Protecting public assets
By ROZANA SANI
7th February 2002 (Computimes)

THE recent release of information and communications technology (ICT) security guidelines for Government agencies has accentuated the issue of possible security breaches of national information and confidential data of citizens contained in ICT systems yet again.

Seen by many as a good step towards enhancing ICT security within the Government agencies, the guidelines which are outlined in the Malaysian Public Sector Management of ICT Security Handbook (MyMIS) will prompt members of the sector to assess the risks they face.

Threats initially emanated from hackers alone but cyber terrorism has come onto the agenda recently. Regardless of the source of the attack, heightened recognition of the implications of such threats is crucial among employees within the public sector.

According to Top Layer Networks International Inc's regional director Amir Azahar, many do not realise that the ramifications of a security breach are now not only financial, legal and operational as with the introduction of cyber terrorism they can even pose a threat to members of the public or national security.

"A public sector agency's investment in security should then be directly proportional to the value of the business at hand - be that the business of protection of personal data on members of the public, the infrastructure of a public transport system or military defence secrets," he said. "Recognition of this combined with a thorough assessment of best-of-breed security equipment such as firewalls, intrusion detection systems, virus protection and attack mitigation will ensure that public sector agencies are acting responsibly in protecting public assets."

Issues of productivity, the protection of public assets, data as well as national security - both physical and electronic - have forced the widespread assessment of security measures in place across the public sector that are now being witnessed, Amir said. Of major concern is that there are still many unsecure networks as is evidenced by the rising number of security incidents, he added.

Last year's Code Red worm exploited a Web server's vulnerability to launch denial of service (DoS) attacks via the Internet. At its peak, it was estimated that the Code Red worm had compromised 250,000 systems worldwide in less than 24 hours by installing zombies.

"Although DoS itself is becoming more commonplace and complex, due to widespread use of broadband, it is notable that even the very first DoS attack algorithms are still effective today because there are still so many networks that simply have no security," Amir said. "Instead of designing new tools, hackers need only move onto the next unsecured target to achieve their goal."

He added that agencies are starting to overcome the misconception that a singular defence mechanism - such as a firewall or anti-virus software - is adequate protection against all types of attacks and network intrusions when in reality, serious network threats - worms, virusses, hacks, DoS attacks - mandate the deployment of a number of dedicated devices.