हिंदी साहित्य: पेन ड्राइव कोर्स
This just in:

Governance

Zoom- Not a Safe Platform: MHA

  • 17 Apr 2020
  • 5 min read

Why in News

Recently, the Ministry of Home Affairs (MHA) has issued an advisory that Zoom video conference is not a safe platform.

Key Points

  • Zoom has seen an exponential rise in usage in India as office-goers remain at home due to the lockdown, imposed to curb the Covid-19 pandemic.
    • Over 90,000 schools across 20 countries have started using it regularly.
    • The maximum number of daily meeting participants of approximately 10 million at the end of December 2019 grew to more than 200 million daily meeting participants in March.
    • It has been used extensively by everyone including the central and state ministers for official purposes and conducting meetings.
  • Zoom is a US-based video communication and videoconferencing platform.
    • This Silicon Valley-based company appears to own three companies in China through which at least 700 employees were paid to develop Zoom’s software.
    • This arrangement is apparently an effort at labor arbitrage in which Zoom can avoid paying US wages while selling to US customers, thus increasing their profit margin.
    • However, this arrangement may make Zoom responsive to pressure from Chinese authorities.
    • Reportedly, few calls made through the app are routed through servers in China.
  • Earlier, the Computer Emergency Response Team, India (CERT-In) had also issued advisories cautioning on the use of Zoom for office meetings.
    • It warned that the insecure usage of the platform may allow cyber criminals to access sensitive information such as meeting details and conversations giving rise to cyber frauds.
    • It also highlighted multiple vulnerabilities which could allow an attacker to gain elevated privileges or obtain sensitive information.
  • Citizen Lab, based at the University of Toronto, found significant weakness in Zoom’s encryption that protects meetings.
    • It identified the transmission of meeting encryption keys through China.
    • The lab has raised two primary concerns- geo-fencing and meeting encryption.
  • Zoom Founder and CEO Eric S Yuan has apologised and assured the people that the privacy and security expectations would be taken care of.
    • Zoom has added additional features such as placing a new security icon in the meeting controls, changing Zoom’s default settings and enhancing meeting password complexity, among others.
    • It has also added that soon, account admins will have the ability to choose whether or not their data is routed through specific data center regions.
  • Suggestions by the Ministry
    • The users are suggested to set strong passwords and enable “waiting room” features so that call managers could have better control over the participants.
    • Users should also avoid using personal meeting ID to host events and instead use randomly generated meeting IDs for each event.
    • People using the app should not share meeting links on public platforms.

Indian Cyber Crime Coordination Centre

  • The scheme to set up I4C was approved in October 2018, to deal with all types of cybercrimes in a comprehensive and coordinated manner.
  • It has seven components:
    • National Cyber Crime Threat Analytics Unit
    • National Cyber Crime Reporting Portal
    • National Cyber Crime Training Centre
    • Cyber Crime Ecosystem Management Unit
    • National Cyber Crime Research and Innovation Centre
    • National Cyber Crime Forensic Laboratory Ecosystem
    • Platform for Joint Cyber Crime Investigation Team.
  • Various States and Union Territories (UTs) have consented to set up Regional Cyber Crime Coordination Centres.
  • This state-of-the-art Centre is located in New Delhi.

Computer Emergency Response Team-India

  • It is an organisation of the Ministry of Electronics and Information Technology, Government of India, with the objective of securing Indian cyberspace.
  • It is the nodal agency which deals with cybersecurity threats like hacking and phishing.
  • It collects, analyses and disseminates information on cyber incidents, and also issues alerts on cybersecurity incidents.
  • CERT-IN provides Incident Prevention and Response Services as well as Security Quality Management Services.

Source: TH

SMS Alerts
 

Please login or register to view note list

close

Please login or register to list article as bookmarked

close
 

Please login or register to make your note

close

Please login or register to list article as progressed

close

Please login or register to list article as bookmarked

close