[ISN] Securing public infrastructure
isn at c4i.org
Tue Mar 22 03:11:14 EST 2005
March 22, 2005
A cyberwar between Indonesia and Malaysia was sparked by the dispute
over the Ambalat oil fields in the Sulawesi Sea, and, possibly, the
impact of the ending of the amnesty for illegal Indonesian workers.
On March 5, 2005, Kuala Lumpur protested what it said was intrusion
into its territory by an Indonesian naval vessel, while President
Susilo Bambang Yudhoyono ordered the Indonesian military to make its
presence felt in the disputed waters.
The next day, the website of Universiti Sains Malaysia (USM) was
hacked and plastered with hostile Indonesian-sounding, anti-Malaysian
messages; messages reminiscent of 1963's Konfrontasi and the Gerakan
Ganyang Malaysia (Crush Malaysia Movement).
What followed sent companies and organizations on both sides of the
straits scrambling to patch up their security systems and to
temporarily shut down websites deemed a security risk.
Cyberwar is not real war Declaring war is a privilege reserved for
recognized leaders of nations, not a bunch of unelected kids, even
they believe they are acting on behalf of their nation.
By definition, a cyberwar is a coordinated, systematic attack on
computers, communications networks, databases and media.
Other related terms are cyberterrorism, cybercrime, strategic
information warfare, electronic warfare.
Information systems are complex and interconnected infrastructures
upon which many nations are now heavily dependent.
They rest on insecure foundations -- the ability to network has far
outpaced the ability to protect networks. With this dependency comes
vulnerability to attack from virtually anyone, anywhere with a
computer and a connection to the Internet.
Today, information technology -- and the ability to use it -- is more
widely available than ever. Widespread, easy access to the Internet,
combined with the ability to become anonymous, presents a completely
new spectrum of threats to national security.
Not only can a government, group, or individual utilize information
technology to disrupt the infrastructure of whole nations, but, often,
attacks are not even noticeable until the damage has been done.
Malicious hackers find weaknesses Malicious hackers hit whoever they
can, and target any website that has any kind of weakness. They use
scanning tools to broadcast a search for security holes in domains
that are hosted in Indonesia or Malaysia.
And they often pay little attention to the nature of the website. Many
websites will remain vulnerable to malicious hacker attacks until
network and system administrators tighten up the security of their
Most hacker attacks, including website defacements, are made through a
chain of passive servers that act as springboards.
But all malicious hackers represent threats to organizations for their
ability to gain unauthorized access to sensitive information.
Future expectations Cyber tools and technologies are now on the way
for both offense and defense. Networks -- and their vulnerability --
are evolving so rapidly that new tools for network mapping, scanning
and probing will become increasingly critical to both attackers and
Deployment of new or improved security tools will help protect against
both remote and inside threats.
New and better technologies could provide defenders with improved
capabilities for detecting and attributing subtle malicious activity,
and enable computer networks to respond to attacks automatically.
However, defense responses will remain at a disadvantage until more
fundamental changes to computer and network architectures are made --
changes for which improved security has equal billing with increased
For attackers, viruses and worms are likely to become more
controllable, precise, and predictable -- making them more suitable
In addition, tools for distributed hacking or denial of service -- the
coordinated use of multiple, compromised computers or of independent
and mobile software agents -- will mature as network connectivity and
They could provide attackers with planning aids to develop optimal
strategies against potential targets and to more accurately predict
Attackers and defenders alike, it seems, better be ready at all times
and must never let down their guard in anticipating the future.
The author is an information security consultant at PT Bellua Asia
Pacific, Indonesia. Jim is scheduled to speak at the Bellua Cyber
Security Conference in Jakarta on March 23 and 24 (www.bellua.net). He
is also a contributor to the OpenBSD and FreeBSD projects, and an
active member of HERT, the Hacker Emergency Response Team.
More information about the ISN