UPDATED 18-July: A tabloid in Mumbai named Mid-day has taken up a reporting campaign about the rampant loan app fraud that has robbed so many victims of their earnings and life savings. Almost every day, we read about people clicking on links or downloading apps or sharing OTPs – only to realize how naive and foolish they have been when they check their bank balances. Seniors or working professionals respond to calls from “bank managers,” electricity companies, and even “Income Tax officials” – warning of dire consequences like the disconnection of electricity unless one makes a payment. And these fraudulent “officials” sound so authoritative and convincing!
Can someone please explain why so many people are becoming victims of fraud?
You’ll find a satisfying answer to that question in this jargon-free book on cybersecurity. The author, Chaitanya, whom I have known for the past year, is a cybersecurity expert. Yet he does not throw jargon at you; he explains cybersecurity concepts in simple terms, using relatable analogies. For instance, he explains Risk Quotient in the introduction without mentioning the term. So, one does not need to have a background in technology or cybersecurity to understand the concepts that Chaitanya presents. He also busts myths, explains jargon, and gives engaging examples.
As one progresses through the book, it becomes clear that much of cybersecurity and fraud is about the commonsense, presence of mind, and the need to ask questions and verify. Fraudsters leverage human weaknesses like greed, impulsivity and fear.
How should you respond if you receive an SMS or a call from the electricity company that they have not received the payment? What if you paid the bill last week and received an acknowledgment? It doesn’t add up. Something fishy is going on. You need to visit the electricity company and verify this – NOT click on a link or talk to a stranger on the phone believing that he is an official from the utility company.
That’s the presence of mind and alertness we need to protect ourselves in a digital world. And yes, we also need to be aware of apps like TeamViewer, AnyDesk, and other remote access apps that these fraudsters ask us to install on our phones and computers.
The author adopts a storytelling approach to keep the reader engaged. He does not rush into cybersecurity because he wants the reader to have a good grounding in computers, networks, and the internet. How does it work? He patiently explains the internal architecture of a computer and what happens when we start a computer. How is data transmitted through the internet till it gets to its destination? He takes two chapters to explain all that. Because only with this foundation will you understand how bad actors manipulate weaknesses in networks to hack and steal your data and credentials.
In the cyberverse, we have digital assets or “crown jewels” that we need to identify and protect. Do you have visibility into your digital assets? You can’t protect what you don’t see. Your digital assets are your identities and your data. It includes your PAN, Aadhaar number, email address, social media handles, mobile phone number, bank account number, and credit card numbers. And then there is metadata – data about your usage patterns. Think about the number of times you have given away all this information when filling out online forms. Chaitanya shows us how to identify all our digital assets and then assign values based on importance and risk. He talks about the risks posed and shows us how to protect our crown jewels.
We also like his hands-on approach, and occasionally, he encourages us to try out different commands that sys admins and network administrators use. Simple commands that help us understand concepts such as IP address, TCP/IP, domain name system and other technical concepts. And these tools are already available with your operating system and run at the command prompt.
Privacy is an important part of cybersecurity and I was glad to see explanations about how targeted advertising works. It makes me more cautious about how much personal information I want to share in exchange for free usage of an online service. The chapter on Privacy makes us aware of the perils and annoyances of targeted advertising. Cookies for tea, anyone?
An entire chapter is devoted to explaining the tools we need to protect ourselves from cyberattacks and hackers.
And yes, Chaitanya also tells you what to do if you get hacked.
But why has the title been prefixed with Monkey, Shakespeare, Typewriter? Well, it is a clever title and you will need to read the book to find out. I don’t want to spoil that.
My recommendation: Read the book, even if you are a cybersecurity professional. Just for the foundational concepts. Your non-technically aligned family members will love the book.
Title: Monkey, Shakespeare, Typewriter: Cybersecurity for Everyone
Author: Chaitanya Kunthe
Publisher: Om Books International
Pages: 176
Price: Rs 284/-
