Improving Technical Security

Not a government-only duty: cybersecurity is a shared responsibility

‘The responsibility to ensure a secure and trusted cyber space is not to be left to governments only; it is an obligation to be filled by all stakeholders.’ This was the opening statement of the Minister of ICT, Republic of Indonesia at the Asia Internet Symposium Jakarta. The Indonesian government is currently deliberating the creation of a national cyber security agency, which is expected to be operational next year, and a national cyber security policy to bolster its cyber defence mechanisms.

Cybercrimes have affected Indonesia so much that in a statement, its defence minister warned that Indonesia was on the brink of a cyberwar.  Over the course of three years, there have been a staggering 36.6 million attacks on Internet networks. In monetary terms, the loss has been greater than Rp33.29 billion, a figure that is much higher than conventional bank robberies.  For much of 2013 and 2014, Indonesia has consistently ranked as one of the world’s top three sources of cyber-attacks. The Indonesia Security Incident Response Team on Internet Infrastructure (ID-SIRTII) reported a total number of 42 million intrusion stacks recorded during the first nine months of 2013, and 12,000 deface attempts on local websites during the same period.

AIS Jakarta was well-attended with over 180 participants on-site and over 50 around the world watching it live. This only attests to the importance of cybersecurity discussions and the corresponding interest from the community. Speakers from APNIC and Fortinet highlighted the importance of cross-country collaboration, and of utilising platforms such as national CERTs to enable the timely sharing of cyber security threats and vulnerability information. “By sharing information, we can be warned about likely attacks or specific problems coming ahead in our country.” Today’s cyber world is a sort of wild, wild west – a great paradox in that it can empower us to do good but can also be used to inflict harm. 

Internet Society’s Collaborative Security – an approach to tackling information security issues, was described and received attentive participation. Panellists from the National Defense University, ID-SIRTII, .id RegistryNational ISP Association and Ministry of ICT shared their views on:

  • The social impact of increased cyber attacks on Internet users
  • Incident reporting and rectification mechanisms that are in place, as well as required improvements to these
  • The cyber security prevention levels of the ISP industry and .id registry
  • An update on the government’s planned cybersecurity agency and details of their readiness index maintained by the Ministry
  • Requirements for technical capacity building and user awareness 
  • Present status of coordination, and gaps in ensuring strong collaboration among all stakeholders. 

Cybersecurity threats in and from Indonesia are real and costly. All concerned stakeholders including the government has stated that, ‘Indonesia must do more to counter this frightening situation’ – of course they ask and require more assistance from international and regional communities. Just as roads in Jakarta are full of traffic, the Indonesian Internet space is full of threats, intrusions and attacks – jamming the confidence, trust and socio-economic opportunities brought to us by Internet.

We need to act and act right now!