New body ‘needed for cyber threats’

They said the ongoing attacks reflected the failure of the government’s investment in cybersecurity over the past decade.
Dr Sutee Tuvirat, a certified information system auditor (CISA), said that servers of state agencies were weak and prone to online attacks regularly.
“They just were not aware of the attacks. This time the hackers displayed the information they got from government websites that they attacked,” Sutee said.
He added that the benefit of this seemingly concerted attack was that it increased awareness about the importance of cybersecurity in all levels and all sectors, including the public and private sectors. “Also, the mass media have covered this issue continuously,” he said.
A group of local and foreign “hacktivists” claimed to have broken into the computer systems of many Thai government agencies in retaliation for the National Legislative Assembly last week passing the Computer Crime Act’s amendment bill in a unanimous vote. The new law is expected to bring about tougher controls on online activities and cybercrimes.
One of the hacking targets was the website of the Second Army Area, authorities confirmed yesterday.
Maj-General Rittee Intravudh, director of the Army Cyber Centre, said the website of the Royal Thai Army’s Second Army Area had been compromised. He told reporters that confidential military data remained intact, as it was not linked to the website.
Late on Friday, the hacktivists group posted detailed budgeting of the Army’s water-resource dredging projects in 2016 on its Facebook page. The group also pointed out a Bt4-million budget set aside for overtime pay.
The hacktivists have announced another planned cyberattack tomorrow, and have given the government until Tuesday to revoke the new Computer Crime Bill.
The amended Computer Crime Act will criminalise the action of distributing online information deemed disruptive to “public safety” and “economic stability”. Critics say the terms are too vaguely defined and could be used to stifle dissent.
On Thursday, the group, whose Facebook page carries the title “Thai Netizens against Single Gateway: Thailand Internet Firewall”, leaked the personal data of at least 3,000 Thai police officers and exposed the identity card information of 3,000 government officials.
Sutee said what was painful to him was the fact that the latest attacks were done by a group of “amateur hackers using techniques that are not complex at all”.
However, he viewed this as a good opportunity for the government to improve its computer systems with a focus on cybersecurity.
Another cybersecurity expert said the latest series of hacking attacks appeared to be an attempt to destabilise the government.
“Their main targets are websites of the military and the Prime Minister’s Office,” said the expert, who declined to be identified.
The expert said the latest hacking attacks pointed to Thailand’s need for a new agency that specifically dealt with cybersecurity matters. He said such an agency should have a status comparable to the National Security Council and should not come under the new Ministry of Digital Economy and Society.
Meanwhile, the group Free Internet Society of Thailand (FIST), which is campaigning against the amended Computer Crime Act, has denied being involvement with the ongoing online attacks on government websites.
Vikran Janyaporn, a member of FIST, said his group was holding a signature campaign and peaceful protests and had not resorted to hacking to air discontent against the new legislation.