Since 2004, the President of the United States and Congress have declared October to be Cybersecurity Awareness Month to help individuals protect themselves online as threats to technology and confidential data become more and more common.
Following the agenda for this month, Nehru Science Centre, Mumbai organized an online public talk by Mr. Sukrit Ghosh, senior manager at the Data Security Council of India, who spoke on the topic, “Securing The Digital Presence With Proactive Cybersecurity and Privacy Tactics”.
Introducing the concept of cybersecurity, Mr. Ghosh first talked about the significant growth of the technology sector in the last decade, with digital banking, e-vehicles, telemedicine, smart gadgets, e-learning, and more. He then continued by talking about the cyber threats that exist toward individuals, organizations, governments, and societies; from cyber stalking, defamation, unauthorized access, data leakage, and cyberterrorism, there are a lot of threats in the digital aspect.
Giving an insight into operating systems (OS) and their vulnerabilities, he talked about how exploiting OS vulnerabilities is performed by attackers to gain initial access and deliver payloads, and how attackers can easily find these vulnerable machines using an advanced search engine. The security gaps that exist in an operating system can be anything from unsecured remote access, outdated viruses, hardware memory corruptions, unpatched bugs, weak authentications and authorizations, and even weak password and file management.
He laid emphasis on the importance of cybersecurity by explaining how 68% of organizations have experienced one or more endpoint attacks over the last two years. What are endpoint attacks? It is the process where attackers target user systems rather than their servers, which means it is more direct, and gives the users lesser time to act against (zero-day threats). He also talked about how anti-virus and anti-malware solutions often miss an average of 60% of attacks, and how ensuring endpoint security overlaps, integrates with, and complements network, data, identity-based, and application security.
Talking about antivirus softwares, he spoke about the advantages of these softwares in terms of providing cybersecurity. Not only do they provide protection from viruses and their transmission, but they also block spam and unsolicited ads, provide defense against hackers and data thieves and ensure protection from removable devices like USBs and CDs.
For browser security, he also showed some of the best practices in order to protect ourselves from browser mishaps. It involved things like running anti-virus software and scanning files before downloading anything, not reusing passwords, reading privacy policies, avoiding public or free Wi-Fi, disabling autocomplete for forms or remember your password features, and turning on your browser’s popup blocker.
He also touched upon some of the many OTP frauds that empty bank accounts and cautioned everybody to be aware of them and not engage in any way. After all this, you may wonder, what if you still get attacked? Mr. Ghosh explained this in three steps; first, disconnect from the current network cable, then, report to the security department for further investigation, and finally, restore all data from a backup to a clean device. The third step requires a predominant safeguard, which involves constantly backing up all your data in a spare device, in case of cyber fraud.
Cybersecurity is a real and dangerous threat, especially in today’s digital world where anything and everything can be done online, sometimes even with a touch of your finger. Even though it is a huge advantage in terms of convenience, it is also very important to take necessary precautions to protect ourselves from any kind of cyber fraud.