on social media without being called-out or refuted. And such "facts" are then taken as "gospel", while the real attacks taking place under our noses get short shrift.

Since then, several other so-called attacks and alerts have been circulating on social media, which would challenge any well-intentioned whack-a-mole security expert! No wonder India is ranked the 7th among the top 10 countries attacked by mobile malware alone!

Here is the context:

The total number (#) of electronic financial transactions from Goods and Services Tax (42 billion), Direct Benefit Transfer (12 billion) and banking transactions (6 billion) is estimated to be between 60 and 75 billion per year in India! With the country on the path to cashless, this number will cross 100 billion per annum with ease in a few years.

Firstly, no one agency, let alone the newly created government "Computer Emergency Response Team  for Finance Sector" (CERT-FIN) working in close coordination with financial sector regulators and other stakeholders, can immediately be tasked to handle potentially high volume of incidents, from reporting to investigation and enforcement.

Just CERT, per se, reported 62,000 incidents in the five months of 2016. In comparison, there were 23 incidents in the whole of 2004! Now imagine as digital payments penetrate more into the hinterland. The potential explosion of such incidents!

Secondly, what can a nodal agency do? What it must in the first instance do is be a single point for providing  preemptive alerts, notifications, bulletining, counter-measures, monitoring and learning – before social media, innuendo and gossip play havoc and dominate the narrative  of "crying wolf".

attack1_052917012023.jpgThere is a burst of consciousness around the dense subject of cyber security now. Photo: Reuters

All this really does is steadily undermine and erode "trust" between individuals, data/payment service providers and financial institutions. The top 51 banks have lost Rs 485 crore in the last three years.

This is the "first base", while the nodal agency builds capacity and formalises the nuts and bolt of mandates and processes.

Finally, a "data breach reporting and learning classification framework" ought to be operationalised. If one is not already in place.

If it is already there, we need to simplify it and make it available for simple-minded public consumption - to quell fake and false alerts which just mislead and misinform the populace.

This will mitigate self-appointed social media agents acting as town criers and "custodians" of "public safety".

Also read: India highly unsafe from global ransomware cyber attack: Here's what you need to do


Probir Roy Probir Roy

The writer is a serial tech entrepreneur, trustee, commentator on public policy and FinTech. He is an independent director on the board of Nazara Technologies.

Like DailyO Facebook page to know what's trending.