The media has been full of stories on the massive ransomware attack which hit lakhs of computers worldwide last week. India was one of the worst-affected countries, with nearly 10% of impacted computers located within our borders. In the aftermath, digital security companies have gone into hyper-drive, advocating better cybersecurity measures, while other informed commentators have also justifiably raised concerns about the state of security in our government networks.
Reams have been written about what one needs to do to prevent the recurrence of such a massive attack. While having firewalls and security protocols and better antivirus and anti-malware programmes have all been mentioned — and rightly so — most cybersecurity experts have also admitted that any system, no matter how sophisticated its defences, is only as secure as its least security-conscious user. In other words, there is no point in having a weapons-grade password protocol if some user is simply going to write it on a post-it and stick it behind her keyboard, or share it on the phone with some random stranger claiming to be calling from tech support.
User behaviour, the key
User behaviour, then, holds the key. If you are unaware of the risks involved in going online — concerning topics like privacy and security of finances — and have no clue on how to tell genuine entities apart from the pranksters, fraudsters and predators who populate the Web in teeming hordes, no security programme can really prevent you from getting burned.
Which brings me to the real takeaway from the WannaCry attack — the need for digital literacy in India. We have made giant strides in digital access. A third of all mobile phone users in India used (or owned) a smartphone in 2016. According to the International Telecommunication Union (ITU), nearly 35% of the population has access to the Internet. Either way, that puts the total number at just shy of half a billion, which makes us one of the world’s largest digital populations.
This is staggeringly impressive, till you realise that most of these people are also digital newbies. They may have a smartphone, they may even have Internet access, but once they are actually on the World Wide Web, they are lost. According to a Deloitte-Assocham study, ‘Digital India – unlocking the trillion dollar opportunity’, India has one of the world’s largest populations of digital illiterates. Only 10% of the population is digitally literate, having the skills needed to take advantage of digital access.
The government is, of course, aware of this. We even have a National Digital Literacy Mission, tasked with making six crore households digitally literate in three years, a target the mission claims to have achieved ahead of time post demonetisation,
The reality is, the government, and all the giant corporates involved in this, are confusing digital skills with digital literacy. As Professor Maha Bali of American University, Cairo, pointed out in an article, ‘Knowing the difference between digital skills and digital literacy, and teaching both’: “Teaching digital skills would include showing students how to download images from the Internet and insert them into PowerPoint slides or web pages. Digital literacy would focus on helping students choose appropriate images, recognise copyright licensing, and cite or get permissions, in addition to reminding students to use alternative text for images to support those with visual disabilities.”
Skilled vs. literate
A digitally-skilled person will be able to create an email account, open it and even reply to mails. A digitally-literate individual, on the other hand, would probably realise that “the former security aide to a Nigerian princess offering a million dollar inheritance” is not for real, and would, hopefully, refrain from opening the file attached to that mail.
So, digital skilling is all well and good, particularly if a large section of the population is still playing catch-up with the digital world. But what we really need is a nation of digital literates, people who will be able to not only access the Internet but use it in a discerning manner.
It is not enough to give crash courses on the basics of using a smartphone or a computing device; or to train small shopkeepers on how to use a Point-of-Sale (PoS) machine, or accept payments from digital wallets. We need to create aware and empowered digital citizens. For that to happen, we have to start right from the grassroots. And start early. Basic literacy needs to be redefined to include digital literacy, which means it has to start right from the beginning, from the primary school. It has to be as fundamental as the three ‘R’s of basic schooling — reading, writing and arithmetic.
The good news is that governments — at the State level at least — are waking up to this reality. Curricula are being slowly changed as Internet penetration increases, and the Bharat Net programme drags optic fibre to every gram panchayat in the country.
But the pace is glacial. Given the speed of change in the digital world, the only way for us to not get hopelessly left behind is to ensure that no one gets left behind. We can do it — after all, we managed a green revolution and banished food insecurity from a nation of nearly a billion. A silicon revolution would be much easier to achieve.