By Madhav Mohan
June 9, 2017
The report indicates that threat activity in India showed a significant increase over the last two weeks of December caused by a surge of Secure SHell (SSH) connection brute-force attempts. Interestingly, this surge was not seen globally. Please comment.
In SSH connection brute-force attempts, hackers try to get access of username and password in order to get administrative control and access to operating system. Organisations need to follow appropriate measures to prevent this. For instance, there are certain practices that should be followed if one is employing a Fortigate device in terms of configuration, system settings and policies. The best way to mitigate SSH connection brute-force attempts would be to change the username and password. Infact, passwords should be complex. For example, in the case of internet banking, it asks for alphanumeric characters.
How is Fortinet ramping up its operations in India so that enterprises are not a victim of ransomware this year?
We have a support team in India which gets ramped up every year, research and development (R&D) centers in Bengaluru and Hyderabad, and sales representatives across India. These representatives interact with customers and recommend the right solution. We also have a trainer to train system integrators, customers and partners. To look into DDoS threats, we have an R&D team based out of Hyderabad.
In the wake of digitisation, how should the Indian government tackle cybercrime?
At present, the government is laying emphasis on the development of smart cities. In a smart city, there will be smart lighting, smart meters and smart traffic control management. There can be severe disruption if someone gets control over the elements involved in a smart city. As everything is getting automated, the government needs to ensure infrastructure security. It needs to look at how other countries are dealing with the model of smart cities.
Which are the best practices CISOs should implement to reduce their mean time to detect and respond to threats?
CISOs should educate employees on cybersecurity. A fabricated mail without any malicious content can be sent to users to check their preparedness. This should be done to figure out who all open it. Infact, such drills should be a mandatory requirement for enterprises.
Moreover, they should be able to understand data sensitivity which can potentially cause threats to their organisation. At the same time, all employees should be aware of various threats which cannot be mitigated.
Coming to the business side of it, CISOs should also stay in touch with all stakeholders-CEOs, board of directors-to stay ahead in the market.