Indians lose ₹1.5 lakh to cyber criminals every minute: official

An annual cyber security conference is on in Hyderabad.

Citizens are losing anywhere between ₹1.3 - ₹1.5 lakh to cyber criminals every minute in India. This comes at a time when the recovery rate average for the country has been pegged lower than 20%.

These estimates were shared by Bhavesh Mishra, Deputy Secretary, Telangana IT and Electronics Department speaking at the ISACA Annual Cyber Security Conference in Madhapur, Hyderabad, on Saturday.

Underscoring that the Third World War could be a ‘mathematician war’, Mr. Mishra called companies dealing with Artificial Intelligence and Cyber Security (the codebreakers) to set up shop in the 200-acre AI City unveiled by Chief Minister A. Revanth Reddy earlier in September to tackle the growing menace of cybercrimes.

Meanwhile, Cyberabad Commissioner of Police Avinash Mohanty said cybercrime today is over 30% of the cognisable crimes in the commissionerate. This may soon rise to 50% in the time to come, he added.

Talking about the role of police (and regulatory authorities) in curbing cybercrime in the State, the official stressed on focus on prevention. “We need to move away from just doing ‘postmortem’ (after the fraud is done) to actually addressing the situation before it’s all lost,” he said.

Underlining the dynamic nature of cybercrimes, Mr. Mohanty highlighted an urgent need to speed up the regulatory framework with coordination between government and industries.

The official also called out banks to strengthen their Know Your Customer (KYC) procedures, improve oversight and audit and ensure compliance to regulation. “Several investigations have revealed that multiple companies associated with the same address and with common directors are involved in cybercrime. It is as if ready-made companies are prepared in India and handed over to individuals who want to create frauds,” the official said.

The conference saw industry leaders, including bureaucrats, bankers, consultants and technology experts, share insights on the future of cybersecurity in the era of AI and strategies for managing and protecting data privacy.

Stressing that security should be added as a ‘functional requirement’, G. Narendra Nath, Joint Secretary, National Security Council, Government of India, said that citizens (end-users) should be involved in co-creation of services as a pilot step before the launch.

He highlighted the steps being taken up by the government to identify genuine numbers, URLs and applications from the malicious ones used by cyber criminals to reach out to their targets.

How to avoid phishing attacks in the name of banks?

Citing examples, he said that all banks have been asked to have ‘160’ in the beginning of their customer care numbers to identify as genuine. The three-digit number will be a part of the 10-digit mobile number and any call without the number should not be picked up by the citizens.

“We are in the process of identifying and assigning individual numbers to banks that will follow 160. Once that’s done, the service will be enabled,” Mr. Nath said.

Similarly to avoid URL phishing frauds, all banks in India will have .bnk.in in their URL and financial institutions will have .fin.in. Hyderabad-based Institute of Development Research in Banking Technology (IDRBT) has been selected as the exclusive registrar for the domain, the official revealed.

Meanwhile, starting October 1, all telecom operators will ‘white-list’ links sent via messages (including SMS) to citizens. According to Mr. Nath, links which are not white-listed will be disposed at the operator level and will not reach customers. Such links are generally sent through bulk messages and if clicked can land citizens in cyber frauds, he explained.

The official stressed on capacity building to deploy cybersecurity experts in every corporation in the country. He advocated to push women’s representation in the space by creating enabling workspaces.

Published - September 28, 2024 12:58 pm IST