Staying safe in cyberspace | Daily News

Staying safe in cyberspace

Smart classrooms combine physical and online teaching
Smart classrooms combine physical and online teaching

Although the use of the Internet and cyberspace related activities in Sri Lanka have drastically increased with the pandemic, it is evident that the country has failed to face new developments in the digital sector and address the sudden high demand. Minimal digital literacy and the under-developed digital infrastructure in the country are some of the reasons for this. The users also have faced numerous difficulties during this period including issues related to online privacy and security. The Daily News interviewed the President of the Information Technology Society of Sri Lanka (ITSSL) Rajeew Mathew to discuss this topic further.

Q: What impact has the pandemic made on Internet usage in Sri Lanka?

A: Internet usage in Sri Lanka before the outbreak of the pandemic was quite different from what it is today. Earlier, most Sri Lankans used it for social media and entertainment such as YouTube and smartphone gaming. But Covid-19 has pushed more people such as teachers, students and employees to use the Internet willingly or unwillingly. At present over 60 percent of the total population in the country is using the Internet in some way and have Internet connections, either on a smartphone or through home-based routers.

Q: Is the country’s digital infrastructure sufficient to cater to such a sudden and higher demand?

A: Although the demand has increased, Internet Service Providers (ISPs) have not upgraded the infrastructure to meet this sudden and higher demand. This in return directly affects connection stability and strength. The few ISPs who hold a monopoly over the Internet backbone in the country do not have the required capacity to meet the demand. Moreover, some ISPs are more concerned about their profit than the quality of the service they provide to customers. Lack of coverage and towers is also a huge issue. Although we are currently in discussions to bring 5G technology to the country, there some parts of the country that do not even experience 4G properly.

Q: What are the Internet-related issues identified within the last one-and-a-half years?

A: We have identified several issues. The main issue is that the existing infrastructure is outdated. This reduces the Internet speed and thereby directly affects Internet efficiency. The capacity of the service providers is also an outstanding issue. Less capacity brings less efficiency to the users.

Q: What steps can be taken by the authorities to address these issues?

A: Many of the Internet users have lodged complaints with the Telecommunication Regulatory Commission of Sri Lanka (TRCSL) on the poor Internet speeds being experienced by them. Also, the users have raised their voice against the unjustifiable data charges by the service providers. But we have not seen an active response from the Government-owned TRCSL so far. Apart from the written assurance the institution gives to the complainants that they would act on the matters raised, they are not issuing any letter or notice on the progress of the inquiries they have conducted. Accordingly, we can see that they work in a somewhat irresponsible manner.

As well, in the future, Sri Lanka will experience the new 5G technology. This is a technology in which everything is based on the ‘smart concept’. Therefore, before moving and upgrading to 5G, Sri Lanka will have to adopt legal provisions and other mechanisms which are strong enough to ensure cybersecurity and the privacy of the users.

Q: What are the issues that users face during the pandemic?

A: Apart from the poor Internet speed, strength and the other infrastructure related difficulties, the risk of cyberattacks is high during this period. Mainly, hackers have been able to mislead the users and hack the accounts with a simple effort within this short period. The increased number of users with less digital literacy has been a boon for the hackers. Fake news, fake rewards and prize campaigns and misinformation generated by the hackers are easily available these days.

This is a threat to the users’ privacy and sensitive personal data. There were nearly 13,000 complaints received by the Sri Lanka Computer Emergency Readiness Team (SLCERT) about social media account hackings last year alone. Also, on some occasions, ransomware had been installed in computers. They have been created by the hackers and have caused loss of data. As a result, the users’ files could be encrypted by hackers. We urge users not to pay ransom to the hackers if they asked for a ransom from you to decrypt your encrypted data. There is no assurance whether they would decrypt that data.

Q: How and why have cyberspace related crimes increased during the pandemic?

A: The main reason is the lack of digital literacy of many users and the careless manner in which they transact with the Internet. Due to Covid-19, many people in the rural areas switched to online methods even without proper knowledge and facilities. Not taking protective measures in advance was also a reason. Accordingly, this made it easier for the hackers to achieve their targets. This is evident as the largest number of cyberattacks related complaints in Sri Lanka has been reported last year. Most of them were on social media.

Q: How can the users ensure their own security?

A: There are several easy tips that Internet and social media users can follow to keep their accounts secure. We urge them to update the contact details such as the e-mail and mobile number on social media accounts, so the relevant companies can easily reach you in case of an emergency or unrecognized activity by a third party. Activation of the two-factor authentication, prevents from publishing the details such as phone number and birthday in a public-visible mode, not disclosing sensitive personal details to outsiders and not clicking on suspicious web links will be helpful to stay safe.

Q: Were there several cyberattacks on local websites recently?

A: Yes. Several websites including Government owned ones had been subjected to cyberattacks on different occasions within the first five months of this year. On May 18, a well-known hacker group had hacked the official website of the Sri Lanka Embassy in China. The other websites belong to Sri Lanka Police, Ceylon Electricity Board, Hector Kobbekaduwa Agrarian Research and Training Institute, Health Ministry and the Southern Province Fisheries Ministry. According to what we have revealed, a Turkish hacker group is behind these cases.

Q: Can you elaborate on the status of the country’s cybersecurity and the possible future risks?

A: Internet users with little digital literacy are more vulnerable to cyberattacks. Future cyberattacks could be a threat not only for the critical infrastructure but for the lives of the people even when they are not users themselves. Therefore, the Governments should take immediate steps to improve the digital literacy of the public. Further delays in taking counter action could encourage further attacks.

The only legislation Sri Lanka has regarding cyberspace related crimes is the Computer Crime Act No.24 of 2007. By now it is quite outdated. Therefore, the existing laws should be updated to act against the upgraded and new forms of cybercrimes. Also new rules and regulations should be adopted as suitable as new technologies such as 5G are introduced to Sri Lanka.

Q: How can users with little digital literacy act carefully with the Internet to prevent possible risks?

A: It is mandatory for every user to use unpredictable and strong passwords for their accounts. In addition, you are warned not to add or follow unknown people on social media. This advice is especially for women. Before you accept a friend request from someone, you should first verify the profile of the requested friend. Also, you should not click on unknown or strange links. For example, there are numerous messages which are fake being circulated saying that some renowned global and local companies are giving away free gifts. These are scams.

Before you click on such links and follow their guidelines, check the official websites of the relevant companies to verify if they are giving away any such gifts. Consult an educated person on the subject. Finally, always following the official social media pages of the renowned companies will be helpful for you to stay secure from these scams. Do not let anyone, even the persons well known to you, misuse your lack of digital literacy and create unnecessary problems for you. Stay digitally and physically safe during this pandemic.