Declare a cyber security emergency

 Around 50 organisations, including important departments of the US government, such as Treasury, State and Homeland Security, have been hacked, and for nearly nine months, without these departments or their cyber guardians being aware of the transgress. What does this mean for India and its defences against foreign attackers? Cybersecurity must go right up to the top of national security, and shoring it up taken up on an emergency basis.

The sophisticated attack that has allowed large-scale data transfer from American government agencies, including the one that manages its nuclear arsenal, possibly to a foreign government, was managed through third-party software. Orion is a network management tool, developed and supplied by the software company SolarWinds, and the hackers embedded their piece of malware in an upgrade to Orion, which its users accepted and ran on their systems, with nary a suspicion of foul play. What this means is that software from well-trusted sources can be the medium for implanting Trojans in the target system. 

Our cybersecurity managers can take no piece of software from any company for granted. Everything is suspect, until tested and verified to be kosher. As India increasingly goes digital, our financial systems, the tax database, the computer science vs software engineering accounts in which shares are held, just about everything becomes vulnerable to cyberattacks. The enemy need not confront us with their troops or missiles or submarines: just some hanky-panky that wipes out records of share ownership or destroys the Goods and Services Tax Network and its database would.


Comments

Post a Comment

Popular posts from this blog

Collaborative and sociable endeavour

obstacles to becoming a professional programmer. For one, outside the industry, harmful stereotypes remain. Engineers are often seen as introverted, antisocial and (you guessed it) male. As a teenager who wasn’t any of those things, I was put off. And I know there are many others now who are just like I was then. So perhaps it’s not surprising that I didn’t want a job that, at first glance, appeared to isolate me from other people in some form of employed solitary confinement. So, it was with this thought in mind that I stepped away from engineering to instead embark on a career in marketing. Fortuitously my father happened to work in the same building as my new company, so before and after work I would spend time sitting in his office.  By observing him and his team, I quickly discovered that working in software development was not an isolating role, but rather a much more collaborative and sociable endeavour.  I  computer science vs computer engineering   then and there that I had to
Read more

Two founding signatories leave Architects Declare

 Over the past year, Zaha Hadid Architects and Foster + Partners, two of the 17 founding signatories of Architects Declare, have been criticised for working on aviation projects. Zaha Hadid Architects was criticised for designing Western Sydney International Airport, while Foster + Partners' decision to design an airport for a luxury resort in Saudi Arabia led Architects Climate Action Network, another group that advocates more radical climate action, to call on the studio to withdraw from the project or from Architects Declare. This division over working on airport projects led Foster + Partners to leave Architects Declare yesterday, with studio founder Norman Foster saying: "agriculture and aviation are not going to go away and they will both need the most sustainable buildings to serve them together with the architects who can most responsibly design them." Since its foundation, the UK branch of Architects Declare has gained over jobs with computer science degree whil
Read more

National Security Directive on the Telecommunication Sector

 While the whole move around NSDTS is country agnostic and is purportedly meant to tone up the security of digital networks in the country, the reference to China is definitely doing the rounds. The Cabinet Committee on Security headed by Prime Minister Narendra Modi gave its approval for a National Security Directive on the Telecommunication Sector (NSDTS) that will impact the digital and telecom ecosystem in the country. The NSDTS is aimed at preserving the integrity of the supply chain under which the government will declare a list of trusted sources and trusted products for installation in the country’s telecom networks.  There will also be a list of designated sources from where no procurement is to be made. The methodology to designate trusted products will be devised by the designated authority, the National Cyber Security Coordinator of India, and the list of the trusted source and product decided on the basis of approval by a committee headed by the Deputy National Security Ad
Read more