Hackers reveal flaws in cyber security framework: experts

What the government can do is upgrade cyber security standards and adopt cyber security best practices as well as draft a national policy framework and regulations for cyber security. 

Police websites and about 300 Courts of Justice websites were hacked by sympathisers of the Anonymous group in protest against the Koh Tao double-murder verdict. 

That led to a suggestion from police to bring back the single gateway plan to tackle the problem.

Paiboon Amonpinyokeat, a cyber security |specialist and lawyer, said the government should establish a computer or electronic law court as a special court dedicated to oversee all cyber cases including hacking and e-commerce fraud. The cases could be civil or criminal. 

The computer court would be staffed by prosecutors and judges with specialised knowledge of cyber security and it should be a department of general law courts.

“Almost all countries also have a computer or electronic law court to take care of computer, cyber and electronic cases. 

“Having this kind of court can help speed up the processing of these cases. The special court can be established by a royal decree of the court,” he said.

 

Self-regulation 

For prevention, the government should encourage Internet service providers (ISP) to practise self-regulation by observing a code of conduct, while the government can subsidise them through the budget. 

The single gateway was not the right solution to address the hacker problem because the cause of this problem was the low-level cyber security standards of the government’s websites. The government needs to raise its standards, he added. 

Prinya Hom-anek, another cyber security |specialist, said cyber security should be declared a national priority. The country should have a national cyber security framework endorsed by the prime minister; a national cyber security council to oversee national cyber security policy and a national cyber security agency to deal with national cyber security matters. 

These measures require laws to establish them. 

“The single gateway is not the solution so it should not be done,” he said.

Government organisations or agencies with a low budget or not enough funds to invest in a cyber security system should use the cyber security outsource services provided by a managed security service providers (MSSP). 

MSSPs will have security operation centres to manage and monitor cyber security for government units under a standard service level agreement.

The trend is for more hacking since most government websites do not comply with cyber security standards.

According to the information leaked in newspapers, the hacked information was not critical, but even so, this incident badly hurt the government’s reputation for risk management, he said.

Morragot Kulatumyotin, managing director of Internet Thailand (INET), a major ISP, said the government should treat this hacking attack as a wake-up call to improve cyber security standards and information security management. 

It should follow international standards and security guidelines that invaliding in for people, process and tooling, such as ISO27001. 

“The government should utilise existing mechanisms such as the Computer Crime Act to be a more effective tool to handle and address the hacking problem. 

“The Internet is a network solution that requires the collaboration of all parties from ISPs to the upstream, the international Internet gateway |service providers and the international network providers,” she said.

Chatchai Khunpitiluck, spokesman for the Information and Communications Technology Ministry, said the right solution is government cloud computing. 

The ICT Ministry will promote the government cloud to encourage the government to send critical information hast fast to the cloud rather than keep data on their own computers. 

“A single gateway is not on the ministry’s |agenda,” he said.

However, IT experts said the court website hacking incident was mostly seen as defacement. 

And the court’s website was not too tough to hack since it has a third-level domain name that is sub-domain name system. It means that almost all of the claimed numbers of websites being hacked were actually sub-domain, such as xxxx.court.go.th. 

If just one website – www.xxx.go.th – was |successfully breached, the invaders could vandalise a lot of websites easily.