Threats in cyberspace are growing more real by the day. While the Internet has been hailed as one of the most revolutionary developments to have happened to humans in recent times, it can also not be denied that it promises to be one of the most devastating. Wannacry, Wanna or Wcry, the malware that threatened cybersecurity across the globe, is proof that a ‘digital apocalypse’ may not really be that far away. The attack on May 12 infected at least 45,000 computers across 74 countries. The number of computers infected may appear to be minuscule when compared with global figures, but its global reach gives ample cause for worry. According to reports, if the Ransomware attack prevented doctors in Britain from accessing patient files and disabled appointments, it locked students in China out of their theses. Such a widespread attack has been in the making and it is alarming that some of the older versions of Microsoft Windows, a very commonly used, often pirated, operating system in use in developing countries such as India are more vulnerable to such attacks. The software giant, too, cannot be entirely blamed for the issue as it had issued a software patch to address the vulnerability. The Achilles’ heel was that it was not installed as widely as expected. Many institutions and companies, particularly start-up ventures in India, depend on pirated software to start off, considering the prohibitively high cost of buying original software. This could leave great scope for a worm such as Wannacry to make its way around a broader array of systems in India than in other countries. This may be misunderstood as if the parent company, Microsoft, may have engineered this massive level of malware attack in a bid to severely discourage the use of pirated operating systems. This ‘misunderstanding’ may not be completely baseless.
The issue also points to the glaring fact that insecurities on the internet are often constructs of governments themselves. While investigating agencies under the government insist on the existence of backdoors to be able to gain unauthorised access to suspect systems, it also leaves the door open for creators of malware to breach security across internet connected computers. A while ago, Apple had faced heat from the FBI seeking that it should hack into an iPhone used by a suspect in the San Bernardino shooting. The FBI was then reported to have gone to the extent of buying the code from an Israeli company to break into the iPhone. The company named Cellebrite was known to provide mobile forensic software and listed investigating agencies of as many as 90 countries among its clientele.
If a company is able to break into a system that was believed to be protected against external threats, there can be no telling what else can be accessed easily by such well-equipped companies. The issue calls into question the Indian government’s claims of going digital with payments and its stand that electronic voting machines (EVMs) cannot be tampered with. Similar to EVMs being hacked, is the more sinister issue of Aadhaar data stored in very many computers across the country also getting illegally accessed. The illiterate Indian does not realise the high value of individual personal data. In the words of Mukesh Ambani, ‘Data is the new Oil’. The average Indian will take a long time to realise what has been taken away by this evil scheme. With the kind of data breach reported recently from Jharkhand and many other places, there is no telling how secure the biometric information furnished by people will be with the government. Before jumping headlong into digitisation, it would be wise for the government to place the necessary checks and balances in place, so that the country and the data it generates for supposed welfare will be more safe than sorry.