Ensuring national cyber security

SO far, discussions on national security have not included cyber security. Unfortunately, we know very little about cyber warfare, although we entered the cyberspace in the early '90s in an unplanned way, and by ignoring most of the security options. Internet security doesn't mean installing antivirus software in a personal computer. It has a wider aspect that must be addressed at state level, as a part of national security.

The National ICT Policy, amended in 2009, didn't address the issue at all. No budget has been allocated for combating cyber attacks, and who is the authority dealing with the matter is still unclear.

One of the major reasons for overlooking cyber warfare in developing nations is that it is apparently non-destructive; it doesn't kill people or destroy establishments. But some experts say that the consequences of a cyber war in future would be the deadliest ever, and human casualty would be reported due to malicious programmes inserted into the computer systems of nuclear power plants, airports, underwater networks, etceteras.  

Literally, cyber warfare means politically motivated attack on information through the information systems. It runs or spreads from nation to nation. Cyber warfare disables official websites and networks, disrupts citizen services, plunders and distorts classified data, and hits financial transactions.

Conflicts between states would take place through cyber connections for attacking air, sea, land, and space stations. Sometimes these virtual attacks are associated with physical attacks on an establishment. Before the attack, terrorists or cyber warriors intrude into a system to find security loopholes to set the date and time of the attack.

Some western cyber security analysts don't want to include cyber espionage as a part of cyber war. But as Asians, we have to call it a part of cyber war because it shouldn't be less of a criminal act for technologically advanced nations to use cyber espionage.

American and Chinese companies are blaming each other for launching undeclared cyber war. Reportedly, cyber attacks from China were launched to steal sensitive information regarding patented products of American companies. Government agencies are also targeted in search of valuable information.  

Edward Snowden, former US National Security Agency contractor, turned the eyes of the world to the thousands of undisclosed classified documents. According to the leaked documents, US, like China, assigned IT firms as conduits for gathering secret information.

Stuxnet, a joint US-Israel project, reportedly destroyed Iran's nuclear power proliferation programme. It was an undeclared state-run digital attack.

US President Barack Obama said: “Cyber threat is one of the most serious economic and national security challenges we face as a nation.” The threat is looming over the US economy and national security. Cyber loopholes could invite the hi-tech curse to the public and private sectors.

In Bangladesh, websites of Rab, BTRC and several ministries have been attacked by hackers. In 2010, hackers had attacked 20 district websites under the Prime Minister's Office, which was maintained by Access to Information (A2I) project at the PM office.

Cyber war is not confined between two neighbouring countries and trans-border conflicts; an attack could be launched from another continent. It is frightening that cyber war could be the easiest way for carrying on sabotage rather than waging wars like cold war, chemical and biological war, war on terror, or jihadi attacks.   

Bangladesh amended its Information Technology & Communication Act, 2006, and subsequently the Parliament passed the Act as law on October 9, 2013. The amended Act deals with cyber crimes on the internet, such as pornography, uploading of caricatures of political leaders, destruction of information, character assassination, etc. But a strategy to combat cyber warfare with a strong policy is not included in the act.

The country should outline a policy on cyber war and allocate a budget for it. A cyber war combating lab should be built and led by the army in cooperation with the private sector. Local cyber security experts and gifted hackers who have the required skills should be recruited, and they should work at a state-run national cyber security lab.

The writer is Executive Director of Center for ICT Policy Research.
E-mail: sshuvra@gmail.com