Each new incident of data breach bolsters doubts about the safety of cyber transactions in India. The latest in line is that the details of 13 lakh (1.3 million) credit and debit cards have been posted for sale on the dark web marketplace named Joker’s Stash, and that 98 per cent of these are Indian. The numbers have been reported by Group IB, a Singapore-based cybersecurity firm.
In recent times, there have been several reports of data breach, including one that involved the breach of credit card data of 3,63,000 clients of the Hilton hotels. The cyberattacks happened in 2014 and 2015. It was unclear, though, whether the perpetrators were able to get their hands on any of the details. The concerns are inflated manifold when it comes to India and its rather casual approach to data security.
Being one of the largest marketplaces in the world, with a huge population of aspiring middle class consumers, India is a tempting target for cyber criminals. The country is also home to a growing breed of cyber criminals who are able to operate with greater freedom within a relatively lax legal and security framework. While India recorded 9,622, 11,592 and 12,317 cases of cybercrime in 2014, 2015 and 2016 respectively, it rose to 21,796 cases in 2017. This was about double the number the previous year, although cybercrimes, as such, occupied only 0.43 per cent of the 50,07,044 cognizable crimes reported in 2017. It is possible the Indian system is incapable of comprehending the depth of cyber crimes. It is also for this very reason that the number of recorded crimes is deflated.
The numbers are only bound to go up as the number of educated unemployed professionals, the Internet-using population and the number of applications that collect data of monetary instruments goes up. With the government professedly pushing for a cashless economy, the potential for crime is huge and ever increasing. The shift towards cashless transactions is visible particularly in cities that already have the necessary technology backbone to support such a change. It is one thing if the credit or debit card details of a section of people are stolen and something else entirely if the biometrics and other identification data are stolen en masse from government systems. In the case involving Facebook and Cambridge Analytica, it was noticed that the profiles of the users of the social media platform were used to customise campaign advertising in a manner that it manipulated voting patterns in elections.
Such actions place democracies in peril and throw countries firmly on the path of assured self-destruction as corporate greed takes over and widens the chasm of inequalities. Each data breach must ring an alarm bell that should keep the governments wide awake and alert. India will have to take radical measures to prevent the theft of its data. Perhaps the China model of indigenisation of platforms and software is worth considering to ensure that the country has greater control over its data, and thereby its security. Every smartphone and Internet user should by now be aware of the potential that Artificial Intelligence-based algorithms possess. Sellers are increasingly depending on such programmes to keep track of each and every movement of the user to customise advertisements to ensure clicks and buys.
It is worrying to see that Google searches are triggering targeted advertisements being delivered on social media and other platforms. The country cannot afford to get itself enslaved as a result of the breach of privacy of data. In an increasingly connected world, it would not be difficult to shackle an individual using the virtual tools available. We are in a data-induced stupor. We must wake up and smell the danger.