KUALA LUMPUR, 13 NOVEMBER 2008 - Ignorance is the key issue behind rising cyber terrorism and crime, and that this could even endanger lives, in addition to financial losses, warned international security experts at the inaugural EC-Council Asia Pacific Roundtable Forum in Kuala Lumpur, Malaysia.
“Information security is not simply the responsibility of network administrators only, it is the responsibility of every Internet user as their ignorance may result in millions of dollars in losses and even the loss of lives,” said Jay Bavisi, president of global security certification organisation EC-Council (International Council of E-Commerce Consultants).
“Cyber crime and warfare are not just found in science fiction movies, in retrospect it’s a daunting reality that affects every individual connected by a computer or technology,” said Bavisi. “You may not be a hacker but your computer is a potential weapon for criminals to use to attack and damage countries, corporations and even mastermind the destruction of human lives.”
He said the findings and recommendations from the roundtable forum will be made available for the public and relevant agencies as part of EC-Council’s campaign to create increased awareness towards cyber terrorism and crimes.
EC-Council (www.eccouncil.org) is a member-based organisation that certifies individuals in various e-business and security skills.
Make reporting of cyber incidents mandatory
The roundtable—which was chaired by Jay Bavisi, and co-chaired by University of Auckland associate professor and chair of the New Zealand Information Security Forum (Cyber Warfare) Lech J. Janczewski—included other panelists such as Stroz Friedberg executive managing director James Aquilina, US Army Red Team ex-chief Major Scott Applegate, Microsoft Asia Pacific senior investigator Anthony Fung, and Indonesian Security-Incidents Response Team on Internet Infrastructure chairman Richardus Eko Indrajit.
Malaysian representatives came from government research agency MIMOS, Ministry of Defence, Technology Park Malaysia, National Institute of Public Administration, Malaysian Nuclear Agency, Royal Malaysian Airforce, Ministry of Science and Technology, Malaysian Armed Forces and Science & Technology Research Institute for Defence.
“In this part of the world, incident reporting and disclosures are not mandatory,” said Paul Wright, head of cyber crime unit, City of London Police. “Thus many incidents are not reported by various agencies or corporations, as they fear that it would cause negative publicity among the public and their investors. The lack of education among both the users and authorities often results in criminals’ easy access to even the most high-tech security areas. No one treats a cyber crime like a murder case, often evidence cannot be used legally as it has been contaminated by the victim or the incident handler, allowing these criminals to escape prosecution.”
EC-Council’s Bavisi added: “Legislation, awareness and education among all levels right from the top management level to even security guards in any corporation are required to ensure the eradication of cyber crime. The demise of a large corporation can be classified as a collateral damage to any nation. It is our responsibility to safeguard the nation’s interest.”
