http://www.thejakartapost.com/detailfeatures.asp?fileid=20050321.P03&irec=2 Jim Geovedi Contributor March 22, 2005 A cyberwar between Indonesia and Malaysia was sparked by the dispute over the Ambalat oil fields in the Sulawesi Sea, and, possibly, the impact of the ending of the amnesty for illegal Indonesian workers. On March 5, 2005, Kuala Lumpur protested what it said was intrusion into its territory by an Indonesian naval vessel, while President Susilo Bambang Yudhoyono ordered the Indonesian military to make its presence felt in the disputed waters. The next day, the website of Universiti Sains Malaysia (USM) was hacked and plastered with hostile Indonesian-sounding, anti-Malaysian messages; messages reminiscent of 1963's Konfrontasi and the Gerakan Ganyang Malaysia (Crush Malaysia Movement). What followed sent companies and organizations on both sides of the straits scrambling to patch up their security systems and to temporarily shut down websites deemed a security risk. Cyberwar is not real war Declaring war is a privilege reserved for recognized leaders of nations, not a bunch of unelected kids, even they believe they are acting on behalf of their nation. By definition, a cyberwar is a coordinated, systematic attack on computers, communications networks, databases and media. Other related terms are cyberterrorism, cybercrime, strategic information warfare, electronic warfare. Information systems are complex and interconnected infrastructures upon which many nations are now heavily dependent. They rest on insecure foundations -- the ability to network has far outpaced the ability to protect networks. With this dependency comes vulnerability to attack from virtually anyone, anywhere with a computer and a connection to the Internet. Today, information technology -- and the ability to use it -- is more widely available than ever. Widespread, easy access to the Internet, combined with the ability to become anonymous, presents a completely new spectrum of threats to national security. Not only can a government, group, or individual utilize information technology to disrupt the infrastructure of whole nations, but, often, attacks are not even noticeable until the damage has been done. Malicious hackers find weaknesses Malicious hackers hit whoever they can, and target any website that has any kind of weakness. They use scanning tools to broadcast a search for security holes in domains that are hosted in Indonesia or Malaysia. And they often pay little attention to the nature of the website. Many websites will remain vulnerable to malicious hacker attacks until network and system administrators tighten up the security of their servers. Most hacker attacks, including website defacements, are made through a chain of passive servers that act as springboards. But all malicious hackers represent threats to organizations for their ability to gain unauthorized access to sensitive information. Future expectations Cyber tools and technologies are now on the way for both offense and defense. Networks -- and their vulnerability -- are evolving so rapidly that new tools for network mapping, scanning and probing will become increasingly critical to both attackers and defenders. Deployment of new or improved security tools will help protect against both remote and inside threats. New and better technologies could provide defenders with improved capabilities for detecting and attributing subtle malicious activity, and enable computer networks to respond to attacks automatically. However, defense responses will remain at a disadvantage until more fundamental changes to computer and network architectures are made -- changes for which improved security has equal billing with increased functionality. For attackers, viruses and worms are likely to become more controllable, precise, and predictable -- making them more suitable for weaponization. In addition, tools for distributed hacking or denial of service -- the coordinated use of multiple, compromised computers or of independent and mobile software agents -- will mature as network connectivity and bandwidth increase. They could provide attackers with planning aids to develop optimal strategies against potential targets and to more accurately predict effects. Attackers and defenders alike, it seems, better be ready at all times and must never let down their guard in anticipating the future. The author is an information security consultant at PT Bellua Asia Pacific, Indonesia. Jim is scheduled to speak at the Bellua Cyber Security Conference in Jakarta on March 23 and 24 (www.bellua.net). He is also a contributor to the OpenBSD and FreeBSD projects, and an active member of HERT, the Hacker Emergency Response Team. _________________________________________ Bellua Cyber Security Asia 2005 - http://www.bellua.com/bcs2005
This archive was generated by hypermail 2.1.3 : Tue Mar 22 2005 - 00:42:04 PST