Robert Mueller, former Director of the FBI famously said : "There are only two types of companies. Those that have been hacked, and those that will be" . Mueller's statement is a poignant reminder of the great irony of our digitally connected world — a world that is all empowering, transforming, enabling and yet at the same time, extremely fragile, vulnerable and destructible.
With digital systems becoming ubiquitous, the importance of keeping them secure can hardly be overstated. The onset of the new year marks the beginning of open season for cyber criminals who return better armed and better equipped. I lead my readers to the following four recent stories that should convince even hard core skeptics that digital security breaches can not only victimize individuals, but can cause irreparable harm to even nation states:
January 17, 2019: Largest Collection of Breached Data Found
February 19,2019: Aadhaar leaks again: Indane Gas leaks data of 6.7 million subscribers
February 20,2019: Aadhaar Operator's Biometrics Stolen & Misused (Fingerprint Theft?)
February 22,2019: I think we should be very concerned (Phishing)
American politician Dutch Ruppersberger when asked what kept him awake at night promptly responded - "Spicy Mexican food, weapons of mass destruction and cyber attacks".
If the above is any indication, Ruppersberger should be ready for many sleepless nights this year for the year has just begun and winter is coming !
Failure of the sever to distinguish between ‘live’ fingerprint, and a stored digital copy is indeed dismaying. I believe that Aadhaar’s foundation itself is weak as it was passed as a money bill, without much discussion. And today the collection of data and keeping the data safe, is both done by a single agency, which should not be the case.
ReplyDeleteAnother body should be made specifically to safeguard Aadhaar data. The government should ensure that the private entities that have been permitted to use the Aadhaar data must comply by the rules of this body.
-Pratyush
DeleteDear Sir, thank you for the post.
ReplyDeleteIndia is a diverse and multi-layered country with approximately half of the population which uses internet. There is still the other half which is on the other side of the digital divide. In order to survive in the competitive world, if they do come to this side of the divide then who is going to make sure that they are cyber-safe? It’s like a fish of a small pond coming to the ocean and encountering predators. This scenario is still manageable as the threat is in front of its eyes: physically. In case of cyber-crimes, nobody would know who is accessing their data (Eg. Customers of Equifax didn’t get to know about the breach as the company’s officials kept foot dragging and many other similar kind of examples).
Whatever happened to Sheokhand, could happen to anybody as we have seen numerous cases of Aadhaar data breach (in Sheokhand’s case, it was fingerprint theft). Moreover, we have IoT and Artificial Intelligence gaining popularity. With unprotected data and IoT, we would face crimes that once were unimaginable.
Aadhar card safety is the biggest question playing on the mind of every Indian today. But we have provisions to lock/unlock our biometrics in UIDAI.
ReplyDeleteIf such provisions are available then how Aadhar Data Leak is possible?