A DUBIOUS SORT OF ‘social engineering’ is the latest matter of concern for India, just as it is elsewhere. No, it has nothing to do with Mulayam Singh Yadav’s or Mayawati’s politics or, for that matter, the efforts to uplift Mahadalits. In these times of social media influx, crime too has donned virtual shades. Social engineering of the cyber kind is all about a hacker or a cyber criminal befriending an unsuspecting social-media user— a friend or a stranger—to elicit as much information from the potential victim. This data is then used for malafide purposes: to steal money online, extract a ransom or make other demands through coercion. And while most of us may consider ourselves aware and secure, no one is safe.
“The aim of the cyber predator masquerading as a friend could be to harm a person’s reputation, grab money or even to exploit someone sexually,” says Mumbai-based cyber security specialist Ritesh Bhatia, whose company, V4web, offers solutions to fight cyber strikes on the Government as well as the private sector. Cyber crimes, like others, could vary from petty crimes to serious offences, even wars. A recent survey by PricewaterhouseCoopers India and industry body Assocham had put the spotlight on the gravity of the situation: cyber crimes in India rose 350 per cent in three years between 2011 and 2014. They have been growing at 70 per cent or more annually ever since. National Investigation Agency (NIA) Inspector General Alok Mittal has said that one-sixth of cyber crimes reported in India take place on social media. Worse, the National Crime Records Bureau had stated some months ago that the conviction rate for cyber crimes in the country is at an abysmal low of 0.7 per cent.
Bhatia, who handles petty offences and serious economic crimes, was recently approached by the Mumbai Police with a case of harassment of a young man who was, ostensibly, a victim of cyber bullying, one of the most common offences committed online. Someone who knew this young man well posed as a girl with a seemingly real online identity and developed cyber intimacy with him. Many weeks later, ‘she’ asked him to send her a video of himself in the nude. Though he was shocked, he immediately obliged. It turned out to be the worst decision he’d ever taken. What followed were threats to send his nude photos to his fiancée. The intention, the police suspected, could be jealousy or simply to wreck the young man’s wedding plans.
Bhatia easily tracked down the position of the server used for the mischief and the location. What concerned him, though, was the police’s tardiness in response once they had all the information they needed. “You know they are not accustomed to even these basic facets of fighting cyber crime. They expected me to track down the person, which is not my job. It could be the brother or father or the nephew of the owner of the computer, not necessarily him or her. The rest of the operation had to be typical police action. My role was over when I identified the server… This acute lack of awareness is sickening and puts the spotlight on how unprepared many of our forces are,” he says. None other than Mumbai Police chief Datta Padsalgikar conceded recently that his men are poorly equipped to handle such cases. Padsalgikar said the city police lack trained personnel to deal with rising cyber crime.
Ullekh NP 