Think#Breach

Mobile Phone Breach

Mobile phones are particularly open to hacking, especially if you leave your Bluetooth on or allow others to operate your mobile device. Certain consumer behaviours make it easier for hackers to gain access to your devices and information.

  1. We buy phones from corner mobile shops and then ask the shopkeeper to port our data and contact lists into the new device. While it is easier to outsource this activity to the salesperson, you also leave the information at risk. He could copy it, and then sell it or use for his personal benefit. Especially if there are passwords stored on the phone, or auto-connecting mobile banking apps on your device.

Bhaiya, mere purane phone ka information iss naye phone mein zara port kar dena…

THINK BREACH
  1. We use the Bluetooth function on our mobile phone to connect to a headset or an earpiece, or to connect our phone playlist to a wireless speaker, or to transfer files or photos from our mobile phone to the computer. This allows an easy transmission of data or voice over short distances. Easy as it is to use, it also leaves the mobile phone vulnerable to a hacking attack from an unscrupulous person in the room. You may trust those around you, but in a crowded environment- a classroom or college canteen or train or even the workplace- leaving the Bluetooth on leaves your phone accessible to others. Blue-jacking is easy. Remember to switch off Bluetooth after usage.

Main to Bluetooth hamesha on rakhti hoon! Who will bother to keep switching it on and off…

THINK BREACH
  1. It takes but a few minutes to mirror your phone or install a spyware or malware on your phone device, especially when the phone is connected is a rogue computer. How unlikely, you may think! But we do use laptops to charge our phones, and sometimes may use a friend’s laptop. What if it’s a frenemy and your data is at risk?

Buddy, my phone battery is low. Just charge my phone on your laptop na…

THINK BREACH
  1. There are telltale signs if your phone has a spyware. You can see flashing red lights when the phone is inactive or it appears unusually hot even when not in use, usually hinting that some malware is running in the background. The quickest response might be to switch the phone off and to contact your mobile service provider for help.

Arre, phir se mera phone flash kar raha hai!

THINK BREACH
  1. Don’t just leave your phone lying around. You might be away for just a few minutes, leaving your bag and phone with friends at a restaurant table or on your desk at work. It takes just a few minutes for someone to install a backdoor entry onto your phone. This bug can allow the hacker to remotely control your phone or transfer information away at will.

Baby, just watch my phone for a bit. I will be back from the washroom…

THINK BREACH
  1. We remember to protect our laptops. But phones today carry a lot of data, from banking apps to photos and videos to important emails. Always remember to put a password on your phone and remember to not make it obvious. Put an anti-virus security software on phone.

Really, phone ke liye bhi anti virus hota hai? But I always put a password on my screen, my birth date actually…

THINK BREACH

Computer Breach


Computers are a part and parcel of our lives today; the nerve centres of our digital and real-world existence. We use them as devices to compile and curate our personal lives- emails, documents, photos, video, music, gaming and much more. Yet, the more tech savvy we become, the more cluttered our digital world becomes. Combine that with poor, unthinking cyber safety habits and our computers become vulnerable to attacks.

  1. Many homes have multiple computers today, all connected to the internet through a wi fi router. The router itself is a simple off-the-shelf box, whether grey market or original. It is plug-and-play, connect and interconnect. Wi fi signals can travel short distances through walls. We forget to secure our home router with a password, and it becomes open and available to any miscreant in the neighbourhood.

Router password? Arre apne ghar ke network mein kisse password chahiye?

THINK BREACH
  1. We are all avid users of online content, and the internet offers the serendipity of discovery. We all search for sites, songs, movies or content. Today, we are spoilt for choice. The same song or video might be available on a variety of sites- available to download for a fee on a paid site or subscription site, available as a partial on YouTube, or available for free download from a variety of sites. Tempting as it is, we can never be sure if a worm or a Trojan is masquerading as an attractive free site. Many aren’t, but some are.

Ab free mein download available hai, toh pay kyun karoon?

THINK BREACH
  1. Online touts are always chasing us over emails- selling us everything from holidays and homes to gadgets and books. Many are legitimate- these are companies that have paid huge sums of money to acquire lists of emails of people like us, so that they can send outreach advertisements. But many others could be rogue sites, ready to install a malware at the click on a link or get our personal details by inviting us to fill in a form. Should we trust an unknown site?

Aha, yeh kitna cute e-cards site hai. Bus mujhe gmail se sign karna and phone number dena hai. Registration is free.

THINK BREACH
  1. We are a value conscious country and we want the best bargain we can get. Maximum usefulness for minimum money. Many people will buy a computer, but then get a pirated version of software. And a pirated anti-virus software may not be effective in reality. Not that anti-virus software can protect against every type of virus or malware out there. But just like a vaccine, shouldn’t you protect against the common diseases? It pays to be safe.

Offo! Itna mehenga anti-virus kaun khareedega? Market mein to saste version bik rahe hain- bas laga liya!

THINK BREACH
  1. These days everything from an email portal to a digital news site, from our online bank payment gateway to free newsletter of quotes wants us to sign in and create a unique login ID and password. Many a times, applications can take our email address or Facebook profile as the ID, but prompt us for a password. It is cumbersome really to keep track of so many passwords. Isn’t the easiest thing to do is to use the same password. Easier for the cyber crooks too- as soon as they get hold of one password, they can get into your other accounts.

Itne saare passwords kaise yaad rakhu! Maine to har site par ek hi password daal diya hai. Bas kaam aasan!

THINK BREACH
  1. We live in an interactive cyber territory. As soon as we are online, sites and companies track our browsing history, our shopping profile, and even the content and themes of our emails and posts. Whether just surfing or social networking, pop-ups keep showing up on the sidebars of the visual space on our computers, sharing details of something new and untried. Many of these are simply malware, ready to install on our computers. All it takes is one click.

Yeh kya naya site hai! None of my friends have mentioned it. Zara dekhoon to sahi…

THINK BREACH

Wi Fi Breach


Was there ever a world without wi fi routers? Today, we want to be connected to the web and through it to others anytime and anywhere. At home, we don’t want to wait our turn on a common computer- we all want to be connected on different devices at the same time. On the move, wireless broadband services allow us to remain connected. Outside facilities have moved on too! Many public spaces like airports, restaurants, coffee shops or malls off free wi fi. All we need to do is to click on the name being broadcasted by their router. But then, what is safe practice and what is not?

  1. Many homes have multiple computers today, all connected to the internet through a wi fi router. The router itself is a simple off-the-shelf box, whether grey market or original. It is plug-and-play, connect and interconnect. Wi fi signals can travel short distances through walls. We forget to secure our home router with a password, and it becomes open and available to any miscreant in the neighbourhood.

Router password? Arre apne ghar ke network mein kisse password chahiye?

THINK BREACH
  1. Sometimes when we click onto the network connection box, we see several options. Routers in the vicinity of our computer that could be available to be accessed. Many are secure- they have a lock sign next to their name. Many are open. Unsecure. Unencrypted. Unsafe. Even if it’s been left open by an unthinking person, some other nefarious crackerjack could ride the same connection and get to us. So when our own network is down for some reason, all the more reason to exercise caution and not be tempted by an open network in the neighbourhood.

Oh no! Mera network phir se down hai! Par ye kissika open network toh hai- let me log in!

THINK BREACH
  1. Often we are in public spaces and are keen to use out tablets or laptops to connect to the internet. This is easier now, with free wifi connectivity in malls or cafes using wireless broadband routers. We grab a table, connect on to the net, and hey presto, we are switched on. Sometimes the connection is encrypted and we are given a unique password linked to our room number or table number. But, often the password is common for every user. The trouble starts when many others are surfing on the same pipe. Who knows who is in the vicinity, eager to nab your data? They could be sitting with sniffers, ready to intercept your data and read your online chatter.

Let’s just sit here. Yahaan par toh free internet hai- bus click and connect.

THINK BREACH
  1. We like to keep abreast of latest trends. Like the one for announcing our location, by broadcasting our location on social networking sites. This can allow location based apps to contact us- advertisers can suggest shops or services in the vicinity; dating sites can suggest people nearby we could connect with. But, in a vast country like ours, where screening is near impossible, how tricky is something like this? Who knows who is watching us, observing us, stalking us?

Meri life toh open book hai. Jahan hoon sabko pata rahta hai.

THINK BREACH
  1. We operate financial accounts using our computer or mobile devices these days. Making online bank payments, making stock market transactions or purchasing movie tickets is easier than ever before. It’s all about instant gratification too. We can be sitting in college campus or in a café and entering our credit card information or making bank debit transactions to get what we want. Yet, how safe are these open networks? Even more than surfing or social networking, doing financial transactions on an open unsecure network makes us vulnerable to real financial loss.

Payment karna hai? Mobile banking se bas ek minute lagega… aur yahan toh free wi fib hi hai.

THINK BREACH

Social Networking Breach


We are social like never before. Never mind that our lives are so busy that spending time in person with friends is a challenge. Our online persona is hyperactive, clicking and connecting, posing and posting, sharing every fun moment and sob story. There is something called TMI, or Too Much Information. But do we think? It’s much too much fun to be out there, announcing our presence and location, making known our successes and sorrows. And even if our social sites are not breached, they can certainly be used to stalk or bully us. The mess can spill into our real lives too.

  1. Today everyone pays some attention to their privacy settings. But what about the privacy settings of friends? If their settings are completely public, any tagged or shared images can be seen by anyone. Online stalkers can piece together our social media interaction to build a picture about your life. If not you, then pictures of your children or siblings can become available to every miscreant with mischief in mind. Future employers can see posts and pictures and form opinions you may not like.

Mere Facebook ki setting toh private hai. Ab kya chinta hai- kuch bhi post karo.

THINK BREACH
  1. Did you know that every tweet gets recorded in the cyberspace, even after you delete it? While most of it is stored to be used for big data analysis and creating trend reports, if someone really wanted to, your individual posts or tweets could be dug up anytime in the future. Your opinions could be repurposed or repositioned in ways that you may not want. Look at how Snowden’s posts from an online chat room, where he posted under an alias, are now available for us to read and analyse and pull apart.

Bas man mein aaya, toh likh diya. Social media par kitna chatter hai- kal ko kaun yaad rakhega?

THINK BREACH
  1. Youth sometimes feel compelled under misguided friendships to divulge passwords or leave them easy to find. Nothing can be more dangerous. Friendships can change. Frenemies may like to harm you. Bullying and stalking has taken an online form these days. An unauthorised person can get into your account, not to just deface it, but cause more harm by posing as you and saying things that could harm your reputation or your relationships.

Bas apni BFF ko password diya hai- just in case, you know. Agar emergency main use kuchh post karwana ho.

THINK BREACH
  1. The world has expanded today- people move, but friendships remain, cemented through online contact. The tug of friendship or young love is too strong. Today it is easy to video chat or share images and videos with friends who have moved away. But you don’t know who else has access to their accounts, who else might be watching the interchange at the other end, and how those images or videos can end up being used. You might have shared something in a person to person interaction, thinking it is confidential. Many a times it isn’t.

Apni yeh video maine bas apne best friend ko bheji hai! It’s between us – no one else will know.

THINK BREACH

Corporate Breach


Companies have gained a lot of efficiency and intelligence due to information revolution, but also stand to lose a lot if trespassers get into their systems. From IP theft to stealing of records and data to gaining entry into a company’s systems just to deface or prove a point to financial fraud, companies are at risk in many ways. No wonder billions are spent in monitoring the systems and peripheries of a company, in getting the best and most expensive firewalls and antivirus and other security software. Companies many a times forget to secure themselves from the inside.

  1. Work happens at a hyper pace today, and no one has any patience with delays. Whether someone is ill or on leave or away on an emergency doesn’t matter. We want information now, if not yesterday. The information is mostly digital- stored on individual machines or on the shared digital space, accessed by passwords. So workers adapt. Managers leave account and password details with their assistants. Executives share passwords with a trusted colleague. Some can leave it on a post-in inside their own office drawer. But who knows when trust gives way to expedient misuse.

I leave my password with my secretary. Mujhe bilkul trust hai- she knows all my details.

THINK BREACH
  1. Mobility is the mantra today. Deadlines are faster like never before. Work happens around the clock. Flexibility is a benefit. Workers can do their job from the office, from their homes, or from an outside venue. Companies provide secure access to their systems, and employees can log in anytime from anywhere. That adds a lot of uncertainty into the security mix. What if the employee leaves his device unattended for a while and someone accesses the company using this machine?

I am so lucky- main coffeeshop mein baith kar kaam kar raha hoon! Now let me just go order another cuppa…

THINK BREACH
  1. Devices are password protected. But how easy is it to hack into a password. There are many ways- from brute force cracking to intelligent guessing to using password cracking tools. It can even be planned in advance, by putting a keystroke logging malware on a machine. Then imagine the possibility that the device gets lost or accessed by someone outside of office hours.

Oh no, I lost my office laptop at the station – ek minute wahin tha, doosre minute gaayab.

THINK BREACH
  1. Some companies block usage of external sites from the corporate device. But many companies don’t have such restrictions and employees can use their office device to connect to the internet for personal emails and work. Personal email platforms are not as secure, and the chances of the device being infected or attacked increases. Commonly used sites and corporate platforms like banking gateways can be secure, but if the employee is not sensitised to avoid certain high risk sites, such as music or gaming sites, the risks increase further. The net has automated bots, probing at random to find any insecure connection.

Office ka computer hai toh kya hua, mere paas hai. Main kuchh bhi access karoon, kissi ko kya?

THINK BREACH
  1. Some offices are very stringent on what sites the office network allows. Yet, they allow their high-impact executives to access the secure network through their mobile devices. Mobiles are very susceptible to being hacked. A miscreant can use Bluetooth connectivity or malware embedded in a mobile app to hijack the mobile device, and from there enter the protected sites of the company.

We have complete security systems for our offices. Mobile security for employee devices, you say?

THINK BREACH
Background Image