Amol Mathur, Director-Cloud Security, APJ, Akamai Technologies, in an exclusive interaction with Sarabjeet Kaur, explains how even putting all sorts of security tools in place do not work until organisations educate their user base about security hygiene. Spreading awareness and educating users is the key to a safe cyber environment.
BW CIO: Do Indian firms realize the growing magnitude of cyber-attacks and the significance of cyber security?
Amol Mathur: The level of maturity of organisations varies from one industry to another. There are companies who completely work online and 100 percent of their revenue is tied all around that. All the e-commerce players sell as well as interact with their customers online. Similarly, OTT video providers deliver all their services online. Now if these websites face a downtime or get hacked, then their entire business gets jeopardized. So these are the people who have a high degree of maturity in understanding the value of cyber-attacks as this is their only business and they do not have a physical store; this is one of the major risks that they actually worry about.
Likewise, BFSI is one of the most regulated industries around the world. However, in the Indian landscape, the regulations are not as strictly defined as they are in other countries like the US, Australia or Singapore. So that is also an area where the need for security and using technologies is increasing.
Also, I feel that people are becoming very aware now. Understanding the value of cybersecurity is still in the nascent stage but as India makes a push into the whole digital and cashless economy paradigm, the country is catching up to the speed.
BW CIO: Digital India has increased pervasiveness of the internet along with soaring mobile phone sales. How much of this has fuelled the security breaches of mobile devices?
Amol Mathur: In one of our reports published last year, we explained how we were seeing large attacks happening globally which were majorly coming from mobile phones and most Android phones. After doing some research on the infected devices, we came to know that there were few benign looking applications running on the Android phones. These applications were disguised as an ordinary app of a video player or another application which claims of making your phone work faster. But at the backend, not known to the user, these apps were using the mobile phones as nodes in a much larger botnet.
The interesting part was that a lot of the devices belonged to India. After considering that fact, if you think about the Reliance Jio services in India which provide unlimited internet data, voice calls, SMS, and a mobile phone, all for a minimal cost, is bringing in a huge user base online from tier II and tier III cities. Majority of them are not cyber-literate and they are now downloading all sorts of apps having no idea at all about what can be the consequence. This is one of the reasons which is driving the attacks in India wherein almost every week we hear about applications which have a malicious purpose and millions of people have downloaded those applications.
BW CIO: Is it true that applications downloaded from the Google Play Store are safe, unlike third-party applications?
Amol Mathur: We worked with Google last year and removed around 300 apps from its play store. So, no, third-party applications are not the only ones which pose a threat but certified apps in Google Play story can also be fraudulent. These apps were using devices to only launch attacks, however, if a user has mobile banking or other sensitive data on the device then one can possibly be victimised to stolen data.
It is a major challenge which comes down to individual awareness. The companies which are hosting these apps on their platforms have to take measures on their part as well such as scanning them and ranking the developers. But it is a tough job as from Google’s perspective, they want more apps and developers added to their platform. Whereas, on the user’s perception, there are now people in rural villages who suddenly have received access to 4G connection and are downloading all sorts of stuff. How do you teach them? It is a problem on a whole new level.
BW CIO: How do you spread awareness regarding this and increase your user base by imparting more information?
Amol Mathur: We have a distributed platform. Last year, Google had announced that it has 2 billion live android devices around the world. This is just Google’s statistics, whereas, there are innumerable other devices as well. This is going to continue with the growing number of mobile devices, connected devices, nanny cameras at home, washing machines with IP address, and more. Our goal is to make sure that our platform is prepared to handle the scale of the attacks as now it is not just attacking a single machine but doing so to ultimately infect billions of other devices connected to that. To teach our customers, we firstly tell them about the phenomena happening are no longer an imagination. Secondly, we give them the Akamai platform and technologies that can absorb attacks of such large scale while keeping our customers healthy online. We have a rich set of solutions which help to detect and mitigate a bunch of different types of attacks.
BW CIO: What are the areas of security that Akamai is focusing the most on currently?
Amol Mathur: Our current focus is on our solutions for DDoS attacks, application protection, and credential abuse-wherein our software detects bot traffic coming to websites. We have seen that roughly 50 percent of traffic coming to most websites is bot traffic and not human traffic. This is an interesting use case which is gaining a lot of momentum as data breaches are happening on every platform.
BW CIO: What are the measures you suggest for fighting against malware?
Amol Mathur: Let’s recall WannaCry ransomware to understand the cusp of the problem. WannaCry, at a fundamental level, is a piece of malware that was able to get on multiple corporate systems to encrypt their data instead of stealing it. The core problem is that users got foreign code i.e., malware on their machines which they were not able to detect and it did a bunch of different damaging activities. Encrypting data is definitely one of the worst things because then the user cannot access any of it.
There are multiple measures that one can take to fight against such malware. However, even if the best of breed solutions are brought to detect malware, I still do not believe that one can be 100 percent secure. Yes, everyone needs to invest in technology which is able to detect malicious traffic and malware through multiple channels such as emails, pen drives, and unidentified links on websites.
But even with all these technologies, what the organisations forget is user awareness. Your security is as good as the weakest link and typically humans tend to be the weakest link. So you can put all these tools in place but if you do not educate your user base about security hygiene then they can definitely fall victim to it. Then only the risk level of these events happening will come down to a level where the CIO will finally be able to sleep at night.
BW CIO: What are the most common Cloud attacks that have been occurring?
Amol Mathur: Cloud-first enterprise is gaining continuous traction. But as you use more technology, more security challenges are faced. At the same time, we cannot stop doing that either as technology has a profound impact on the society in general. These are the two sides of a coin.
The most common security threats encountered while migrating applications to the cloud are credential abuse, malware – one of those key things which is going to keep rising, cyber spearfishing is still one of the biggest vectors, and DDoS attacks. Malware is one of those key threats which is going to keep rising, while cyber spearfishing is still one of the biggest vectors. The scale of DDoS attacks will also keep on rising with the emergence of IoT devices. Since everything is connected then it is bound to get attacked all together as the first device is used as a vehicle to attack others.