|
Every
time you press the send button on your e-mail, it is out
in the ether for anyone to intercept. The data on your
computer can be compromised anytime, with hackers
tunneling in through your broadband connection. They can
get straight to your hard drive using your mobile code
and steal your data.
Cyber
thieves are out there and thriving. Experts say data
theft can cost you a lifetime’s fortune.
Says
Data Infosys
CEO and MD Ajay Data, "No email is private unless it
is encrypted. Once the e-mail leaves your mailbox, it
can easily be intercepted during transmission." | | | | | | | | | | |
Achilles heel | | | | |
 |
Sharing
corporate devices with non-employees: More than one
of every five remote workers surveyed allows
friends, family or other non-employees to use the
work computer to access the Internet |
| | |
|
Accessing neighbours’ wireless networks: Almost one
of every five teleworkers admitted to accessing a
neighbor’s wireless network when working from home. |
| | |
|
Opening
suspicious emails and attachments: One of every four
remote workers surveyed (25 per cent) said he or she
opens unknown emails when using work devices. In
India, 20 per cent of teleworkers said they open
unknown emails and attachments. |
| |
| | | |
| | | | | | | | | | | | | |
Though for a
good cause, mail providers like Yahoo and MSN scan all
your mails to keep a check on cyber terrorism. However,
this ability to log all the mails can easily be misused.
So how do cyber thieves operate? Like most thieves they
use the smallest opening available to get in unnoticed.
Data thieves thrive on the fact that despite your unique
Domain Name System (DNS) address, there is always a
trail available on the net to your computer for hackers
to follow.
"In fact,
most illegal sites, especially pornographic ones, have a
special kind of software. The moment one logs on to the
site, the software gets downloaded on the machine being
used.
"This is like a burglar having a key to
your house," says independent systems integrator Arvind
Gupta who heads the Delhi-based Shanu Computers.
Alternatively, all software packages typically have what
are called ActiveX controls.
For instance,
most packages have assistants that act as a backdoor for
software vendors to allow remote help and patch delivery
against problems.
However, these also turn
out to be the biggest entry points for uninvited
visitors.
As is true
in the physical world, it is usually the users’
callousness that makes data theft easier.
While the larger BPO and IT services players follow
stringent data privacy norms, there are the smaller
sub-contractors who may be lax with their security
set-up enabling employees to walk out with data on the
pen drive.
A global third-party study
commissioned by Cisco Systems reveals that while most
remote workers say they are aware of security issues,
their behavior suggests otherwise.
This
callousness on the part of some companies has cost the
Indian BPO industry its reputation. Recently, Channel 4
claimed that middlemen like Sushank Chandak were
stealing the personal data of British clients from BPOs
and selling it.
Earlier, police arrested an
HSBC employee Nadeem Kashmiri in Bangalore in connection
with alleged financial wrongdoing.
In yet
another scandal, the UK-based tabloid The Sun
reported that it had obtained personal details of 1,000
British bank customers by paying $5,000 to Karan Bahree,
an employee of a Delhi-based company.
These
instances of alleged data theft actually exposed the
inability of Indian laws to deal with data theft.
Interestingly, in 11 years of India’s exposure to the
Internet and six-and-a-half years of existence of IT Act
2000, there has only been one cyber crime and one BPO
conviction each.
Says Supreme
Court advocate and cyber law expert Pavan Duggal, "Most
cyber crime cases filed in Bangalore have what is called
the 'B report' which indicates that no action can be
taken on the complaint because there is no clear
framework to collect or handle electronic evidence."
But cyber
thieves may not rejoice for long, especially with the
impending amendments to the IT Act 2000, among other
things.
Says National Association of Software
and Service Companies (Nasscom) President Kiran Karnik,
"We are setting up a national registry of employees in
the IT software and services industry. We are also
training enforcement officials and creating awareness in
the judiciary in India on cyber crimes."
|
