India at the top of countries facing spam and botnets
After Dallas and London, the US-based think tank EastWest Institute is organizing its third Worldwide Cybersecurity Summit in New Delhi on October 30-31in partnership with National Association of Software and Service Companies (NASSCOM) and Federation of Indian Chambers of Commerce and Industry (FICCI). President and CEO of the organization John Edwin Mroz explained to Santosh Tiwari why such a conference which will witness interactions among global experts from the field, Indian government representatives and the corporate world, which will have to actually bear the cost of ensuring a secure cyber space for the consumers, is so critical for the country.
Q. Why has India become so important in terms of cyber crime and security?
A. Spam and botnets are the core pieces of cyber crime. Our study shows that China has been quite good in fighting them. The data from five sources that track spam globally, shows that India is a problem area and two of them ranked India as the worst in spam and others ranked it number two about a year ago. In the latest study, two more sources have put India as number one. So, four out of five, think that India is a major problem area in case of spam. This is the initiation point of cyber crime and this is where the work has to start.
Q. Why is India at the top of this list?
A. A day before the summit, we will be organizing an interactive day-long session between global experts and Indian companies. The main reasons for India facing major spam and botnets problems is use of vernacular language in which you don’t have products to prevent them and also mobile becoming the biggest communicating device. So, I would put this as priority number one.
Q. According to you what should the companies, not just the IT or telecom but any business, and government do to rectify the situation?
A. Business need to realize that spam can be the primary vehicle for malicious code that can infect their internal networks, and possibly compromising the security of their operations or that of their customers.
There are two basic steps that service providers should perform. One, detect abusive messages and share the data with peers. Detecting is accomplished by having the right software and intelligence in the operations of networks and applications. Sharing is done by local and international cooperation.
Q. Putting in place the preventive mechanism would mean additional cost for the companies. Isn’t it?
A. Realizing the value of secure networks in their enterprise, there is a need to select service providers that are aggressive in implementing world-class best practices.This means that they do not select their service providers based on lowest cost only.
They should also have policies in place to avoid unlicensed software and keep their software updated with the latest patches to keep known security flaws patched.
Service providers should take advantage of abusive message reporting mechanisms that their subscribers can use.
Q. Obviously, these issues will be discussed in detail at the summit. Which are the other areas of focus in dealing with cyber crime?
A. During the Summit and in a special October 29 FICCI-hosted workshop, world-class talent is being convened in New Delhi for intense, interactive working meetings that will focus on engaging Indian ICT and broader business communities with the international spam and botnet fighting efforts. ICT development supply chain integrity, role of international companies in cloud computing and storage, reliability of global undersea communication cable infrastructure and proposals for establishing a system of priority international communications are the other areas on which conference would focus.