[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] How is government coping with cyber crime?
From: InfoSec News <alerts () infosecnews ! org>
Date: 2009-09-22 8:05:34
Message-ID: Pine.LNX.4.61.0909220304100.14171 () conundrum ! infosecnews ! org
[Download RAW message or body]
http://www.futuregov.net/articles/2009/sep/22/how-government-coping-cyber-crime/
By Robin Hicks
FutureGov
22 September 2009
What are governments doing to ensure that critical online operations
remain operational when under attack from cyber criminals? FutureGov
asked senior civil servants in Taiwan, Hong Kong, China and the
Philippines to reveal how they are preparing their defences against
hackers
Hsiang-Chen Li, Director of Computer Centre
National Police Agency of Taiwan
Hacking in Taiwan gets more serious by the year. In 2008 the National
Police Agency detected more attacks than in any other year - 44, which
is around three to four hacks a day. It is interesting to note that the
age range of hackers in getting younger too. Almost one half of the
hackers we know about in Taiwan are between the age of 12 and 17 years
old, while the rest are between 18 and 23. The problem is allowed to get
worse -nd it will, most likely – -cause more people are using the
internet in their daily and working lives. The average length of time
Taiwanese spend on the internet is at least two hours each day, which
leaves a lot of time for hackers to steal confidential information. They
then sell it to criminal gangs, commit fraud or intimidate people with
it. We started tackling the problem back in 1996. We created a Computer
Crime Squad within the police department, and two years later all law
enforcement units – including the district attorney – had a task force
to handle internet crime. Also, the government established N-CERT and
N-SOC in 2001 – initiatives to protect information infrastructure. We
are also trying to connect with other countries since most hack attacks
were launched from abroad.
Pang Yandong, Director of Information Industry Office
Government of Maoming City, China
Information dissemination through web sites as a mean of promoting
openness in government affairs is becoming increasingly important in
China. And government portals are becoming a key platform for
communication between government and citizen. But these platforms are
magnetic for hackers. Our administrative web site in Maoming City has
received many attacks at escalating cost in terms of disruption and down
time. And they are using a variety of methods. Hackers hack into
operating systems and expose vulnerabilities in control servers. They
have been able to crack the system password, launch denial-of-service
attacks, take over the server upload process and tamper with databases
and page codes. We have been tackling the problem in the following ways.
The first is to strengthen the information security system. Second, to
increase user awareness of information security. This involves training
network administrators regularly, so that we know how to cope with an
attack. We also ensure that we have the most up-to-date security
settings and that users change their passwords regularly. And in the
event of an attack we record precisely how the hacker got through our
system, and make notes on how we rectified the system – and how we might
do it better next time.
Stephen Mak, Deputy Government Chief Information Officer
Government of Hong Kong
Hacking remains one of the major threats that users and providers of IT
should guard themselves against. The Hong Kong Computer Emergency
Response Team Coordination Centre (HKCERT) monitors info-security
threats in the community. According to them, there is no evidence of a
growing trend in the number of hacking activities in Hong Kong, as
compared to last year. On the other hand, web defacement and botnets are
two of the major security threats. In April 2009, the Conficker worm
caused a major threat to users by infecting victims' computers and
turning them into members of a global Botnet, without the users'
knowledge. In collaboration with the HKCERT, we have closely monitored
the possible effects of the Conficker worm on Hong Kong and promptly
advised computer users of its existence and how to protect against it.
We monitor all incoming network traffic and carry out analysis of
incidents. On discovering suspected attacks, appropriate action will be
initiated. Government departments have implemented technical security
measures, such as anti-virus software and intrusion detection system to
monitor, detect and block potential attacks. We also keep systems
up-to-date by applying the necessary patches and fixes. And we have also
established incident response and business continuity plans to prepare
for attacks.
Ray Roxas-Chua, Chairman, Commission on Information and Communications
Technology, The Philippines
Cyber attacks are increasing in sophistication and government can only
try to keep up. One of our challenges in the Philippines is our lack of
cybercrime laws to apprehend and prosecute cybercriminals. The
Commission on Information and Communications Technology is pushing for
the passage of an Anti-Cybercrime Bill patterned after the Convention on
Cybercrime by the Council of Europe. We hope this can be passed prior to
the presidential elections next year. The CICT, with help from the South
Korean government, is in the process of setting up a National PKI
(public key infrastructure) to ensure safer, more secure, reliable and
trustworthy online transactions. It is a joint undertaking of the CICT,
through the National Computer Center, and others. We hope that by
setting up the PKI will help spur the growth of e-commerce and
e-government applications by making Filipinos feel safer online.
________________________________________
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News
http://www.infosecnews.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic