• CYBERSECURITY & cybercrime

Saket Modi loves long flights. The 26-year-old hacker likes to do most of his reasoning while criss-crossing the world. It was on one such flight from the United States to India that the co-founder of cyber security start-up Lucideus Tech read about India’s largest data security breaches. While surfing the in-flight Internet he came to know that the security of about 3.2 million debit cards had been compromised.

“I was not surprised but I started thinking about how it would have happened. What was the ‘exploit’ used, how long was it there,” said Mr. Modi. Soon after reaching New Delhi, he received multiple requests from several banks and organisations to protect them from the hacking incident, which is just one of the thousands of cybercrimes that the country is facing.

In India, there has been a surge of approximately 350 per cent of cybercrime cases registered under the Information Technology (IT) Act, 2000 from the year of 2011 to 2014, according to a joint study by The Associated Chambers of Commerce and Industry of India and consulting firm PricewaterhouseCoopers. The Indian Computer Emergency Response Team (CERT-In) has also reported a surge in the number of incidents handled by it, with close to 50,000 security incidents in 2015, noted the Assocham-PwC joint study.

Ethical hackers

Mr. Modi is among a new breed of ethical hackers-turned-entrepreneurs who are betting big on this opportunity. An ethical hacker is a computer expert who hacks into a computer network on the behalf of its owner in order to test or evaluate its security, rather than with malicious or criminal intent.

“You cannot live in a world where you think that you can’t be hacked. It doesn’t matter who you are,” said Mr. Modi who cofounded Lucideus four years ago. The company clocked revenues of Rs.4 crore in the last fiscal. This compares with the Rs.2.5 lakh revenues in the first year. The New Delhi-based firm now counts Reserve Bank of India, Ministry of Defence and Standard Chartered among its top clients.

Mr. Modi, who is also a pianist, discovered his skills for hacking into secure computer systems while preparing for his board exams. He hacked into his school computer and stole the chemistry question paper, after realising that he would not be able to clear the test conducted by his school. However, a guilty conscience compelled him to confess to his teacher who permitted him to still take the test. The incident transformed him to use his skills to protect and not misuse them. This year, Lucideus was hired by National Payments Corporation of India (NPCI) along with other information security specialists to protect its most ambitious project, the Unified Payment Interface (UPI) platform, from cyber attacks. UPI aims to bring digital banking to 1.2 billion people in the country. Lucideus has a team of 70 people mostly fresh college graduates who do hacking with authorisation.

“The reason behind choosing Lucideus was their young, energetic and knowledgeable team,” said Bhavesh Lakhani, chief technology officer of DSP BlackRock, one of the premier asset management companies. Mr. Lakhani said that India is currently the epicentre of financial and technological advancements which make it a probable target of cyber-attacks.

Hacking lifeline

Indeed, a new breed of cyber criminals has emerged, whose main aim is not just financial gains but also cause disruption and chaos to businesses in particular and the nation at large, according to the Assocham-PwC study. Attackers can gain control of vital systems such as nuclear plants, railways, transportation and hospitals. This can subsequently lead to dire consequences such as power failures, water pollution or floods, disruption of transportation systems and loss of life, noted the study.

“The hacker doesn’t care whether he is attacking an Indian or a U.S. company. It is bread and butter for him and he wants to eat it wherever he gets it from,” said Trishneet Arora, a 22-year-old ethical hacker. In an office tucked away in Mohali, a commercial hub lying adjacent to the city of Chandigarh in Punjab, Mr.Arora fights these cyber attacks on a daily basis to protect his clients. His start-up TAC Security provides an emergency service to customers who have been hacked or are anticipating a cyber attack. It alerted a hospital in the U.S. after detecting vulnerabilities in their computer network.

Mr. Arora said that the hackers could have easily shut down the intensive care unit which was connected to it and remotely killed the patients. TAC said the data server of a bank in the UAE containing critical information got hacked recently. The bank also lost access to the server. TAC said that it not only helped the organisation to get back access to the server but also traced the hacker’s identity.

A school dropout,  Mr.Arora founded TAC three years ago. But he initially found it tough to convince enterprises about his special skills. “I was a backbencher in the classroom and not good in studies, but I loved playing video games and hacking,” he said. He conducted workshops on hacking and provided his expertise to law enforcement agencies such as the Central Bureau of Investigation and various State police departments. His firm now provides its services to customers such as Reliance Industries, dairy brand Amul and tractor manufacturer Sonalika.

“We were surprised by their expertise,” said R.S. Sodhi, managing director of Amul. “We wanted to be sure that the company’s vital IT infrastructure is in the right hands – the big question was, ‘Who can that be?’ In TAC, we found that team.”

TAC expects to cross revenues of $5 million (Rs.33 crore) and employ about 100 ethical hackers by next year.

Budget woes

Security watchers such as Sunil Abraham, executive director of Bengaluru-based think tank Centre for Internet and Society said that India’s cyber security budget is woefully inadequate when compared to the spending by other countries. In 2014-15, the government doubled its cyber security budget by earmarking Rs.116 crore. “We require a budget of $1 billion per annum or every two years to build the cyber security infrastructure. The current cyber security policy has no such budget,” said Mr. Abraham.

According to Data Security Council of India (DSCI), India’s cyber security market is expected to grow nine-fold to $35 billion by 2025, from about $4 billion. This would mainly be driven by an ecosystem to promote the growth of indigenous security product and services start-up companies.

The Cyber Security Task Force (CSTF) set up by DSCI and industry body Nasscom expects to create a trained base of one million certified and skilled cyber security professionals. It also aims to build more than 100 successful security product companies from India. Investors who normally focus on e-commerce ventures or public markets are now taking note of this opportunity and are betting on such ventures. Amit Choudhary, director, MotilalOswal Private Equity and an investor in Lucideus, said he saw tremendous opportunity in the cybersecurity market as hackers are shifting their focus from developed countries to emerging countries like India.





  • Coordinates of safety

If we go by the National Crime Records Bureau reports, incidence of serious crimes against women rose from 237 per day in 2001 to 313 per day in 2015. These crimes include rape, kidnapping and abduction, dowry deaths and cruelty by husbands and relatives. Minor girls, adolescent and old women are frequently victims of brutal rapes and murders. Of these crimes, 30 per cent were rapes (including intent to rape). Higher incidence of crimes during 2001-2015 coupled with low conviction rate of 21 per cent of cases reported suggests that women are more vulnerable to serious crimes.

Women’s vulnerability varies enormously across States. Incidence of serious crimes was as high as 75 per lakh women in Delhi in 2015 as against approximately 5 per lakh women in Andhra Pradesh and Tamil Nadu.

There are huge gaps in incidence of crimes between the three worst and the three best States. The three worst States in 2001 — Delhi, Haryana and Assam — remained largely unchanged in 2015, with Assam replacing Haryana as the second worst State. The best performers, however, changed during this period. Nagaland, Meghalaya, and Sikkim displayed the lowest incidence of crimes in 2001 but the top two were replaced by Andhra Pradesh and Tamil Nadu in 2015. However, across States, the overall concentration of serious crimes did not change significantly. For example, the three States (Uttar Pradesh, Rajasthan and Maharashtra) that accounted for 37 per cent of the crimes in 2001 were responsible for a slightly lower share of 34 per cent in 2015.

Factors behind inter-State variations

Here we focus on two related questions: (i) Why have crimes against women risen between 2001 and 2015? What are the factors associated with huge inter-State variation in these crimes in 2015? As answers to these questions lie in the interplay of affluence of a State, religion, demographics including female/male ratio, employment opportunities for women, their literacy, rural/urban population ratio, quality of governance in the State and media exposure, we carried out a detailed analysis that allows us to assess their individual and joint contributions to variation of serious crimes over time and across States.

Our analysis reveals the following effects. A 1 per cent increase in State GDP (per capita) is associated with a 0.42 per cent reduction in the incidence of serious crimes. It follows that greater affluence is accompanied by a reduction in such crimes. If alcoholism and substance abuse are lower among men, or if these addictions are better treated in more affluent States, sexual or physical assaults on women are less likely.

Another factor is the sex imbalance measured as the number of females per 1,000 males. The sex ratio norm is 950. India’s ratio was below this (944 in 2015). A one per cent increase in the sex ratio lowers serious crimes against women by 8 per cent. Indeed, a skewed sex ration more than undermines the affluence effect. So, if Delhi and Haryana continue to be the worst States despite being affluent (relative to, say, Andhra Pradesh), it is largely because of the abysmally low sex ratio in these two States. While the sex ratio increased in several States but remained low (Uttar Pradesh, Delhi, Haryana and Rajasthan), in others (Bihar, Maharashtra) it remained low and barely changed.

Other influential factors include female literacy and labour force participation. Female bargaining power depends on both their literacy and outside employment. However, the evidence also suggests a backlash in which male spouses — especially those who are unemployed — assert their superiority by retaliatory physical and sexual violence. Our analysis points to a favourable joint effect of female literacy and labour force participation, though the positive individual effects of female literacy and labour force participation are larger. If brutality in marriage becomes unbearable, exit options for women who are both literate and employed become more viable for them. Promoting both jointly is likely to be more effective in curbing domestic violence against women.

A somewhat surprising finding is that the higher the rural/urban population, the higher the incidence of serious crimes against women. A one per cent decline in the rural/urban population ratio is associated with a reduction of 0.4 per cent in the incidence of such crimes. Even though such crimes in urban areas have greater visibility in the media, the grim reality is that women in rural areas are more vulnerable. Despite likely under-reporting of such crimes, it is revealing that rural women more often seek remedial action against them. This, of course, doesn’t imply that they are more likely to succeed.

Although cultural norms and context take diverse forms — whether, for example, it is a matriarchal or patriarchal society — religion is one key dimension. Classifying the populations into Hindus and Muslims, we find that in both groups women are vulnerable to serious crimes but more so among the former. A one per cent increase in the share of the Hindus increases such crimes by 1.64 per cent — double the incidence among Muslims. That a greater frequency of wife-beating and dowry-related violence among Hindus — in extreme cases “bride burning” — still persists is worrying.

Exposure to media — captured through readership of newspapers in English and major Indian languages — has two effects: one is better reporting of crimes and perhaps, more importantly, a crime deterrence effect. It is difficult to separate the two and so the combined effect is that a one per cent increase in readership is associated with a 1.9 per cent reduction in such crimes. The Delhi gang rape case of 2012, for example, wouldn’t have sparked a national uproar and led to the speedy arrest of the perpetrators without sustained media activism.

Governance, a key determinant

Nobel laureate Amartya Sen has emphasised that rape and other serious crimes against women are closely intertwined with inefficient policing and judicial systems, and callousness of society. So the quality of governance in States is key to understanding the huge variation in incidence of serious crimes against women. In a recent but ambitious study this year led by economist Sudipto Mundle, 19 States have been ranked on the basis of a composite indicator of governance in 2001 and 2012. This indicator combines five criteria — infrastructure, social services, fiscal performance, justice, law and order, and quality of the legislature. Even if some State rankings are intriguing because of the failure to take into account rampant political corruption, it is significant that the best five and the worst five performers remained largely unchanged during 2001-2012. Subject to this caveat and the fact that 2015 is not covered, using this measure of governance, we find that the incidence of serious crimes against women declines with better governance.

In conclusion, if the crimes against women rose despite greater affluence and a slight increase in the sex ratio during 2001-15, the answer must lie in likely deterioration of governance and persistence of low sex ratios in certain States. Illustrative cases include Bihar, Delhi and Maharashtra.


  • Journalism’s return to oppositional roots

A group of journalists, writers and academics gathered last Wednesday in Kathmandu to bid farewell to the only Southasian magazine, Himal South Asian , even as the news of Donald Trump’s victory was trickling in. Aunohita Mojumdar, editor of Himal , wrote a thoughtful piece, “Chronicle of a death not foretold”, about the sophistication in censorship processes and the refined methods that are being used now to undermine freedom of expression. “The means used to silence Himal are not straightforward but nor are they unique. Throughout the region one sees increasing use of regulatory means to clamp down on freedom of expression, whether it relates to civil-society activists, media houses, journalists or human-rights campaigners. Direct attacks or outright censorship are becoming rarer as governments have begun to fear the backlash of public protests. Strangulation, through the use of bureaucracy, is gaining ground and has several obvious advantages,” she observed.

The external pressures on the media are now well documented, and Ms. Mojumdar’s article is a testimony to the difficult environment in which journalists and media organisations operate. This is one part of the story. The other part is the internal crisis in the way the media reports, investigates and provides context. For nearly two centuries, this profession was guided by cardinal principles that stood in good stead. However, the digital disruption has brought in its wake a new sense of uncertainty. The last two of my columns looked at some of the shortcomings in business reporting. But the limitations are not restricted to business reporting alone.

An unfortunate trend

In the last three-four years, the media seems to be missing ground realities more often than it did in the past. Internationally, it was not just Mr. Trump’s victory that missed the media radar. Brexit, the re-election of Recep Tayyip Erdogan in Turkey, and the failure to predict a conclusive victory for Justin Trudeau’s Liberal Party in Canada are some major examples. In India, in 2014, every reporter suggested that the Bharatiya Janata Party-led National Democratic Alliance would form the government, but no one anticipated the majority by which the BJP would win. The failure to read the ground situation continued with the Aam Aadmi Party’s victory in Delhi and the Janata Dal (United)-Rashtriya Janata Dal combine’s brilliant show in Bihar. For a section of journalists, this internal scrutiny is seen as self-flagellation at a time when the media is haemorrhaging due to digital disruption.

I am convinced that an open discussion, which includes readers and journalists in equal measure, may throw up some possibilities to address the present crisis. My wish is for a robust media. The present set of mediations are aimed at finding means and methods to make media vital in disseminating credible information. One can take some comfort from the fact that Mr. Trump’s victory or the Brexit referendum were based on factors that were beyond facts. We may even legitimately ask, what can journalism do when facts are no longer sacrosanct? I broadly agree with The Guardian ’s Katharine Murphy’s article, “Don’t blame the media: Trumpland is a place where truth doesn’t matter”. She wrote: “There have been mass mea culpas from various columnists apologising for various deficiencies, including a failure to understand the undercurrents of Trump’s success. There are two problems with this rush to hate and self-hate… The failure we have to confront, the reality we can’t avoid, is that we are doing the work, journalism is pulling out all the stops, we are doing everything in our power to rise to the occasion in times when our collective commercial reality makes it hard to rise to the occasion — but our work isn’t cutting through.”

Two separate universes

But the problem with this argument is that it fails to recognise the two distinct universes that are at play. If we accept that mainstream media is the public sphere which reflects the multiple realities of our world, then we do not have a credible answer to this nagging question: how can we explain the existence of parallel universes which hardly intersect and interact in our day-to-day coverage?

Joshua Benton, director, Nieman Journalism Lab, argues that the forces that drove this election’s media failure are likely to get worse. He wrote: “One way to think of the job journalism does is telling a community about itself, and on those terms the American media failed spectacularly this election cycle. That Donald Trump’s victory came as such a surprise — a systemic shock, really — to both journalists and so many who read or watch them is a marker of just how bad a job we did. American political discourse in 2016 seemed to be running on two self-contained, never-overlapping sets of information.”

Kyle Pope, editor-in-chief and publisher of the Columbia Journalism Review , was more unsparing. He conceded the problems posed by social media and the echo chambers, the limitations that flow from brutal economics of the news business, and reporters’ decision to laugh off a candidate whose views and personality seemed so outside the norm of a serious contender for the White House. “While all those things are true, journalism’s fundamental failure in this election, its original sin, is much more basic to who we are and what we are supposed to be,” he wrote. He calls for journalism’s return to oppositional roots. His idea of saving the profession: “We need to embrace, even relish, our legacy as malcontents and troublemakers, people who are willing to say the thing that makes everyone else uncomfortable.” The issue in front of us is multifaceted and needs a sustained dialogue. I hope this column can be the site for the regeneration of ideas.