Indians Now Spend More Time on Social Media Sites than on Personal Email

Social Media has now become part of everyday life for a majority of online Indians. According to a study on social media usage by The Nielsen Company conducted in collaboration with AbsolutData, nearly 30 million Indians who are online are members of social networking sites and about two-thirds of them spend time on these social networking sites daily. More importantly, Indians spend more time on social media than they do using personal email. According to the study, an equal number spend up to an hour on social networking and email. However while just 8 percent spend between an hour and three hours on personal email, 20 percent spend the same time on social media sites.

“Social media is now ingrained in the way tech savvy Indians live their lives. With its ability to play multiple roles in an individual’s life by enabling shared experiences, creating linkages between communities and satisfying the need to be networked, its role in creating a deeper engagement is a boon to marketing,” said Adrian Terron, Vice President of Global Communications and Marketing for Nielsen.

“The social web appears to have gone beyond supplementing communication. Online Indians today are using social media to facilitate activities that range from leisure like entertainment, improving their livelihood through job searches and researching prospective partners,” said Suhale Kapoor, EVP, AbsolutData.

What Social Growth Means for Brands in India
Social media is also gathering momentum rapidly. Based on the current rate of growth and the intention of online Indians to participate in social media, the study estimates that over the next six months 45,000 online Indians intend to join social networking sites each day.

When asked about the awareness of brands on social media, a fourth of online Indians were able to recall brands using social media. Of those consumers who are on social networking sites, a small but growing number claim to be following brands on these platforms.

“This indicates that no single brand ‘owns’ the social media space and that the opportunity to become a ‘social’ brand is overwhelming. Given that, having a social media presence connotes ‘innovation’ ‘customer friendliness’ and a sense of ‘cool,’ brands should only ignore this aspect at their own peril,” continued Terron.

Brand engagement through social media on the rise
Nearly 40 million Indians are using online reviews to inform purchase decisions – 67 percent of Indians who are on the web use online reviews to help them make purchases. As personal opinion gains currency on the social web, online users are seeking various outlets to express themselves, be it blogs or social media sites.

Increasingly, Indians also want brands to communicate with them using social media. 60 percent Indians who are social media users are open to being approached by brands indicating that social media has the ability to change the dynamic between brands and consumers who are typically time-starved and may consider traditional forms of advertising obtrusive and undesirable.

This emerging behavior points to the fact that brands need to deliver on consumer expectations much more than ever before, in a world where consumer opinion and brand advocacy, or criticism propagates through social networks much faster than ever before.

 

India Home for Phishing Emails: X-Force 2010 report

IBM has released results from its annual X-Force 2010 Trend and Risk Report, highlighting that public and private organizations around the world faced increasingly sophisticated, customized IT security threats in 2010. According to the report India was the top country for phishing email origination in 2010 at 15.5 percent, followed by Russia at 10.4 percent. Spam has continued to incline and grow continuously in India from spring 2009 to autumn 2010. The report highlights that U.S., India, Brazil, and Vietnam were the top four spam-sending countries, accounting for nearly one third of worldwide spam.

Based on the intelligence gathered through research of public vulnerability disclosures, and the monitoring and analysis of more than 150,000 security events per second during every day of 2010, key observations from the IBM X-Force Research team included:

More than 8,000 new vulnerabilities were documented, a 27 percent rise from 2009. Public exploit releases were also up 21 percent from 2009 to 2010. This data points to an expanding threat landscape in which sophisticated attacks are being launched against increasingly complex computing environments.

• The historically high growth in spam volume leveled off by the end of 2010. This indicates that spammers may be seeing less value from increasing the volume of spam, and instead are focused on making sure it is bypassing filters.
• While overall there were significantly fewer phishing attacks relative to previous years, “spear phishing,” a more targeted attack technique, grew in importance in 2010. This further indicates that cyber criminals have become more focused on quality of attacks, rather than quantity.
• India along with USA, Brazil, Vietnam, and Russia are the top five countries for spam origination in 2010
• As end user adoption of smartphones and other mobile devices increased, IT security departments have struggled to determine the right way to bring these devices safely into corporate networks. Although attacks against the latest generation of mobile devices were not yet widely prevalent in 2010, IBM X-Force data showed a rise in vulnerability disclosures and exploits that target these devices.

“From Stuxnet to Zeus botnets to mobile exploits, a widening variety of attack methodologies is popping up each day,” said Pradeep Nair, Director, IBM Software Group, IBM ISA. “The numerous, high profile targeted attacks in 2010 shed light on a crop of highly sophisticated cyber criminals, who may be well-funded and operating with knowledge of security vulnerabilities that no one else has. Staying ahead of these growing threats and designing software and services that are secure from the start has never been more critical. We have seen significant increase in interest from clients in India to enhance the reliability of their security infrastructure.”

The report also discusses the security trends and best practices for the emerging technologies of mobile devices and cloud computing.

Cloud Computing — The report highlighted a shift in perception about cloud security as adoption continued to evolve and knowledge around this emerging technology increased.

Mobile Devices — Organizations are increasingly concerned about the security implications of personal mobile devices used by employees. Organizations must ensure control of their data regardless of where it is, including employee-owned or business-issued smartphones.

Additional trends highlighted in the report included:

The new, sophisticated face of cyber crime — From a security standpoint, 2010 is most remembered as a year marked by some of the most high profile, targeted attacks that the industry has ever witnessed.

Asia becomes top spam continent: India contributes 7.1% to worldwide spam

Security firm Sophos has published its latest report into the top twelve spam relaying countries, covering the first quarter of 2011. Despite remaining at the top, the USA’s proportion of the global spam output fell significantly from 18.83% to 13.7% of all spam relayed from compromised computers. The United Kingdom also saw a drop, with its spam pollution falling from 4.54% to 3.2% of total global spam relayed, the UK moving down from fifth to sixth place in the dirty dozen. India was seen as the biggest contributor to Spam in Asia, contributing to 7.1% of worldwide spam.

Sophos warns that the continued growth in popularity of mobile platforms and social networking means that the number of spam attack vectors is increasing and computer security still needs to be at the forefront of people’s minds.

“Although the USA and UK contribution to the global spam problem has decreased in percentage terms, it is essential for organizations not to become complacent,” said Graham Cluley, Senior Technology Consultant at Sophos.

“Financially-motivated criminals are controlling compromised zombie computers to not just launch spam campaigns, but also to steal identity and bank account information. Users need to be educated about the dangers of clicking on links or attachments in spam mails – and many computers may already be under the control of cybercriminals. Businesses and computer users must take a more proactive approach to spam filtering and IT security in order to avoid adding to this global problem.”

Cybercriminals targeting consumers through social network viruses and data theft

The next time you are prompted to enter your facebook or twitter password after clicking on some nice ad, make sure the location bar of the browser says ‘facebook.com’ or ‘twitter.com.’ Moving beyond their favorite targets, the corporates, cybercriminals are now targeting the least secure users of all, the end consumers, notes the latest Microsoft Security Intelligence Report.

Gone are the days of alluring emails asking you to part with your bank account details to claim your million dollar prize, cyber criminals now prefer to ‘hang out’ at your favorite social networking site. According to the Security Intelligence Report — a quarterly security-related update from the World’s biggest software firm Microsoft — social networks accounted for 84.5 percent of all attempts to steal personal data from users in December 2010.

In comparison, only 8.3 percent of all such attempts — known as phishing — occurred through Social Networks in January 2010. There has been an increase of 1200 percent in phishing through social networking sites, as these venues have become lucrative hot beds for criminal activity, the report warns.

The attacks take the form of advertisements and links on Facebook and other social networks — legitimate marketing campaigns and product promotions, but are actual just traps to steal your data. They take the form of pay-per-click schemes, false advertisements, or fake security software sale.

“Social networking is on a high and cybercriminals and these sites have creates new opportunities for cybercriminals to not only directly impact users, but also friends, colleagues and family through impersonation,” says Sanjay Bahl, Chief Security Officer, Microsoft India.

The ultimate aim is to get users to download and install their programs, which will then make use of their computer to spread itself as well as to steal all kinds of data entered through the computer. Social networking viruses, Microsoft points out, is especially risky in India since the country has some 50 million (5 crore or 4% of the population) social networking users.

Interestingly, Microsoft owns 5% of Facebook — a site whose revenues may be hit if people stopped clicking on its ads.

According to the report, the most common category of unwanted software in India was Worms, which affected 42.5 percent of all infected computers, down from 45.4 percent in the last quarter. Worms are self-replicating programs.

The second most common category in India was Misc. Trojans, which affected 33.9 percent of all infected computers, down from 34.5 percent from the last quarter. Trojans, which may also be worms, also have the additional characteristic of being harmful to the user and are often used to steal data.

India announces Internet censorship law

The growing Chinese aggression seems to have motivated India to follow suit, but perhaps in the wrong context. China was recently rated as the most restricted country in terms of Internet censorship. And, if India’s new censorship laws are enforced, India could be right be in the league of countries with most restricted Internet usage policies.

The new Information Technology Rules, 2011 lists down all the content restrictions that an ISP, cloud provider or a hosting provider needs to impose on bloggers, online news websites and individuals. It also defines the time frame within which the ‘intermediary’ needs to pull down a website or a blog in case any violation of the rules is observed. The new rules not only define censorship laws but also allows the government to abuse terms such as ‘invasion of another’s privacy’, ‘defamation’, ‘harassment’ and ‘threat to the nation’. China has already been prosecuting people exercising free speech by terming the content as ‘threat to nation’ etc.

According to IT Rules 2011,  Sub Rule 2, “Users shall not host, display, upload, modify, publish, transmit, update or share any information that is grossly harmful, harassing, blasphemous, defamatory, obscene, pornographic, paedophilic, libellous, invasive of another’s privacy, hateful, or racially, ethnically objectionable, disparaging, relating or encouraging money laundering or gambling, or otherwise unlawful in any manner whatever;”

Additionally, Sub Rule 2 also states that users may not publish anything that threatens the unity, integrity, defence, security or sovereignty of India, friendly relations with foreign states, or public order or causes incitement to the commission of any cognisable offence or prevents investigation of any offence or is insulting any other nation.

Sub rule 4 states that

“(4) The intermediary (ISP, hosting companies etc), on whose computer system the information is stored or hosted or published, upon obtaining knowledge by itself or been brought to actual knowledge by an affected person in writing or through email signed with electronic signature about any such information as mentioned in sub-rule (2) above, shall act within thirty six hours and where applicable, work with user or owner of such information to disable such information that is in contravention of sub-rule (2). Further the intermediary shall preserve such information and associated records for at least ninety days for investigation purposes.”

Leaving so much power in the hands of the ISPs may not be a good idea for a country like India where there are highest number of complaints to shut down Facebook pages and profile as ‘someone’ finds them offensive. Now, instead of first battling out a complaint in the court of law, the ISP would straight away block your website in case your content seems offensive to someone.

Sub rule 7 on Interception states that: “When required by lawful order, the intermediary shall provide information or any such assistance to Government Agencies who are lawfully authorised for investigative, protective, cyber security activity. The information or any such assistance shall be provided for the purpose of verification of identity, or for prevention, detection, investigation, prosecution, cyber security incidents and punishment of offences under any law for the time being in force, on a request in writing stating clearly the purpose of seeking such information or any such assistance.”

The previous version of the order did not allow intermediaries to disclose personal information, but there the Indian government is clearly ensuring that it can access information.

East West Institute warns of a 9/11 type attack on global Internet

World’s top ‘track 2 diplomacy’ institution and New York-based think-tank, the East West Institute has warned of a ‘9/11 type’ of attack on the undersea cables that connect India to the rest of the world.

Addressing Indian telecom secretary R Chandrasekhar and officials of the Indian home ministry, the founder of the 30-year-old think-tank, John Edwin Mroz, said he expects a “massive 9/11” type of attack on the Internet very soon. Mroz was instrumental in leading to the establishment of an agreement in 1984 between the Nato and the Soviet block to alert each other of troop movements.

“We have to address the cockpit door in cyber security,” Mroz said, referring to the security flaw in cockpit doors that allowed the 9/11 terrorists to force their way in and attack the plane pilots. “We have to do it before the 9/11 type of attack occurs,” he added. The institute specializes in building bridges between major governments to overcome global security concerns.

In its presentation, the Institute highlighted the possibility of terrorist attacks on the core backbone of the Internet — the under-sea cables that carry nearly all of its traffic from one corner of the world to another.

“There are three major chock points for the Internet and unfortunately, India is right in the middle of all three,” said Karl Rauscher, chief technology officer of East West Institute.

The three ‘chock points’ for undersea cables are the Luzon strait between China and Taiwan, the Malacca strait between India and Sri Lanka and the Red Sea between Saudi Arabia and Africa.

Between Africa and Asia, for example, all the handful of undersea cables connecting India to Europe and the US pass through an area that is only around 500 metre wide, raising the possibility of a bomb attack or a simple ‘snag and snap’ attack.

The cables are laid at a depth of around 1 metre under the sea-bed, but are often exposed due to movement of the sand. India’s only alternate route of connectivity to the US, through the Luzon straits, too can be compromised by a co-ordinated attack, leaving the country without connectivity to US and Europe.

“The results can be disastrous. Eespecially due to the dispersed nature of the world’s financial services industry.. For big financial hubs like London or New York, there is just no plan B if the Internet goes down,” Rauscher added.

The alternatives suggested by the group primarily revolve around opening up of non-traditional routes for laying sub-sea cables and easing the movement of repair ships through national waters.

The telecom secretary, on his part, said India is setting in place a ‘command structure’ to address issues of cyber security.