Shadow AI - The Hidden Risk Undermining Organisational Security

Introduction

Lost your phone? How to track and block your lost or stolen phone? Fear not, Say hello to Sanchar Saathi, the newly launched portal by the government. The smartphone has become an essential part of our daily life, our lots of personal data are stored in our smartphones, and if a phone is lost or stolen, it can be a frustrating experience. With the government initiative launching Sanchar Saathi Portal, you can now track and block your lost or stolen smartphone. The Portal uses a central equipment identity register to help users block their lost phones. It helps you track your lost and stolen smartphone. So now, say hello to Sanchar Saathi, the newly launched portal by the government. Users should keep an FIR copy of their lost/stolen smartphone handy for using certain features of the portal. FIR copy is also required for tracking the phone on the website. This portal allows users to track lost/stolen smartphones, and they can block the device across all telecom networks.

Preventing Data Leakage and Mobile Phone Theft

When you lose your phone or your phone is stolen, you worry as your smartphone holds your various personal sensitive information such as your bank account information, UPI IDs, and social media accounts such as WhatsApp, which cause a serious concern of data leakage and misuse in such a situation. Sanchar saathi portal addresses this problem and serves as a platform for blocking data saved on a lost or stolen device. This feature protects the users against financial fraud, identity thrift, and data leakage by blocking access to your lost or stolen device and ensuring that unauthorised parties cannot access or abuse important information.

How the Sanchar Saathi Portal Works

To file a complaint regarding their lost or stolen smartphones the users are required to provide IMEI (International Mobile Equipment Identity) number. The official website of the portal is https://sancharsaathi.gov.in/ users can access the “Citizen Centric Services” option on the homepage. Then users may, by clicking on “Block Your Lost/Stolen Mobile”, can fill out the form. Users need to fill in details such as IMEI number, contact number, model number of the smartphone, mobile purchase invoice, and information such as the date, time, district, and state where the device was lost or stolen. Users must keep a copy of the FIR handy and fill in their personal information, such as their name, email address, and residence. After completing and selecting the ‘Complete tab’, the form will be submitted, and access to the lost/stolen smartphone will be blocked.

Enhancing Security with SIM Card Verification

Using this portal, users can access their associated sim card numbers and block any unauthorised use. In this way portal allows owners to take immediate action if their sim card is being used or misused by someone else. The Sanchar Saathi Portal allows you to check the status of active SIM cards registered under an individual’s name. And it is an extra security feature provided by the portal. This proactive strategy helps users to safeguard their personal information against possible abuse and identity theft.

Advantages of the Sanchar Saathi Portal

The Sanchar Saathi platform offers various benefits for reducing mobile phone theft and protecting personal data.  The portal offers a simplified and user-friendly platform for making complaints. The online complaint tracking function keeps consumers informed of the status of their complaints, increasing transparency and accountability.

The portal allows users to block access to personal data on lost/stolen smartphones which reduces the chances or potential risk of data leakage.

The portal SIM card verification feature acts as an extra layer of security, enabling users to monitor any unauthorised use of their personal information. This proactive approach empowers users to take immediate action if they detect any suspicious activity, preventing further damage to their personal data.

Conclusion

Our smartphones store large amounts of sensitive information and Data, so it becomes crucial to protect our smartphones from any unauthorised access, especially in case when the smartphone is lost or stolen. The Sanchar Saathi portal is a commendable step by the government by offering a comprehensive solution to combat mobile phone theft and protect personal data, the portal contributes to a safer digital environment for smartphone users.

The portal provides the option of blocking access to your lost/stolen device and also checking the SIM card verification. These features of the portal empower users to take control of their data security. In this way, the portal contributes to preventing mobile phone theft and data leakage.

Introduction

The automobile business is fast expanding, with vehicles becoming sophisticated, interconnected gadgets equipped with cutting-edge digital technology. This integration improves convenience, safety, and efficiency while also exposing automobiles to a new set of cyber risks. Electric vehicles (EVs) are equipped with sophisticated computer systems that manage various functions, such as acceleration, braking, and steering. If these systems are compromised, it could result in hazardous situations, including the remote control of the vehicle or unauthorized access to sensitive data. The automotive sector is evolving with the rise of connected car stakeholders, exposing new vulnerabilities for hackers to exploit. 

Why Automotive Cybersecurity is required

Cybersecurity threats to automotives result from hardware, software and overall systems redundancy. Additional concerns include general privacy clauses that justify collecting and transferring data to “third-party vendors”, without explicitly disclosing who such third parties are and the manner of processing personal data. For example, infotainment platform data may show popular music and the user’s preferences, which may be used by the music industry to improve marketing strategies. Similarly, it is lesser known that any data relating to behavioural tracking data, such as driving patterns etc., are also logged by the original equipment manufacturer.

Hacking is not limited to attackers gaining control of an electronic automobile; it includes malicious actors hacking charging stations to manipulate the systems. In Russia, EV charging stations were hacked in Moscow to display pro-Ukraine and anti-Putin messages such as “Glory to Ukraine” and “Death to the enemy” in the backdrop of the Russia-Ukraine war. Other examples include instances from the Isle of Wight, where hackers controlled the EV monitor to show inappropriate content and display high voltage fault codes to EV owners, preventing them from charging their vehicles with empty batteries.

UN Economic Commission for Europe releases Regulation 155 for Automobiles

UN Economic Commission for Europe Regulation 155 lays down uniform provisions concerning the approval of vehicles with regard to cybersecurity and cybersecurity management systems (CSMS). This was originally a part of the Commission.s Work Paper (W.P.) 29 that aimed to harmonise vehicular regulations for vehicles and vehicle equipment. Regulation 155 has a two-prong objective; first, to ensure cybersecurity at the organisational level and second, to ensure adequate designs of the vehicle architecture. A critical aspect in this context is the implementation of a certified CSMS by all companies that bring vehicles to market. Notably, this requirement alters the perspective of manufacturers; their responsibilities no longer conclude with the start of production (SOP). Instead, manufacturers are now required to continuously monitor and assess the safety systems throughout the entire life cycle of a vehicle, including making any necessary improvements.

This Regulation reflects the highly dynamic nature of software development and assurance. Moreover, the management system is designed to ensure compliance with safety requirements across the entire supply chain. This is a significant challenge, considering that suppliers currently account for over 70 per cent of the software volume.

The Regulation, which is binding in nature for 64 member countries, came into force in 2021. UNECE countries were required to be compliant with the Regulations by July 2022 for all new vehicles and by July 2024, the Regulation was set to apply to all vehicles. It is believed that the Regulation will become a de facto global standard, since vehicles authorised in a particular country may not be brought into the global market or the market of any UNECE member country based on any other authorisation. In such a scenario, OEMs of non-member countries may be required to give a “self-declaration”, declaring the equipment’s conformity with cybersecurity standards.

Conclusion

To compete and ensure trust, global car makers must deliver a robust cybersecurity framework that meets evolving regulations. The UNECE regulations in this regard are driving this direction by requiring automotive original equipment manufacturers (OEMs) to integrate vehicle cybersecurity throughout the entire value chain. The ‘security by design' approach aims to build a connected car that is trusted by all.  Automotive cybersecurity involves measures and technologies to protect connected vehicles and their onboard systems from growing digital threats.

References:

1. “Electric vehicle cyber security risks and best practices (2023)”, Cyber Talk, 1 August 2023. https://www.cybertalk.org/2023/08/01/electric-vehicle-cyber-security-risks-and-best-practices-2023/#:~:text=EVs%20are%20equipped%20with%20complex,unauthorized%20access%20to%20sensitive%20data. 
2. Gordon, Aaron, “Russian Electric Vehicle Chargers Hacked, Tell Users “PUTIN IS A D*******D”, Vice, 28 February 2022. https://www.vice.com/en/article/russian-electric-vehicle-chargers-hacked-tell-users-putin-is-a-dickhead/ 
3. “Isle of Wight: Council’s electric vehicle chargers hacked to show porn site”, BBC, 6 April 2022. https://www.bbc.com/news/uk-england-hampshire-61006816 
4. Sandler, Manuel, “UN Regulation No. 155: What You Need to Know about UN R155”, Cyres Consulting, 1 June 2022. https://www.cyres-consulting.com/un-regulation-no-155-requirements-what-you-need-to-know/?srsltid=AfmBOopV1pH1mg6M2Nn439N1-EyiU-gPwH2L4vq5tmP0Y2vUpQR-yfP7#A_short_overview_Background_knowledge_on_UN_Regulation_No_155 
5. https://unece.org/wp29-introduction?__cf_chl_tk=ZYt.Sq4MrXvTwSiYURi_essxUCGCysfPq7eSCg1oXLA-1724839918-0.0.1.1-13972

‍

‍Introduction 

The enactment of the Online Gaming (Promotion and Regulation) Act, 2025 has a significant impact, resulting in considerable changes to the structure of the Indian gaming industry. The ban on Real-Money Games (RMG), including fantasy sports, rummy, and poker, aims to curb addiction, illegal betting and most importantly, financial exploitation.

However, this decision sent ripples throughout the industry, resulting in players, companies and their investors re-strategising their plans to move forward. This approach, however, is a sharp contrast to how other nations, including the UK, Singapore and others, regulate online gaming. This, as a result, has also raised doubts about the ban and calls into question whether this is the right move.

‍

Industry in Flux - The resultant Fallout

‍

• MPL’s Layoffs: The Mobile Premiere League has so far laid off nearly 60 per cent of its workforce, with the CEO of the company openly admitting that the company is no longer able to make money in India.
• Dream11’s Lost Revenue: Having seen a position of being a market leader, the company has now witnessed its 95 per cent revenue wiped out, resulting in raised alarms among investors.
• A23’s Legal Move: The company chose to move the Karnataka High Court under the argument that the ban also ends up unfairly criminalising skill-based games that were earlier classified differently from gambling by the courts.

‍

The new face of eSports: With RMGs outlawed, the focus is now on esports, including casual mobile gaming, console/PC gaming, and creating new opportunities and also leaving a void for RMG revenue companies.

‍

Regulations Around the World - & India

‍

India has adopted a prohibition model, whereas many other countries have developed regulatory frameworks that allow sectoral expansion under monitoring.

‍

United Kingdom:

• Online gaming is regulated by the UK Gambling Commission.
• RMGs are legal but subject to strict licensing, age verification and advertising rules.
• Self-exclusion schemes are a must, offered by operators along with tools to prevent gambling addictions.

‍

United States

• State-driven regulations that vary from state to state.
• States including Nevada and New Jersey allow casinos both online and offline, while other states prohibit them completely.
• Regulation for skill-based fantasy games is fragmented but generally legal.

‍

China

• Great focus on controlling and restricting gaming addictions among minors.
• Time limits are enforced for players under 18 (usually as little as 3 hours per week).
• Gambling has been deemed illegal; however, esports and casual gaming operate within China’s regulated gaming ecosystem, subject to certain compliance.

‍

Singapore

• The Remote Gambling Act regulates chance-based games, while other eSports and skill-based games operate out of its jurisdiction and are regulated separately.
• Online gambling isn't completely banned, but is operated under restrictions.
• Only Licensed operators under strict controls are allowed by the government to operate to avoid and prevent black-market alternatives.

‍

Australia

• Regulates under the Interactive Gambling Act.
• Sports betting and certain licensed operators are allowed, while most of the other online gambling services are prohibited.
• Restrictions on advertising and real-time interventions allow emphasis on harm minimisation.

‍

India’s Approach  - Comparison

The Online Gaming (Promotion and Regulation) Act, 2025 introduces a prohibition model for real money games. This differs from jurisdictions such as the UK and US, which have implemented regulatory frameworks to oversee the sector. In India, earlier legal interpretations distinguished between games of skill and games of chance. The new legislation provides a single treatment for both categories, which marks a departure from previous judicial pronouncements. 

‍

Conclusion

At present, India’s gaming sector is navigating layoffs, court cases, and a pivot towards esports post the RMG ban. Keeping in mind that the intent of said ban is the protection of citizens, the industry also argues that regulation, instead of prohibition, offers a sustainable approach to the issues. On the other hand, on the global scale, most nations prefer controlled and licensed models that ensure consumer safety and work on preserving both jobs and revenues. However, India’s step is diverging from such a model. The lack of safeguards and engagement in the real money gaming industry led to a prohibition model, underscoring that in sensitive digital sectors, early regulatory alignment is essential.

‍

References

• India online gaming ban: Global rules & regulation bill 2025
• Level up or game over? Decoding India’s gaming industry post RMG ban
• MPL lays off 350 employees after GST rules, RMG crackdown
• India’s Dream11 hit by online gaming ban, revenue slumps
• Online gaming ban: A23 moves Karnataka HC against government decision
• UK Gambling Commission – Licensing and Regulations
• Fantasy Sports & Gambling Law – State by State
• China’s gaming restrictions for minors
• Singapore Remote Gambling Act – Ministry of Home Affairs
• Australian Communications and Media Authority – Interactive Gambling Act
  
  

‍