The coming in of 3G has seen a huge rise in smart phones and advanced apps and video. However, rates in cybercrime have also seen a sharp increase, with easy accessibility to prohibited websites, and faster download speed with video on mobile have provided for better viewing, downloading and sharing. Please provide your views on this scenario.
Smartphones with their superior quality video and high bandwidth applications are becoming more affordable, which is leading to the sharp rise in cyber crime.If stringent laws are not enforced, there will be a significant increase in cyber crime as consumers have easy access to 3G and high bandwidth apps. The Indian government has issued a regulatory policy to prevent access to prohibited websites which all Indian telecom operators need to ensure using appropriate filtering irrespective of whether internet traffic is generated from a mobile device or a desktop. Access to malicious websites and malicious mobile applications will increase significantly due to the immaturity of mobile OS (Operating System), lack of security awareness by users and limited mechanisms to test mobile applications for malicious code and security flaws.
Is there a way to separate the useful apps from the other ones, or provide some security or code for certain applications, while blocking others?
Yes, there is way to handle this. Technically speaking, restrictions can be placed on the applications and internet services in such a way that everyone cannot access all the websites. An example is mobile security both at the application level and at the network level. If you look back, most of the cybercrimes are related to either money (such as credit card, mobile banking, land related, political etc.) or adult sites. So, any applications/services that access resources related to the above needs to be controlled. For example, all the outgoing HTTP/HTTPS traffic needs to be investigated before access is provided. These would be some of the ways to separate the useful applications from crime related applications. Tech Mahindra has developed a unique and proprietary service based on its extensive mobile and security capability to test binary and application source for embedded malware and security flaws. The certification service launched recently has already completed extensive security testing of over 15000 mobile applications. We found around that 3% of these were malicious.
How secure will 3G apps be, and are you doing anything to promote this security aspect?
3G will usher in an era of video communication and new multimedia applications as opposed to 2G which is more data oriented. Essentially the security risk remain the same. However, I see a greater risk of pornography and sexual harassment.We are in the process of including the security aspects into mobile apps and VAS services. We would like to put some guidelines for the newer applications to be secure enough for usage.
In big enterprises, how would one keep a tab on what is being downloaded using office internet synchronized with a 3G mobile phone?
The simplest method is to ensure that USB ports are blocked. The other way to keep tabs is to analyze USB logs, which is an expensive proposition. The IT manager may also keep a tab on the employees and tighten security through a firewall, proxy servers, password enabled WiFi at an advanced level and monitoring the outgoing traffic. However, if there is too much of monitoring or checking, then speed becomes too slow. So one has to be a bit smart on what needs to be monitored.
Do you believe that 3G will promote cybercrime, and what steps do you suggest can be taken to avoid this?
Cybercrime is here to stay irrespective of whether 3G is here or not. The primary reason for increase in cybercrime is the avalibity of financial services over mobile devices.
I suggest the following to avoid cybercrime:
• By creating secure mobile applications and services (a technical solution)
• By creating the awareness of cybercrime and educating the people about the potential risks and crimes through advertisements, media etc. which is more of a marketing and social solution However, it will be difficult to answer which one will be more effective. I believe that a combination of both will be more effective than a single solution.
What according to you will be the most non-essential killer app with 3G and why?
Any application which is related to quickly making money will be a killer app. For example, when the lottery ticket was not doing well, someone came with an idea of 'single digit lottery', which was a huge success, although everyone knew it is a gamble, however, it was a big hit. I am definitely not recommending any gambling application, but anything related to 'earning money' will be a success.source
Smartphones with their superior quality video and high bandwidth applications are becoming more affordable, which is leading to the sharp rise in cyber crime.If stringent laws are not enforced, there will be a significant increase in cyber crime as consumers have easy access to 3G and high bandwidth apps. The Indian government has issued a regulatory policy to prevent access to prohibited websites which all Indian telecom operators need to ensure using appropriate filtering irrespective of whether internet traffic is generated from a mobile device or a desktop. Access to malicious websites and malicious mobile applications will increase significantly due to the immaturity of mobile OS (Operating System), lack of security awareness by users and limited mechanisms to test mobile applications for malicious code and security flaws.
Is there a way to separate the useful apps from the other ones, or provide some security or code for certain applications, while blocking others?
Yes, there is way to handle this. Technically speaking, restrictions can be placed on the applications and internet services in such a way that everyone cannot access all the websites. An example is mobile security both at the application level and at the network level. If you look back, most of the cybercrimes are related to either money (such as credit card, mobile banking, land related, political etc.) or adult sites. So, any applications/services that access resources related to the above needs to be controlled. For example, all the outgoing HTTP/HTTPS traffic needs to be investigated before access is provided. These would be some of the ways to separate the useful applications from crime related applications. Tech Mahindra has developed a unique and proprietary service based on its extensive mobile and security capability to test binary and application source for embedded malware and security flaws. The certification service launched recently has already completed extensive security testing of over 15000 mobile applications. We found around that 3% of these were malicious.
How secure will 3G apps be, and are you doing anything to promote this security aspect?
3G will usher in an era of video communication and new multimedia applications as opposed to 2G which is more data oriented. Essentially the security risk remain the same. However, I see a greater risk of pornography and sexual harassment.We are in the process of including the security aspects into mobile apps and VAS services. We would like to put some guidelines for the newer applications to be secure enough for usage.
In big enterprises, how would one keep a tab on what is being downloaded using office internet synchronized with a 3G mobile phone?
The simplest method is to ensure that USB ports are blocked. The other way to keep tabs is to analyze USB logs, which is an expensive proposition. The IT manager may also keep a tab on the employees and tighten security through a firewall, proxy servers, password enabled WiFi at an advanced level and monitoring the outgoing traffic. However, if there is too much of monitoring or checking, then speed becomes too slow. So one has to be a bit smart on what needs to be monitored.
Do you believe that 3G will promote cybercrime, and what steps do you suggest can be taken to avoid this?
Cybercrime is here to stay irrespective of whether 3G is here or not. The primary reason for increase in cybercrime is the avalibity of financial services over mobile devices.
I suggest the following to avoid cybercrime:
• By creating secure mobile applications and services (a technical solution)
• By creating the awareness of cybercrime and educating the people about the potential risks and crimes through advertisements, media etc. which is more of a marketing and social solution However, it will be difficult to answer which one will be more effective. I believe that a combination of both will be more effective than a single solution.
What according to you will be the most non-essential killer app with 3G and why?
Any application which is related to quickly making money will be a killer app. For example, when the lottery ticket was not doing well, someone came with an idea of 'single digit lottery', which was a huge success, although everyone knew it is a gamble, however, it was a big hit. I am definitely not recommending any gambling application, but anything related to 'earning money' will be a success.source