Overview ISO 27001 Certification Application Security Testing Vulnerability Management Malware Monitoring Compliance Security Consulting Software Development Services

Overview IAM Authentication & Fraud PKI Information Protection Host Intrusion Defense System Antiphishing Brand & trademark protection SSL Certificates

Overview Financial Services Healthcare / Pharma Government Power / Energy / Utilities Manufacturing Software / ITes

Overview Technology Partners

By Domain Testimonials

About Us Vision & Mission Management Advisory Board Infrastructure Indusface News Indusface in News Careers Contact Indusface

data sheets

case studies

indusface in news

spotlight

corporate

70% websites vulnerable to cyber attacks

By: Parth Shastri | TOI | Apr 01, 2009

Experts Say It's Time Websites Up Security, After Allegations Of Chinese Spying In Cyberspace

Ahmedabad: Individual and corporate internet users in the state beware! Your web footprints are anything but safe. Cyber experts say designers focus more on customer-modified solutions instead of equipping sites with security features.

A study conducted by a Canada-based group on Chinese cyber spies, who have hacked into computers in 103 countries, has turned the spotlight on the issue. Before this study, the impact of hackers had not been assessed globally.

Gujarat-based IT experts feel the scenario is not very different in the state. At least five state government websites have been hacked and many more are vulnerable to attack. The state is consulting Gujarat Informatics Ltd (GIL) on the matter. Says city-based cyber crime expert Sunny Vaghela, "The Chinese model is closely followed by Pakistani hackers. Chinese hackers have used Shell programming to install a '*.exe' file in the web server that extracts necessary information from the source."

Nearly 70 per cent of small and medium IT companies have failed the international standards for web security. Not because the procedures are expensive, but because they are too apathetic to go for certification. "We get cases of phishing, data theft and even misuse of private information everyday," he adds.

In fact, there are various forums created by hackers to boast about the number of websites they have hacked. "It's tough to track down new-age hackers as after meddling with contents and even writing HACKED in bold across the site, they remove the data log," says Vaghela.

Chairman and managing director of Vadodara-based company Indusface, Ashish Tandon, says that though stringent norms by Sebi and RBI are in place, several websites used by customers don't have adequate security features. "Internet transactions are very user-friendly but not secure. If there's a flaw in basic coding, it exposes the site to attacks. Security measures have to be checked regularly and certification for authentication is a must," he says.

WEB SOLUTIONS
Ashish Tandon and Sunny Vaghela give TOI probable measures to tackle the menace:
The server host for websites and customer companies should go for periodic security checks and even hire professional hackers to see if they can penetrate security levels.

Apart from routers and USBs that provide internet, websites and servers should be secured. Customers should always look out for security certification of a website and an extra 's' after http in the web address.

Don't trust unfamiliar websites for cash transactions and check if any case of web attack has been reported against them. Be cautious about providing personal information on the web space.

For credit card transactions, check if the site is payment cards industry (PCI) compliant. Don't trust phishing websites that come with exact replica of private banks and ask for your account information.
Website Security Image

http://epaper.timesofindia.com/Default/Scripting/ArticleWin.asp?From=Archive&Source=Page&Skin=TOINEW&BaseHref=TOIA/2009/04/01&PageLabel=7&EntityId=Ar00700&ViewMode=HTML&GZ=T

Media Contact:
Beena Daryanani
beena.daryanani@indusface.com
Phone: +91 265 6562666/6562888