Business Today

"In the context of India, the attack surface has greatly increased"

Nation states have added a new dimension to what is emerging as the newest theatre of war after air, sea, water and space - the Internet.
twitter-logoRajeev Dubey | Print Edition: April 22, 2018
Photograph by Shekhar Ghosh

Nation states have added a new dimension to what is emerging as the newest theatre of war after air, sea, water and space - the Internet. They interfere in other countries elections, in their power grids, in sports events, and are even alleged to be disabling naval vessels over the cloud to cause accidents. But that's not the only area where cyber defence needs to be beefed up. Enterprises continue to remain major targets, as do governments, financial institutions and even national identity databases. Business Today's Rajeev Dubey talks to Greg Clark, CEO of the world's biggest cyber security firm, Symantec, on how such issues are being dealt with. Edited excerpts:

On the web, which way is cyber security headed, in terms of the kind of challenges and how industry is dealing with them?

A: What happens when you are adopting cloud is that you may select an infrastructure platform like Amazon or it could be a little telecommunications company and they are providing you data centres. One thing that is important across these outcomes is that you are still responsible for your users and data that the enterprises are custodians of. Users can be employees, customers, guests or partners. You are responsible for their identities, protecting them from inappropriate access, along with the data that the company gets.

Criminals are active. What you see from Petya, WannaCry, some nation states are tampering with elections. So, in terms of the need for what we are doing, we believe it has never been higher. Is your cyber defence budget increasing or shrinking? It's always increasing. We are fortunate to be the leading provider in this area. Regarding adversaries, when we find a way to stop an attack, they find another way. In the context of India, with the advent of digital currency and digitalisation of the economy, the attack surface has greatly increased and the criminals are very active.

What's the nature and volume of attacks in cyberspace? How have they been accelerating over time?

A: Let me cover some stats on the India theatre because I think these are fascinating. In the world, we have seen huge increases. We have seen doubling of attacks born in India. It used to be circa 300 (one in 300), now it's just a little over 100 units (one in 100). The frequency stuff is huge on the email attacks surface. On the websites, we see over a billion sites a day that have never been hit before in our customer base, which is huge. It's hundreds and thousands of companies, tens of millions of consumer users. And when we see a website that has never been touched before, that's of high interest. A lot of that involves criminal activity.

The most common attack vehicle is email because it is the easiest way to get to the weakest. One out of every 150 emails within India contains either a malicious code or link to a malicious website for drive-by downloads. The other thing is botnets, an army with complete power, a virtual soldier. In this context, on a global scale, India ranks 2nd in the world, up from 17th in the prior year. India is big place for computing work done for the global economy. With that comes the attackers, who are using that computing power to create these virtual armies. India now ranks second in terms of spam, which is often another type of vehicle either for social engineering or a conduit into infectious sites. As people get these things and click on and move forward, they start to cascade attacks. The key point is that India is increasing on all the major vehicles of attack that are broad-based. The rate of rise of botnet is phenomenal.

How do you reckon India is alert to and also doing vis a vis other countries?

A: If you look at the big service integrators in the country, and I can think of HCL, Infosys, Tata organisations, all of them are very good globally at helping people with cyber defence issues. Internally, in their operations in India, there are very good at what they do. There is unique capability in the workforce of the large integrators when you go to the higher end in the government or big financial institutions. India's doing very well at that layer. It's really the next layer down, the top 2,000 companies, where skills are hard to find. This is where over-the-cloud service providers can be helpful.

Of the four US navy accidents where one angle is cyber attack disabling a part of the Navys capabilities, do you see that being taken seriously in countries?

A: Many nations looked at land, air, sea as theatres (of war). Now, they have added cyber. Every country has a task force on it. People are coming after it with the right energy. India is the same. In homeland security of every country it's really about making sure that you can recover from these kind of things, that you can detect them, that you can respond to them. In India, there is no shortage of awareness that this kind of problem exists, this kind of adversary exists. It's the same in every country. Investments are being made, people will work on it. It is easy for national infrastructure to be attacked. If it's online, protected by commercial products, it is vulnerable to previously unknown vulnerabilities.

The attack surface on critical infrastructure - power, water, rail, transportation - these are definitely specialised purpose built networks that need huge investment. I want to encourage every government to make continuous investment in these. That's where malware likes to roost, criminal infrastructure likes to roost, because it is unprotected. I think we are in the phase of security maturity and cyber maturity (where) we move into tailor-made solutions.

What's your view about how much of the citizen should the government know about?

A: This is a debate that will take its course. We want to anticipate a solution where the answer is zero, that you can't see anything that is going on with the consumer from the network.

Are you saying it should be taken from the consumer but it should not be visible to anybody?

A: We think there is an opportunity to still protect consumers and enterprises without breaking the encryption. Encryption has been a weapon for centuries and being able to communicate as a criminal openly is definitely an advantage, so we use encryption for consumer privacy; we think that's a good idea. But we also realise that is a method for really bad behaviour from criminals. So, we are working very hard on being able to still protect people on that kind of internet. We think that debate is for governments and citizens. We as technology providers want to protect enterprises when traffic is completely dark.


  • Print
A    A   A