Republic of Indonesia. ARF Defense Officials Dialogue Seoul, April 2009

Transcription

1 Republic of Indonesia ARF Defense Officials Dialogue Seoul, April 2009

2 THE GROWTH OF INFORMATION TECHNOLOGY AS WELL AS INTERNET HAS BROUGHT US BOTH POSITIVE AND NEGATIVE IMPACT. ONE OF THE NEGATIVE IMPACTS IS THE USAGE OF INTERNET FOR ACHIEVING TERRORIST GROUPS GOALS. IN MANY CASES, TERRORIST GROUPS ARE AHEAD OF GOVERNMENTS IN USING THIS TECHNOLOGY TO FURTHER THEIR ACTIVITIES. TERRORISTS IN INDONESIA IN FACT HAVE USED IT AS THEIR TOOLS AS WELL AS COMMUNICATION MEDIA TO SUPPORT THEIR TERROR ACTIVITIES AND ACHIEVE THEIR CERTAIN GOALS. WE CLASSIFIED IT AS CYBER TERRORISM.

3 The use of the Internet for terrorist purposes, such as: (a) attacks via internet that cause damage not only to essential electronic communication systems and the IT infrastructure but also to other infrastructures, systems, and legal interests, including human life public utility damage (b) Propaganda, including threatening with terrorist attacks; inciting, advertising, and glorifying terrorism; fundraising for and financing of terrorism; recruiting for terrorism; and dissemination of racist and xenophobic material; as well as (c) other logistical uses of IT systems by terrorist, such as internal communication, information acquisition, and target analysis

4 CYBER TERRORISM IS A PREMEDITATED, POLITICALLY MOTIVATED ACT AGAINST INFORMATION, COMPUTER SYSTEMS, AND DATA WHICH RESULT IN VIOLENCE AGAINST NONCOMBATANT TARGETS BY SUB NATIONAL GROUPS OR CLANDESTINE AGENTS (POLLITS, 2002). IN INDONESIA, WE DEFINE CYBER TERRORISM AS: ANY TERRORISM ACTS USING INFORMATION TECHNOLOGY AND COMMUNICATION SPECIALLY INTERNET AS A TOOL TO CONDUCT FUND RAISING, COLLECT INFORMATION, CAMPAIGN ANY RADICAL AGENDA THAT ARE CAUSING FEAR AS WELL AS TO EXECUTE ANY TERRORIST ATTACKS.

5 THE ESSENCE OF TERRORISM IS TO INFLICT RADICAL GOALS OR ACT TO THREATEN OR TO HARASS, CAUSING FEAR, TARGETING INNOCENT PEOPLE AND HAS PARTICULAR TARGETS, USUALLY POLITICAL AGENDA. FOURWAVES OF MODERN TERRORISM: ANARCHIST/REVOLUTIONARY TERRORISM ANTI COLONIAL; NATIONALIST TERRORISM NEWLEFT (IDEOLOGICAL) TERRORISM RADICAL RELIGIOUS TERRORISM IN INDONESIA, MOST TERRORISTS ARE MOTIVATED BY RELIGIOUS RADICALISM SO

6 CREATING WEBSITE/BLOG COMMUNICATION VIA OR CHATTING DISCUSSION VIA CHAT ROOM E TRANSACTION (E-COMMERCE/E-BANKING) USING SEARCHING MACHINE TO COLLECT DATA OR FINDING INFORMATION PHISHING/HACKING MANY OTHER TYPES SUCH AS VIRUSES, WORM, TROJAN, ROOTKIT, MALICIOUS CODE, AND DDOS ATTACK.

7 MEDIA COMMUNICATION NETWORKING WITHIN GROUPS CAMPAIGN AND PROPAGANDA MEMBERS RECRUITMENT FUND RAISING COLLECT INFORMATION AND LEARNING MEDIA EXECUTING ANY ATTACK IN CYBER SPACE

8 Indonesian Penal Code (KUHP) => 335 & 336 Law No.15 Year 2003 on Combatting Terrorism ( Law of Terrorism ) President Regulation No.7 Year 2005 concerning Mid Term National Development Plan for year (RPJM) particularly in Attachment Chapter VI concerning Terrorism,

9 Law No.36 Year 1999 concerning Telecommunication => 38 jo 55 Law No.11 Year 2008 concerning Electronic Information and Transaction ( Law of EIT ) Ministerial Decree No.166/Kep/M.Kominfo/11/2006 concerning Indonesia Security Incident Responses Team On Internet Infrastructure (ID-SIRTII) <=> ID-CERT

10 Law No. 3/2002 on National Defense Article 7 paragraph 3 Law No. 34/2004 on Indonesian Armed Forces Article 7 paragraph 2b

11 Standards, guidelines, and procedures are established in each military service branch : Developing an organization that has a capability in ICT including network and information security Interdepartmental coordination to cope with cyber attack issue (Department of Information and Communication, ID-SIRTII)

12 Prevention Internal: security audits, digital forensic, security architectures and policies, access control management, security education in general, awareness education and training, and information security management practices A robust and secure physical infrastructure; External: Firewall/antivirus, authentication proxies, intrusion detection system, VPN, encryption, hardened and patched system

13 Offensive is done by tracing the attacker Investigation and research Scanning and sniffing Taking control Setting up backdoors Covering the tracks

14 Anti-terror units to cooperate with cybercrime/terrorism unit Indonesian Army: Dansat 81 of the Kopassus (Special Force) Indonesian Navy: Detasemen Jalamangkara (Denjaka) Indonesian Air Force: Denbravo Paskhas (Unique Force) Indonesian National Police: Densus 88 December 2008: Joint Exercise Indonesian Armed Forces and the National Police Waspada Nusa

15

16 Constraints: Various national regulation needs to be synchronized; Costly technological updates Needs for further human resources development Possible Cooperation ideas: capacity building, training, exchange of officers, and transfer of knowledge

17 THE INTERNET WILL FACILITATE THE ABILITY OF TERRORIST ORGANIZATIONS TO COMMUNICATE AMONG THEIR CELLS, RECRUIT NEW MEMBERS, ADVOCATE THEIR VIEWS WITH PROPAGANDA, GATHER INTELLIGENCE OR LAUNCH DEVASTATING ATTACKS ON AN UNPROTECTED CRITICAL INFRASTRUCTURE. NATIONS NEED TO BE AWARE OF AND BE PREPARED TO RESPOND TO TERRORISM ON THE INTERNET. FROM WEBSITE INTENSIVE INVESTIGATION, WE WILL FIND OUT THE PARTIES WHO ACTIVELY INVOLVED IN BILATERAL, REGIONAL, AND INTERNATIONAL COOPERATION IN COUNTERING TERRORISM IS NECESSARY