Technology

VPN companies in India will soon collect your data and store it for at least 5 years: IT Ministry

By Scott Marlette

According to the new governing law, if a company fails to meet the Ministry of Electronics and IT’s demands, it could be imprisoned for up to one year. The laws will come into action after 60 days of being issued, i.e., July 27th onwards. The companies will keep tracking and maintaining user records even after the user has cancelled the subscriptions or de-activated their account.

Most VPNs these days offer a no-logging policy and full privacy to the customer by not collecting and sharing the user’s data, as they operate on RAM-only servers, meaning the data is stored temporarily. If the order is to be taken in action, the companies will have to switch to storage servers, which will increase the cost quota for the service’s operation.

CERT-in requires companies to report a total of twenty vulnerabilities, including “Unauthorized access to social media accounts,” all of which have varying levels of impact on a company’s services and consequences. Here’s the list of all vulnerabilities:

  1. Targeted scanning/probing of critical networks/systems.
  2. Compromise of critical systems/information.
  3. Unauthorised access of IT systems/data.
  4. Defacement of website or intrusion into a website and unauthorised changes such as inserting malicious code, links to external websites etc.
  5. Malicious code attacks such as spreading of virus/worm/Trojan/Bots/Spyware/Ransomware/Cryptominers.
  6. Attack on servers such as Database, Mail and DNS and network devices such as Routers.
  7. Identity Theft, spoofing and phishing attacks,
  8. Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks.
  9. Attacks on Critical infrastructure, SCADA and operational technology systems and Wireless networks.
  10. Attacks on Application such as E-Governance, E-Commerce etc.
  11. Data Breach.
  12. Data Leak.
  13. Attacks on Internet of Things (IoT) devices and associated systems, networks, software, servers.
  14. Attacks or incident affecting Digital Payment systems.
  15. Attacks through Malicious mobile Apps.
  16. Fake mobile Apps.
  17. Unauthorised access to social media accounts.
  18. Attacks or malicious/ suspicious activities affecting Cloud computing systems/servers/software/applications.
  19. Attacks or malicious/suspicious activities affecting systems/ servers/ networks/ software/ applications related to Big Data, Block chain, virtual assets, virtual asset exchanges, custodian wallets, Robotics, 3D and 4D Printing, additive manufacturing, Drones.
  20. Attacks or malicious/ suspicious activities affecting systems/ servers/software/ applications related to Artificial Intelligence and Machine Learning.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.

Scott Marlette 132879 posts 0 comments
More Stories

Will OnePlus 13 outpace Xiaomi with the first Snapdragon 8…

Google to appeal Play Store ruling | Computer Weekly

Smart charger aims to ease grid stress from EVs

1 of 69,748