US expert: The military should guard our cyberspace borders
By M. MADHAVAN
17th January 2002 (The Star)

KUALA LUMPUR: Malaysia's information technology infrastructure must be watched and patrolled by a central body that should include the Defence Ministry, according to a national security expert at US server giant Sun Microsystems Inc.

The ministry should look out for any breaches because any damage to the national infrastructure could cripple the country, said William Vass, Sun Microsystems corporate software systems IT vice-president.

"We are also just a step away from tying many real-world infrastructures, such as traffic lights, to an Internet Protocol (IP) based network, and damage to this type of network would disrupt people's lives," he said.

The Defence Ministry can translate many of its real-world experience to the virtual world of cyberspace, such as how to recover from an attack, Vass said.

The United States sees the breach of any IT infrastructure as seriously as a physical breach, and this is the main reason its Defence Dept watches over its networks.

And since the department's website is one of the most popular targets for hackers, the lessons it has learnt are used to help beef up the nation's security, said Vass, who was previously with the US Secretary of Defence.

However, to get the Defence Ministry involved would not be easy as it would probably have to set a special IT department, and this would involve a substantial investment, Vass told In.Tech.

However, a country's IT infrastructure is important, and since it will become even more important in the future, any such cost would be justified, he added.

The process Vass, who has had more than 20 years' experience in the security arena, said that security in any organisation is heavily dependent on the process of implementing security measures, rather physical hardware alone.

For instance, if an IT department does not apply patches to its operating system and firewall in a timely manner, it could jeopardise the security of its network, he said.

"It is just like the real world - you can have the best security system in the world but if you don't turn it on properly, it is of no use," he said.

He advises organisations to have at least of three layers of firewalls made up of different brands that can co-exist together, to protect themselves from hackers and malicious viruses.

"Three firewalls are necessary because a hacker who knows the weakness of one type of firewall, may be unable to overcome another type," he said.

Out of the three firewalls, at least one should be a hardware firewall, while the other two should be software-based.

Hardware firewalls are fast and are good for real-time scanning to weed out any suspicious data traffic, without dampening the speed of the network.

Unlike a software firewall, a hardware firewall is not dependent on an operating system and would not carry any flaws present on the operating system, Vass noted.

However, because hardware firewalls are not highly customisable, the nitty-gritty of scanning for intrusion should be left to a software firewall which is "infinitely" more customisable, he said.

On the operating system side, he advised organisations to rely on Unix-based operating systems like Linux and Sun Microsystems' own Solaris, because they have very good security measures.

"Unix operating systems are built from ground up with security in mind," he claimed.

Solaris, for example, comes in a "hardened version" where most of the default settings exploited by hackers, such as guess accounts, are turned off, Vass said.

It makes it little harder to set up a hardened Solaris, but it is much more secure, he said.