Cybersecurity: ‘Understand threats, treat digital lives as real lives to prevent attacks’

BSNL further said that the affected devices that it identified were mostly of customers that still had default “admin” password on their modems, and those which are associated with already-infected computers/devices

Pranav Mukul

Close on the heels of two major malware attacks that crippled systems across the world, India’s two state-owned telecom operators Bharat Sanchar Nigam Ltd (BSNL) and Mahanagar Telephone Nigam Ltd (MTNL) were also hit by a malicious software late last month that affected a “few thousand” BSNL customers and about 10,000 MTNL broadband subscribers. While both these threats have been addressed up to a large extent, experts have pointed out that it is imperative for the corporates as well as individuals to continuously take measures to prevent such threats rather than responding after they are affected.

“WannaCry couldn’t have been the biggest attack in history if people were prudent enough to keep their operating systems up-to-date with security patches released by Microsoft way before the attack happened. It’s about time people paid heed to warnings, understand the types of digital threats, be wary of sharing their personal details and treat our digital lives in the same manner as we treat our real lives — with a sense of security,” said Sanjay Katkar, joint managing director and chief technology officer, Quick Heal Technology.

In a statement, BSNL said: “A few thousand BSNL Broadband customers across the country were affected on 25th July, presumably due to external virus attack on their modems…BSNL has taken swift action for reconfiguring the affected modems and restoration of the Broadband services. The situation has now been contained to a large extent and further efforts are on, to address the remaining complaints.”

BSNL further said that the affected devices that it identified were mostly of customers that still had default “admin” password on their modems, and those which are associated with already-infected computers/devices. “Customers are advised immediately to change the default modem password to their unique password, following best practices of setting passwords, so as to prevent virus attack into their modems,” BSNL said.

MTNL chairman and managing director P K Purwar, admitting to the attack, told The Indian Express that broadband modems with chipsets of certain makes were affected. He said that the modems of the affected users have been reset, and that the access point used by the attackers to spread the malware was blocked to prevent anymore connections being infected. For its customers that faced the issues, while MTNL, which operates in Mumbai and Delhi, has reconfigured the modems, it also advised its other broadband customers to reset their modems by pressing the reset button on their devices for a few seconds.

Quick Heal’s recently released quarterly threat report for April-June period said that nearly 2.5 million malware detections were made every day during the three-month period. “With more users adopting the cloud to store their data, ransomware attacks on cloud server are expected to show up in the near future. There is an increased likelihood of massive attacks like WannaCry due to individual users and businesses failing to keep their systems patched and up-to-date,” the report noted.

In the past, to recognise the need for having a guiding principles for cyber security in the country, the Centre has put in place a number of policies and frameworks such as the National Cybersecurity Policy in 2013, the establishment of the

Joint Working Group on Public Private Partnerships in Cybersecurity in 2012, the recent setting up of the National Cybersecurity Coordination Centre, among others. However, sectoral experts peg that these policies and frameworks lack what’s necessary to ensure that the country’s systems are well defended. “…these policies and plans continue to lack sufficient specificity and have not been implemented yet. It is imperative that the Indian government seize the opportunity to enhance the legal, policy and operational environment for cyber security by implementing policies and frameworks that are stable and clear, in addition to being risk-based and flexible to adjust to evolving threats,” said global software advocacy group BSA.