INDONESIA S PERSPECTIVE ON CYBER TERRORISM
CYBER TERRORISM No generally acceptable definition Cyber terrorism is one form of terrorism that use computer resources to launch terror attacks on critical infrastructures that could cause widespread destructive impacts such as serious economic, social, political disturbances, chaos, and damages on the targeted area either driven by political objectives or economic motivation. Cyber Terrorism is part of the Cyber Crime Effective measures on addressing the Cyber Crime contributes to counter cyber terrorism Response may be different duet to different experience, level of development including the mastery, use, application and reliance on information technology, level of awareness on 2
Characteristics 1 2 2 3 4 Relatively less costly Could be carried out by an invidual. Low risks, difficult to trace or localize the suspect No time and place boundaries. Attacks could take place at any time and any where. The magnitude of the impact could be very large 3
CRITICAL INFRA STRUCTURE Electricity, Gas, Water & Fuel. Communication and information, finance, medical services Aviation, railways, seaports. Police services, defense forces and government services 4
IMAM SAMUDRA IS A COMPLETE TERRORIST Website creator, Hacker, Carder, Robber, Bomb creator!!! sangpria@yahoo.co.nz gulajawa333@yahoo.com piring@yahoo.com.tw priaidaman@yahoo.co.nz freddymd@yahoo.com Chating log Imam Chating.txt Card number Imam Card.txtt 5
Cyber Crime 2003-2004 NO MODUS OPERANDI 2003 2004 KET 01 CREDIT CARD FRAUD 145 177 02 STOCK EXCHANGE FRAUD 1 2 03 BANKING FRAUD 3 5 HIT AND RUN 04 PORNOGRAPHY 2 4 05 TERRORISM & THREAT 0 3 EMAIL 06 ARMS SMUGGLING 1 0 07 Harrashment 1 1 Email * GRAND TOTAL 153 192 6
Restructuring established a special division on cyber crime. Enhancing resources (means and facilities). Strengthening Human Resources Basic Training on computer and internet Educational programme on Cyber Crime intellegence Education and Training Center in Megamendung. Workshop/ training and comparative study such as in US, UK, Australia, Czech, Japan, Korea, Hong Kong, Singapore, Malaysia, Bangkok dll Seminars both national and international/regional Strengthening Cooperation with: Related departments/institutions: Dept. Info and com., Post and Tel, Dept Legal and HR., etc. KerjasamadenganKepolisiannegaralain : FBI, Aseanapol, AFP, Scotland yard, NPA, Korea, Hong Kong, New Zealand. Establishment of Id-CERT (Indonesian Computer Emergency Response Team) or Indonesian Security Incident Response Team on Information Infrastructure ID SIIRTI 7
VISION ID-SIRTII Promote favorable environment that is free from threats and disturbances in internet infrastructure internet in Indonesia, and thus enhance the use of internet as a means for strengthening the national competitiveness. MISSION ID-SIRTII Promote and strengthen the security of internet infrastucture networks in Indonesia from threats and disturbances; Promote and facilitate secure and legal internet transactions in Indonesia; Support law enforcement in the field of internet sesurity in Indonesia; Enhance cooperation with strategic partners at the national and international level in countering threats and disturbances of internet infrastructure. 8
Scope OF RESPONSIBILITIES Monitor and early detect on disturbances in internet in Indonesia; Keep internet transaction evidences in Secure Data Center; Support the provision of Digital Forensic and Digital Evident for law enforcement process; Carry out information services (Contact Center) based on report of internet infrastructure security disturbances (24 hours/7 days a week) from society; Provide services such as Lab Simulation, Training, Consultation and awareness building. 9
Organizational Structure DIR GEN POSTEL Steering Committee Expertise Operational Law and regulations Implementors Administration and Finance Coordinator Team Network Monitoring Secure Data Center Digital Forensic contact Center Training, Sosialisation & Lab Simulation 10
TIME TABLE Planning Implementation 1 st Year - 2006 2 nd Year - 2007 3 rd Year - 2008 11
Implementation 1 st Year Network Monitoring Monitor traffic in Internet Exchange point in Jakarta Provide services for addressing disturbances in internet Secure Data Center 10 server shelves (capacity 10 Terabyte), connected to Internet Exchange point and international Digital Forensic Contact Center Sosialisation, Training & Lab Simulation Lokation In house forensic lab 5 days a week (8 working hours a day) E-mail warning alert.. 12
Implementation period 2 nd Year Network Monitoring Secure Data Center Digital Forensic Contact Center Sosialisation, Training & Lab Simulation Monitor traffic of all Internet Exchange Point and ISP in Jakarta connected with Internet Exchange Point Provide services for addressing disturbances in internet network 25 server shelves (capacity 25 terabyte) Redundant link to Internet Exchange Point and international In house forensic lab and mobile forensic lab. contact center, serving 24 hours a day, 7 days a week E-mail warning alert Training on basic network security Lab simulation on the aplication and operational system 13
Implementation Period 3 rd Year Network Monitoring Secure Data Center Monitor traffic of all Internet Exchange Point and all ISP Back up equipment and setting Provide services for addressing disturbances in internet network 50 server shelves (50 terabyte), redundant link to Internet Exchange Point and international, back up equipment (DRC) Digital Forensic Contact Center In house forensic lab and mobile forensic lab contact center, serving 24 hour s a day, 7 days a week Sosialisation, Training & Lab Simulation Lab simulation, application, operational system & network E-mail warning alert Training for basic network security & advance 14
Thank you 15