Cyber attacks can paralyse nation: Security expert

KUALA LUMPUR: Cyber attacks can paralyse the whole nation if necessary counter-measures are not taken, according to an expert.
Tokyo-based Security Research Vice President of Trend Micro, Rik (rpt Rik) Ferguson said the traffic system, electricity, water system and even airports were all at great risk when it comes to this kind of attacks.
"Anything that is connected to the network is vulnerable to attack but whether the vulnerabilities exist remains a question mark," he told Bernama when met at an event here recently.
Ferguson pointed this out when he was asked to comment on a recent video by a group dubbed as 'Anonymous' posted on Youtube who had threatened to launch 'all out warfare' against the government by attacking governmental web portals in a move seen as to tople the democratically elected government.
With cyber attacks increasing in frequency and intensity, the government as well as organisations need to accept the fact that they would not be able to keep threats out forever, he said.
Thus, Ferguson said, the best treatment to any cyber attack was to store every data on the network securely.
"If the warning has been given it would be dangerous not to launch preventive measures. As such, it is crucial that any data is stored securely and encrypted," he said.
Ferguson, who is a former hacker himself, said could be done by investing in an encryption solution that helps encrypt the data.
"They also need to make investment in content delivery network (the Internet content) such as 'Cloudflare' that helps to block threats, mitigating spam and other attacks," he said.
Ferguson also stressed on the importance of analysing and handling the threat posed by the hackers through Distributed Denial of Service Attack (DDoS) that aims to make a server resource unavailable to users by temporarily interrupting the services of a host connected to the Internet.
"Make sure that you have the bandwith available, look at past DDoS attack out there apart from taking an average work out on what kind of threat you feel you'll be facing," he added.
On a different note, Ferguson advised that the government or organisations to implement the system called ISO/IEC 27001 by the International Organisation for Standardisation (ISO).
"By doing this, it will help your organisation manage the security of assets such as financial information, intellectual property, employee details and information entrusted to you by third parties.
He said it also provides a management framework for assessing and treating risks, whether cyber-oriented or otherwise, that can damage business, governments, and even the fabric of a country's national infrastructure. – Bernama