“It’s tragic that most people can’t discern the difference between hacking and ethical hacking,”- Mr. Milind Agarwal, Founder (CCAS)
The Global Hues received the opportunity to connect with Mr. Milind Agarwal – a certified cybercrime investigator and a certified forensic expert from Jaipur. He is the founder of India’s first NGO working for Cyber Crime Investigation, called the Cyber Crime Awareness Society (CCAS). The NGO has been established by IT experts and Police officers with the aim to help the victims of cybercrime. His claim to fame was the famous ‘GoldSukh’ case that he solved at the age of 21 & the various milestones he achieved by working with intelligence agencies to combat terrorists.
Mr. Milind Agarwal shared that his inclination towards cybersecurity sprouted in his schooldays and by the time he was an engineering undergraduate, he was already involved in solving multiple cybercrime cases during a sudden surge in Jaipur in 2011-2012.
COMMON MISCONCEPTIONS ABOUT ETHICAL HACKING
“It’s tragic that most people can’t discern the difference between hacking and ethical hacking,” says Mr. Milind Agarwal. He further explained the fundamentals of ethical hacking as – authorized practices of bypassing networks & vulnerabilities. This is a planned, approved, and legal way of hacking. Businesses – big and small can benefit highly by employing ethical hackers. It can practically save the company a fortune by resisting destructive cyber attacks. Mr. Milind recounted the story of a case that appeared before him just a day before this interview was conducted. It was regarding a man from Dehradun who was watching videos on a popular channel of YouTube when he saw a comment from a user, trying to sell bitcoin in the comments section. This user had put out his Whatsapp number and succeeded in absconding the man of 50 lakh rupees. During the month of March and April, hackers are known to duplicate sites of income tax e filing returns and carry out Phishing attacks. Cybercrime is a hidden epidemic that can bring prosperous organizations down to their knees and rob individuals of their lifetime savings. Therefore, investing in cybersecurity is imperative to the well-being of an organization, a multi-dollar company, or a start-up, and overlooking it could prove to be a very risky affair. “Yet”, says Mr. Milind Agarwal “there is a deep ignorance about ‘ethical hacking’ among parents”. According to him, most parents are caught off-guard simply after hearing the word ‘hacking’ and want their kids to have nothing to do with it. This unwittingly makes an interested student stifle his/her desires or practice their work secretively stowed away from their families. Following one’s passions in a way that is secretive and suppressing is no recipe to a bright successful career. Through our platform, Mr. Milind Agarwal urged parents to not stay misinformed about the field of ethical hacking, which in today’s digital age offers a plethora of opportunities for its takers. He also urged businesses to not be so naive to think that their data was secure simply by downloading an anti-virus to their system.
RESISTING CYBER ATTACKS: ETHICAL HACKERS & ARTIFICIAL INTELLIGENCE
On being asked if companies should hire ethical hackers, as a rule, his answer was a big irrefutable ‘YES’. He explained that despite most companies following the regular cyber safety protocols and running cybersecurity audits every month, they were still under threat from the highly unprecedented skills of a hacker who has decided to take the organization down. In these scenarios what’s crucial is a real-time counterattack from ethical hackers.
He also claimed ‘Artificial Intelligence’ to be another major weapon against cybercrimes along with ethical hackers. This is due to the fact that Artificial Intelligence involves user behavior analytics and is brilliant at detecting bugs. He informed us that according to the CISCO survey, it was discovered that about 95% of cyber-attacks are detectable by Artificial Intelligence. The intrusion is detected as soon as it approaches a system and disabled right there. Artificial Intelligence or Ethical Hackers, either can be chosen by companies to shield themselves against the attacks.
A LAYPERSON’S GUIDE TO PREVENTING A CYBER ATTACK
When asked what preventive measures a layman could take in resisting a cyberattack, his prompt answer was “ by using basic common sense”. One must be vigilant enough to apply basic common sense while downloading any application on their phones or desktops. Not reading the terms & conditions section would be a clear invitation to an attack at our own peril. Another blunder that compromises the security of an organization/individual is the use of the same or similar passwords throughout their social media and bank accounts. According to him, it is crucial to have completely different passwords for social media, bank accounts, and other platforms. He advised us to never contact the random contact numbers, hackers, or freely share under the comments section of popular YouTube videos as they could be potential baits. Some of these criminals can also create a fake duplicate of somebody’s Facebook ID and carry out unlawful activities through it. Locking one’s profile could ensure safety from such an attack.
Basics regarding effective cybersecurity solutions for businesses include hiring cybersecurity personnel, carrying out security auditing, always keeping a backup of their data servers, etc. There are companies that use platforms such as WordPress.com in order to create their websites. Doing this involves third-party plug-ins, which render these companies vulnerable to cyberattacks. Intrusion detection servers should be installed on every business account and anti-virus software must be kept updated. There have been cases of employees selling the personal data of a company to competitors outside after having left the job. To avoid this, proper regulations and legal formalities must be laid out for the employees. If a company is providing internet access to its employee who ends up using it in carrying out unlawful activities, it is the company that will be considered liable and responsible.