Every 11 secs a company becomes a victim of ransomware attack: Pavan Duggal

Pavan Duggal

Pic- IANS

New Delhi: In this digital era, where even a five-year-old knows how to scroll, swipe and tap, we all have accepted and adapted to modern technology.

Well, when people claim that they are tech-savvy and can deftly handle it, they often turn a blind eye to people masquerading as service providers behind the screen.

Cybercrime incidents have reached a new high in the country. In different forms which a layman cannot even think of and just when a person thinks he is being benefited, the swindler plays the trick.

According to the information presented recently in the Lok Sabha by Union Minister of State for Home Nityanand Rai, over 16 lakh cybercrime incidents have been reported in the country in the last three years, and more than 32,000 FIRs have been registered between January 1, 2020, and December 7, 2022, on this count.

What one must not miss out on is the fact that these are just registered cases, while there are many under-reported ones.

In the age of the internet, we have different kinds and uglier frauds happening online under the pretext of offering jobs, payment of electricity bills, cryptocurrency investment, insurance fraud, sextortion and more.

Swindlers reach out to people via SMS, call, email, or other ways to get personal information. They often use malicious links directing an individual to an app or website to hack into the computer, mobile device, or network to get sensitive information, such as bank account numbers, credit card details, and social security numbers.

IANS spoke to Pavan Duggal, Chairman of International Commission on Cyber Security Law, to delve deeper into this issue.

Here are the excerpts:

IANS: While technology is playing its role to curb cybercrime, fraudsters have over time transcended the tech space. What is your take on it?

PD: Today, we are in a very transient phase. The pandemic has resulted in the beginning of the golden age of cybercrime, which is going to continue for the next many decades with it being our direct competitor. Now, cybercrime is our default companion, and the new normal is cyber security breaches. Indians, unfortunately, are not quite ready to deal with this new wave of cybercrime.

With emerging technologies like Artificial Intelligence, cybercriminals have got a huge potential for committing new kinds of crimes, with ChatGPT emerging as a very distinctive and potent ammunition for them, and we have far more challenges with it.

IANS: What are the types of cyber crimes trending for the last three years?

PD: Three topmost cyber crimes have come to the forefront — identity theft, phishing and online financial frauds. Ransomware also comes under the broad category of online financial crimes.

Today, ransomware has become the number one fraud for corporates and governments. Every 11 seconds, a company is becoming a victim of a ransomware attack. We have to deal with these challenges at the national, institutional, corporate and individual levels.

IANS: Is the government prepared enough to deal with online fraud?

PD: Well, I think cybercrime has never been a big priority for specific focal governmental action and that’s a historical trend. When I look at the way we dealt with cybercrime for the last two-and-a-half decades, I find that it has been neglected enough.

It has to be a catch-up game with cybercriminals because they are always 20 steps ahead. Just because you are behind, it does not mean you stop running… You have to still keep on protecting your citizens, your communities, and your networks at large.

IANS: What does the law say about cyber frauds and fraudsters?

PD: First and foremost, we need to understand that we don’t have any dedicated law on cybercrime. Secondly, we won’t be sought to cover some cyber crimes under the Information Technology Act 2000, and also under the Indian Penal Code.

Number three, our laws are extremely weak when I look at them as potential response mechanisms to fighting cyber crimes.

IANS: Why is the nation seeing a famine of cybercrime convictions?

PD: When the Information Technology (IT) Act was enacted in 2000, it had numerous cyber crimes detailed under Chapter XI entitled ‘Offences’. Most of those offences in those days were non-bailable, hence there was an element of deterrence.

Later, with the 2008 Mumbai attacks coming in, and with the IT Amendment Act 2008 getting passed by the Parliament, it was a different ball game.

While the Parliament expanded the scope of coverage of cyber crimes under the IT Act, it made one fundamental mistake by making all cyber crimes in the country bailable offences except three, which led to deterrence being completely thrown out of the window. It has to be rectified.

IANS: How lenient has the judicial system been?

PD: I was the counsel for the complainant in India’s first cyber crime conviction, which dates back to 2003. We were able to get the conviction with the help of the Central Bureau of Investigation (CBI), but when it came to sentencing the guy, the judge had a very lenient approach and he let off the cybercriminal on just probation for a period of one year.

The time has come that we must have dedicated cyber crime courts because the existing courts are too bogged down with criminal prosecutions. We also require new legal frameworks to deal with the misuse of emerging technologies for criminal purposes.

IANS: Cybercrime has been of low priority for the government despite crimes like money laundering and funding of terrorism from across borders. Why is that?

PD: The government is now beginning to get serious and that’s the reason why the ruling party is in an overdrive mode trying to come up with new legal frameworks.

For example, it has already proposed a new digital personal data protection bill and a draft telecommunications bill. The government is working on Digital India law and on amendments to the IT Act.

Post the Covid-19 pandemic, cyber crimes are not just representing challenges for individuals or organisations, they’re potentially representing a challenge to the sovereignty, security and integrity of India.

The government is now focused on enhancing the effective mechanisms for enforcement of the existing provisions of the law in these kinds of scenarios.

IANS: Cyber criminals are a threat to our economy as well. What is your take on this?

PD: They are a major threat. Cyber criminals are creating loopholes by means of which the GDP of our economy can bleed. It can ultimately have a huge impact on the economic growth of India in case we don’t safeguard enough to protect it.

It is a threat to individuals, corporations, the nation and to the enjoyment of individual digital rights.

With the immense kind of cyber defamation, nuisance and harassment coming in, it is a different ball game altogether. It’s not that a particular person is being attacked, let’s presume that everybody’s under attack.

I always believe there are two kinds of people in the world, one who knows that they have become a victim of cybercrime, and the second who does not know that they have become a victim of cybercrime.

We must start asking people to start inculcating cyber resilience as part of our day-to-day lives, thinking that we will be attacked. We should not get panicky about what happens after we get attacked… We should focus on trying to come back to normalcy as soon as possible. We should try to learn our lessons.

IANS

Exit mobile version