Pit security 'networks' against cyberattackers
SINGAPORE--Cybersecurity responses to attacks from malicious networks must involve multiple stakeholders and have the support of the right legal frameworks, according to government officials.
Sharing some lessons learnt from a widely publicized wave of cyberattacks on Estonia in May 2007 during a keynote here Tuesday at the Regional Collaboration in Cyber Security Conference, the country's defense minister noted that the attacks were initiated by a syndicate of hackers and warranted a network-like response.
"Every country, every nation is vulnerable [to cyberattacks] taking into account that every country has a footprint in cyberspace today. In principle, you can unplug the Internet [but] the consequences of closing down the virtual realm can be much bigger than the cyberthreats [themselves]," Jaak Aaviksoo said.
In Estonia's case, the denial-of-service attacks in 2007 impacted numerous public services including government and banking services. Every third person in the Baltic nation was affected, according to Aaviksoo. But more than that, people perceived the attacks to be a great problem and "what's important is what's created in the minds of people", he pointed out.
To better shore up defenses, countries need to put in place a "flat" national cyberdefense system that involves different government agencies as well as the private sector, which has ownership of critical information infrastructure, he said.
A considerable level of trust needs to be established among the different parties for such collaboration to be successful, he noted
Global collaboration needed also
In addition, international cooperation is crucial, said Aaviksoo, who in his capacity was involved in response efforts during the 2007 incident.
Estonia, he said, received the help of experts from the North Atlantic Treaty Organization and other European Union states during the second and third wave of attacks in 2007. These specialists in turn benefited from partnering their Estonian counterparts to address such a large-scale attack.
He noted that greater international cooperation is also important particularly in the formulation of legal frameworks to support the handling of cyberattacks.
"Analyzing both the attacks as well as the defensive measures, we very clearly understood that legal instruments for efficient action were not in place, neither national nor international," said Aaviksoo. "The lack of legal instruments is a serious obstacle for efficient defense, taking into account the probability of causing third-party damage on an international level, for instance, when you shut down a certain communication channel."
The establishment of a legal framework is also necessary for countries in planning defenses as well as counteraction, he pointed out.
In addition, Internet users must recognize the role they play in preventing cyberattacks, added Aaviksoo.
While it may not be necessary to impose laws such as that for firearms, where a user can be prosecuted when a weapon under his care is used inappropriately, individuals need to understand the potential threats to computers they own.
"I don't think we can move to a safer cyberspace unless we increase cybersecurity awareness among all computer users in the world," he said.
Singapore's head of civil service, Peter Ho, in his address at the conference Tuesday, also urged for a more coordinated approach to tackle cyberthreats.
Cybersecurity, he noted, gives rise to an "asymmetrical situation" as the defenders have to deploy far more resources than attackers to plug the security hole. On top of that, hackers are also joining forces to create more sophisticated malware.
Collaboration is therefore even more crucial for defense agents to have a fighting chance. "It takes a network to defend against a network," Ho said.