DATA SECURITY ON MOBILE DEVICES

The Indian Economy is going cashless and digital. This shift towards cashless digital economy has influenced many people to move towards digital banking and electronic transactions. Mobile wallets have turned out to be exceptionally famous alongside other UPI based applications and BHIM. The increase in digital transactions and the use of online payment platform have grabbed the attention of the cyber criminals. Studies show that in India, approximately 35-40 percent of the financial transactions are done via mobile devices which is expected to grow to 60-65 percent in 2017. All your accounts that are still logged into on the internet have to be properly secured. Are your contacts, emails, instant messaging apps, photos and banking apps are safe with the increase in digital and online operations?

The best solution to protect your smart phone is encryption. A built in hardware that secures your data while sending and receiving the information over internet. If the data is not encrypted, whatever is being sent and received will be readable to all. Encryption turns your data into unreadable format and can only be accessed with proper validity. In order to ensure highly secured data sharing, one needs to start securing the information at the very source. If the device is encrypted, all the account data will only be available with a unique key. No one will have the capacity to comprehend the information without the correct password even if the device falls into the wrong hands. “Today’s modern encryption is so strong that even super computers would take years to break” says Uthappa.

For Andriod users, plug in the phone while encrypting since the process takes more time while encrypting. To encrypt the phone follow the following steps. Under settings option, go to ‘Security’ menu. That is – Settings > Personal > Security > Encrypt phone. Set a password to newly encrypted files. The iOS users, under the settings go to General and then passcode lock. Now set a four-digit numeric pin or something more complex. To set a strong password, change the simple passcode setting to off.

To avoid unauthorized access to a phone, one is recommended to lock their phone properly with a strong password, pin or a pattern. Further, setting individual locking apps is a safer way to keep your data secure. No one can access your emails, banking or payment apps even if they get past your locked screen. In android this system is built-in but the iOS users cannot directly lock individual apps. But there are few apps available on Apple store that provide features to protect folders and documents. It is strongly recommended to avoid using common password and the password should be changed on regular basics.

Another way to keep your phone protected from hackers is to always install updates of software as soon as they are available. Updating stops the hackers from exploiting vulnerabilities of the software.

The apps available on Android Play Store can have virus infected apps, which upon downloaded gets full access to your phone. Hence you should not respond to the requests from app that do not look trustworthy.

When it comes to the use of open wireless network, anyone in the area can scoop in and get all the information through these connections.

Since there are a lot of risks involved in using open wireless network, is strongly recommended to stick to your phone’s data connection. Another way is to get hold of VPN apps like turbo, CM securities, Tunnel Bear for Android and iOS, which makes the traffic route through private encrypted channel, protecting your device from anyone who is snooping.

Always check for unusual activities on your accounts. You should never link payment wallets to debit/credit cards or their bank accounts. Keep a track of all messages and notifications that you receive from your bank or wallet providers, to make sure that you are aware of transactions.

A&S MAGAZINE WRITES ABOUT THE OFFICIAL LAUNCH OF DELCOM INFOTECH

Google denies reports of revamping ‘Clean’ look of desktop homepage

Google has rejected reports that the company is planning to revamp the desktop version of their Google.com homepage.

Google refuted the claims after a report in The Guardian stated that the company is going to integrate its app-based news feed, events, sports and interest-based topics into Google.com desktop page in the near future.

As per the reports by Ars Technica, a blogpost by Google on July 19 revealed that there will be new updates in the news feed, but the post was only meant for the mobile site and apps. However, the company’s spokesperson has reportedly denied that the desktop site is getting a revamp.

The spokesperson stated that later this year, they are hoping to roll some version of the feed experience to Google.com on the mobile web. He added that however, the design and functionality are still completely unconfirmed as this is still in testing phases. He further stated that they clearly have no plans for the desktop.

Google unveiled a new feed experience this week which aims at transforming the look of its mobile app with the addition of cards, videos and news stories. And as a result of this announcement, rumors sprouted that Google’s famous clean, simple desktop homepage, will also get the same redesign.

Indian government aims at bringing new Telecom policy by 2018

The Indian government wants to bring in a new telecom policy by 2018 and the first meeting regarding the same was held between Telcos and industry bodies and the government. Besides the ease of doing business, discussions were held regarding regulatory and spectrum-related framework, and security requirement for networks, in the first meeting.

 

A meeting was also held between the telecom department (DoT) and research organizations to discuss broad policy contours and key focus areas. Telecom secretary, Aruna Sundararajan, said that as per the inputs they have received, the DoT will constitute working groups in the coming weeks to look into different aspects. She further added that the meeting drew a huge response and representatives from telecom companies, infrastructure providers, research organisations, and trade bodies were also present. She also stated that discussions were held on what should be the focus of the new policy.

 

Apart from all this, discussions were also held on manufacturing and exports, as well as ideas of cloud economic zones, aligning of the Centre and states to achieve telecom objectives and devising network and regulations for IoT devices, as revealed by Sundararajan.

 

Currently, DoT is in the process of formulating a National Telecom Policy with prime focus on areas such as Internet for all, technologies such as 5G and Internet of Things (IoT), skills development, and security, among others. The DoT has revealed that they will be inviting views from companies like Apple, Google and Amazon, along with the Telecom Regulatory Authority of India (Trai) as a part of their consultation and outreach programme before finalizing the new policy. Public views will also be largely taken into consideration.

Telecom minister, Manoj Sinha, said that the new policy will be more app-driven than connection-driven.

This policy formulation has come at a time when the sector is facing a financial crises as revenue and profitability of both large and small operators are under severe pressure since the entry of aggressive newcomer Reliance Jio. It changed the game for the Telecom sector by offering free data and voice services for several months and has recently launched a Rs. 1,500 Volte feature phone, which aims to bring even larger number of consumers on board.

In light of Jio’s new aggressive offering, Sundararajan stated that these are all new benchmarks for India, adding that it is all making it accessible and affordable for the common man.

India faces more threats from cybercrime, One cybercrime reported per 10 minutes in country

India’s threat from cybercrime is reportedly on a rise as at least one cybercrime, ranging from global ransomware attacks hitting hundreds of systems to phishing and scanning rackets, was reported every 10 minutes in the country in the first six months of 2017. In 2016, a cybercrime was committed every minutes.

As per the Indian Computer Emergency Response Team (CERT-In), 27,482 cases of cybercrime have been reported from January to June. These cybercrimes range from phishing, scanning or probing, site intrusions, defacements, virus or malicious code, to ransomware and denial-of-service attacks.

Cyber experts have stated that with more Indians going online, it is crucial to put in place critical infrastructure to predict and prevent cybercrimes.

In the past three-and-a-half years, India has seen a total of 1.71 lakh cybercrimes, while the number of crimes so far this year (27,482) hint at the face that the total number will likely cross 50,000 by December, the same as in 2016.

Cybercrime expert, Mirza Faizan Asad, has said that it is not just enough to make efforts at the government level, which is, in some sense happening, but he added that cybercrime affects hundreds of individual systems and firms, all of whom need to be ready with specialised teams.

Among the phishing and defacement crimes that India has been dealing with, ransomware attacks have come as a surprise. As per the analysis of data from 2013 to 2016, 6.7% of all the cybercrime cases were formed by network scanning and probing, which is seen as the first step to detect vulnerabilities in systems so that sensitive data can be stolen. Moreover, virus or malware accounted for 17.2% of the cybercrime committed in India.

The experts have pointed out that besides attempts at ransomware, these are indications of increasing cybercrime-asa-service (CAAS).

Asad stated that there has to be a concerted effort to treat cyber security seriously, adding that a vast majority of organisations are looking at cyber security as a compliance task and thus do the minimum possible to achieve that.

The Supreme Court directed the RBI to be aware of the matter as the ransomware threats and the demand for ransom in bitcoins increased. A regular warning has also been issued by the RBI on bitcoins, which is a crypto-currency which attackers feel is the safest way to get paid.

PM Modi to inaugurate India’s first GCCS on 23rd November

India’s IT minister, Ravi Shankar Prasad, has revealed that Prime Minister Narendra Modi will be inaugurating the global conference on cyber space (GCCS) on the 23rd of November. It is the first time that the GCCS will be conducted in India.

The first GCCS was hosted by the UK in 2011, which was followed by Budapest in 2012. South Korea played host to the GCCS in 2013 while the Netherlands hosted the conference in 2015.

While addressing the press, Ravi Shankar said that India is hosting the global conference on cyber space adding that it will be inaugurated by the Prime Minister of India. He further revealed that they are hoping that over 2000 delegates will attend this conference from over 100 countries, along with 50 ministerial level delegations. Ravi Shankar also said that some head of states are also expected to attend this conference.

The minister further stated that he is in contact with global digital companies as well as Microsoft Chief Executive Officer, Satya Nadela, Google CEO, Sundar Pichai, and Infosys co-founders, Nandan Nilekani and N Narayanmurthy, to take part in the conference.

Ravi Shankar also said that the changing architecture of India in the digital space will be reflected in a way by the theme of this conference. Moreover, he stated that the government will soon launch a programme for digital literacy of 6 crore people.

Putting forward the point that digital India is designed to empower ordinary Indians, Ravi Shankar also said that in the theme of this conference, they have included cyber for all as part of India’s digital inclusion agenda.

The minister also claimed that the conference will also focus on making cyber space more secure and bringing in digital democracy, while also pointing out that the government would also set up an exhibition of digital firms.

Ravi said that they have proposed multi-stakeholder model for Internet governance, adding that they also want to reflect the same model in this international conference.

The Ministry of Electronics and IT stated in a release that GCCS 2017’s primary goal is on promoting an inclusive cyber space with focus on policies and frameworks for inclusivity, sustainability and development among others.

SECURITY

Top 7 Malware Myths Busted

The term malware includes all those potentially unwanted programs that can infect computers. Hackers make use of malware like spyware, viruses, worms, Trojans, adware, and keyloggers, which enter into a corporate network without any authentication.

In a period of time, businesses have realized the importance of network security. While network security professionals are busy spreading awareness among community users, people are still being misguided by common network security myths.

Before implementing the best security practices, it’s important to understand common malware myths and the facts that prove them wrong.

Myth 1: Malware Attacks are Easy to Notice

Fact: You can’t always recognize if your system is infected by malware or adware, as malicious agents often stay stealthily in your system and run their mischievous intentions undetected. Most malware programs that aim toward identity theft stay undetected in your system and direct your important contacts and data to third-party sources.

The Way Out: It’s important that you run scans using anti-malware software at regular intervals. This will help you in maintaining the security hygiene of your system.

Myth 2: Software Updates Don’t Upset Network Security

Fact: Security holes and crashes are more prominent in outdated systems, as loopholes are left unattended. Still, security practitioners often ignore pop ups for security update and end up inviting cyber-attacks.

The Way Out: It’s advisable that you update your software and operating system as soon as you get a notification. You can also set automatic upgrades to prevent any chance of skipping the upgrading request.

Myth 3: Anti-Virus Software Protects Your System from All Type of Malware

Fact: No anti-virus product is completely effective in keeping your system virus-proof. With hackers finding new ways to intrude into the latest firewalls and anti-virus software, there are many cases of malicious attacks even in protected systems. An up-to-date anti-virus software minimizes the risk of infection, but doesn’t ensure fool-proof security.

The Way Out: Along with an anti-virus program, you can also download anti-malware systems like Malwarebytes in your computer to improve the security quotient.

Myth 4: If Nothing Important is saved in Your System, It’s Safe from Malware

Fact: Malware attacks are not always intended towards stealing information from your system. Sometimes, it’s more interested in digging into your email contacts and sending them malicious attachments from your login ID. Such malware can even record your activities on social media websites and other password-protected platforms to perform mischievous activities.

The Way Out: To deal with identity theft, it is important that you keep your system safe from malware, even if you are not storing any important data in it. SMB firewalls and anti-virus programs can help in creating a robust security layer around your system.

Myth 5: Email Attachments from Known Sources are Safe

Fact: Email attachments that come from known sources seem to be safe, but with cyber-attacks becoming more sophisticated, you need to think twice before accessing them. It’s a wise practice to avoid email attachments from unknown sources, but random clicks on attachments received from known people can prove equally harmful. You may get emails from the infected system of your known contacts with malicious attachments.

The Way Out: Run anti-malware programs regularly to prevent malware that might have intruded into your system in the disguise of email attachments from known sources.

Myth 6: Malware Destroys the Computer Hardware

Fact: Malware is just a malicious software, which has no direct association with the hardware of your computer. Even the hardware of a seriously infected computer can be reformatted and a new operating system can be installed successfully.

The Way Out: Even corrupted BIOS (basic input/output system) can be replaced easily to ensure that your computer starts properly every time. All you need to do is connect with the right IT hardware vendor for any upgrade.

Myth 7: Legitimate Websites are Free of Malware Attack

Fact: Network security experts often issue a list of risky websites, which are not recommended for computer users. However, reputed websites are as prone to malicious hacking intentions as any risky website. The myth that legitimate websites cannot get affected by malware is now being challenged with an increasing number of reputed websites falling into the Google’s Transparency Report. Hackers and cyber criminals dig on even minor security loopholes of legitimate websites to spread malware in the visitor’s system.

The Final Way Out: Never ignore the security of your network! A security upgrade task may seem annoying, but has a major impact in ensuring the safety of your system. Also, explore the latest network security products in the market to keep your system up to date.

AUDIO & VIDEO INTEGRATION

SONY Press Release

Sony Launches Industry’s Highest Sensitivity 4K Network Camera SNC-VB770

and Compact 4K Camera UMC-S3C

New cameras combine sensitivity, color and resolution for range of commercial applications compatible with a variety of α E-mount interchangeable lens

                      

 

SNC-VB770                                                                      UMC-S3C

 

Hong Kong, October 26, 2016 – Sony today announced the latest 4K network camera SNC-VB770 and compact 4K camera UMC-S3C which offer the highest sensitivity in their class – under 0.004lx, ISO 409600 1 . The two new models combine ultra-high sensitivity with 4K resolution to give video professionals more flexibility to capture details even in extreme low-light conditions.

The new cameras achieve high resolution and sensitivity in addition to low noise due to its image processing and full-frame 35mm Exmor sensor – all developed by Sony. The sensor captures significantly more light with low noise than conventional camera sensors to realize drastic improvements in sensitivity. The result is low light performance in nearly pitch-black environments beyond the capabilities of human eyes.

 

                                           1 Standard ISO 100 – 102400, Expandable to ISO 100-409600

 

The cameras’ E-mount lens series accommodates a variety of lens options from wide angle to telephoto, allowing easy integration into a range of video capture applications including surveillance such as city, transportation, ports or critical infrastructure; web attraction, nature studies or scientific applications. Sony’s E-mount lenses are optimized to maximize the performance of the 35 mm full-frame sensor, keeping resolution high across the entire image area from the center to the lens periphery.

With the exceptional detail provided by 4K technology (4 times the detail of full HD), security and other video professionals, for example, can expand their wide area surveillance and capture, magnify and examine the smallest parts of a scene such as the appearance of an individual or a car license plate number – all with Sony’s SNC-VB770 and UMC-S3C.

The new cameras use area-specific noise reduction to selectively divide images into areas based on patterns (such as edges, textures and evenly colored areas like blue skies) to efficiently reduce noise. Image quality is further enhanced with the cameras’ detail reproduction technology.

4K Network Camera SNC-VB770

The SNC-VB770 is equipped with advanced network capabilities. Its Intelligent Cropping feature allows users to capture a full view while cropping images in its native 4K resolution from multiple images at the same time, with either 3 or 5 simultaneous video streams. The Intelligent Cropping has two modes, static and dynamic.

Users can select “static” to see multiple specific areas in one scene. They can capture an overview image and the details of the cropped areas at the same time. “Dynamic” mode uses the intelligent motion to detect, crop and track moving objects automatically.

Intelligent Scene Capture automatically adjusts and adapts picture quality (brightness and color) depending on time, weather and lighting conditions. The SNC-VB770 also allows users to customize picture parameter presets for the best settings. Multiple picture configurations can be saved and switched either manually (using the Picture Profile mode) or according to schedule (Picture Profile Scheduler) to ensure the best picture quality day or night.

Compact 4K Camera UMC-S3C

Weighting at approximately 400g, the lightweight UMC-S3C is currently the most compact camera among Sony’s line-up in the full-frame camera market. Long duration video recording is also possible as the stand-alone camera is equipped with a memory card slot on the camera body instead of network cabling feature. With a 64GB memory card, users can record up to 125 minutes of 4K footage with standard quality (30 fps/60 Mbps). The UMC-S3C also accommodates XAVC S format which enables high quality recording with 100Mbfps high bit rate2.

2 In the case of 4K recording

Sony’s 4K Network Camera SNC-VB770 and Compact 4K Camera UMC-S3C are now available at HK$58,000 (body only) and HK$39,000 (body only), respectively.

Detailed product specifications of the  SNC-VB770 and  UMC-S3C.

For customer enquiries, please contact Sony hotline service at (852) 2345-2966.

About Hong Kong Marketing Company

Hong Kong Marketing Company (HKMC), a division of Sony Corporation of Hong Kong Limited, provides sales, marketing and after sales services for Sony’s consumer electronics products as well as broadcast and professional products in Hong Kong and Macau. For more information on Sony’s products and services, please visit our website at  http://www.sony.com.hk and  Sony HK Facebook.

IP SURVEILLANCE

Colleges in the U.S. are stepping up their security game

 

 

Adapting with the modern day security programs

With the growing complexity of the modern day security programs, it is becoming increasingly essential for organizations to comprehend as much of what’s happening in the security landscape. Understanding new age technologies and strategies surrounding them can be a critical aspect of success for any organization and therefore, must be addressed with specialized efforts. Find out how organizations are keeping pace with the latest advancements in the security sector, as Dr. Niyazi Bodur shares his insights on a wide range of physical and virtual security threats.

Dr. Bodur oversees all of his university’s information technology and telecommunication services, as well as facilities management, design and construction, and security.

He has 27 years of professional experience in information technology, business-driven engineering research and development, instruction, and academia, as well as with major construction and renovation projects. He is highly proficient in leading and managing a variety of IT and facilities functions.

What are the key components that one must take into consideration while securing an organization?

In my opinion, securing any organization has to be an effective mix of humans and technology. While humans can play an imperative role in identifying threats and tracking abnormalities, be it in the physical or virtual space, technology can be utilized to augment these human efforts to obtain optimum results. Harmonizing properly trained and sensitized staff with relevant technologies will successfully assist in offsetting any imminent attack, both in terms of technical and physical security.

At our university, we employ staff members who continuously monitor global security practices in order to be effectively prepared before anything happens. These two components are further strengthened by other factors such as sound strategies, strong relationships with local police force, law enforcement meetings and drills.

What precautions and safety measures does your institution keep in mind while formulating a security plan for your organization?

The first step is to assess the available technologies and leverage them for the best protection of the college by encouraging a relatively simple and open flow of information among the faculty, students and other third party collaborations. While understanding the threats and solutions becomes the underlying factor of any security mechanism, we believe it is important to adopt a more pro-active approach rather than a reactive one. Thus, we do not just strategize systems to simply tackle the threats in real time but also understand patterns to eliminate threats before their arrival.

For example, the systems at our college were able to successfully tackle the recent WannaCry threat because of its pro-active approach. You cannot simply rely on a reactive model for disruptions as huge as this one.

How often do you update the security systems of your institution to overcome such a wide array of threats?

Our firewalls and other security devices in the network are updated automatically. The frequency of these updates are primarily subject to the vendor making patches or the availability of new updates in the market. The systems are also upgraded whenever a virus is detected or vulnerabilities in the system are tracked.

It is also essential to note that the demographics of virtual security are now constantly evolving. Ransomwares are emerging based on the concept of social engineering which involves targeting particular individuals or groups. Another concept is spear fishing, which is in the form of a fake email from a known contact containing a link. If you click the link you become a victim. Therefore in addition to updates, sensitizing users on these threats also plays an important role in overcoming their impact.

Could you elaborate on how new technologies in security impact the way you secure your premises?

I believe we are currently at a stage where things are just starting to take off and there is a lot of room for evolution. It is therefore crucial to stay abreast of all the new technologies and implement them as they come. In terms of virtual security, new and innovative tools and strategies assist in minimizing the threat significantly.

New technologies are also playing a critical role in terms of physical security, with now substantially improved IP cameras enabling better surveillance and precise outcomes. We can now constantly be on the lookout for any perceived or real threats by strategically placing cameras in critical areas, as the new technologies have brought the IP surveillance to areas where it might not have been otherwise practical.

How do you think we should feel in terms of security?

One of our biggest assets in terms of security is our knowledge and the ability to educate ourselves. Security problems will happen to us all at some point in life at some level or another. Nothing is 100% secure. We are now living in a virtual world, where hackers are giving new definitions to online threats every day. Therefore, we must make efforts to familiarize ourselves with such situations by staying updated with the latest detector and prevention systems, backing up data regularly on more than one device, watching out for Bitcoin, and staying alert in the overall sense.

CYBER SPACE

Safeguarding systems against Ransomwares

In May 2017, a ransomware named Wanna-Cry sent countless computers across the world into lockdown. A cyberattack of unprecedented proportions, Wanna-Cry primarily targeted systems running on Microsoft and held vital information from these systems as ransom. The perpetrators then extorted money in the form of Bitcoin cryptocurrency against the ransom. Within a day of its operation, the attack impacted more than 230,000 systems in over 150 countries.

A month later, the world was yet again faced with a similar cyberattack, targeting users across the US and India. Petwrap, believed to be a modification of Petya, an old ransomware, seized the computer screens of as many as 200 companies worldwide, against the demand of 300 dollars in bitcoins for the release of the hijacked information. In India, about 20 organisations were victimized by the ransomware, whereas in the US, the count was 45. Consumer, shipping, aviation and oil and gas companies were the primary targets, with other small organisations too facing its brunt.

The malware executed its operation by attacking the master boot record and seizing the functions of the system. On reboot, the malware displayed the ransom message demanding a payment made in Bitcoin. Post infecting the computer, the malware stalled for about an hour before rebooting the system.

Although Petya did not match Wanna-Cry’s colossal nature in terms of its reach and impact, it did show in technicality that it is far more threatening and can wreak incorrigible havoc. The losses incurred as a result of these attacks left organisations across the globe desperate for answers, with many now shifting their focus on fending off such malwares way before their incidence. While advancement in technologies are significantly helping the cause, individuals can follow these simple steps to safeguard themselves against the growing threat of cyberattacks.

Download patches

Malwares like Wanna-Cry and Petya primarily operate by preying on vulnerabilities in outdated Windows systems, for e.g., EternalBlue. To successfully overcome this, individuals can install patches that Microsoft provides as part of its updates. The company itself notifies its users that its antivirus is able to detect and terminate any such malware and therefor, should not be overlooked. In light of Wanna-Cry and Petya, the tech giant also issued several new patches for older systems to help user fend off any probable future threats.

Back up your computer

Ransomwares revolve around the concept of hijacking valuable information and demanding money in the form of bitcoins against this information. Backing up your computer on another (like an external hard drive or in the cloud) system therefore plays a pivotal role in this context. Backing up your data is a simple and straightforward way to safeguard yourself against any ransomware attack as it leaves you capable of accessing your information and therefore keeps you out of harm’s way.

Install protection programs

It is evident with the recent malwares that cyberattacks are now donning a more complex suit. It is only fair then, that cybersecurity too stays not just at par with these attacks but rather a step ahead. Security in the cyberspace is subject to revolutionary advancements, keeping in line with threats posed by malwares and effectively safeguarding the users against them. The latest antivirus programs are not just enabling the users to fend off threats at the time of their occurrence but also alert them in advance against any imminent threats. Staying abreast of these advancements and installing the latest protection programs therefore take precedence in the fight against cyberattacks.

Don’t click on anything suspicious

As most victims would tell you, majority of these attacks occur because of phishing emails. These are bespoke emails, tailor-made to look admissible, but plant a malware in the system as soon as they are opened. Identifying these mails and distinguishing them from genuine ones can be a tricky affair, but not impossible.

The users would often notice an error in the name of the person or the company responsible for the mail. It could be as inconspicuous as a small typo in the personal information.

The users must also abstain from accessing websites with illegal content as these websites are hotspots for malwares and leave the system dauntingly vulnerable to them.

Protect yourself when using public Wi-Fi

A system is also vulnerable while using public Wi-Fi, as it puts it in the purview of everyone else that is using the same network. This can be simply overcome with a tweak in your network settings. More often than not, your system will inquire if you wish to be visible to other users, where you can switch your security settings to private.