Protecting the Web
(Daily News Editorial)
Just 25 years ago, the Internet did not exist, at least not in the form we now use it. It used to be a mainly military application until English computer scientist Tim Berners Lee (pic) invented the World Wide Web. Today, we virtually cannot live without the World Wide Web. We are on the Internet practically 24/7 through our laptops and smartphones.
The Internet has truly changed the way we live and work. We can share a document with someone on the other side of the world and then video call him for free as long as we like. We can share our social life on Facebook, post interesting pictures on Instagram and vent our feelings on Twitter. Millions and millions of computers are connected via the Internet, but this is only the start. The Internet of Things (IOT) will see up to 50 billion devices connected by 2025, but this time your refrigerator will be able to “talk” to your microwave via the Web. There is no limit to where the Internet will take us.
But this very connectivity means that computers around the world are vulnerable to attacks that can spread easily and cripple daily activities that are highly dependent on computerized systems. The most recent example was the worldwide “wanna cry” ransomware attack that affected computer networks in more than 150 countries including Sri Lanka.
The infected software appeared to be launching a large-scale ransomware campaign against dozens of organisations, including hospitals and telecom companies. Ransomware breaks into a system and locks users out by encrypting all of their files. That data is then held as “ransom” until the hacker’s demands are met. The disruption to day-to-day life was immediate, as computer systems in many organisations including hospitals and airlines gave in. This is easily the biggest cyber security attack in recent memory and unfortunately, may not be the last as hackers are getting more sophisticated each time. Ransomware, which can also target smartphones, continues to be a growth business, and a bit of work can provide a serious return. The FBI has estimated that ransomware payments topped $1 billion in 2016. Apart from ransomware, hackers have succeeded in attacks aimed at elections in several countries including the US and France.
Sri Lanka must guard against all types of attacks on the country’s computer systems. This is indeed why a security audit will be conducted on all Government Websites following the global ‘ransomware’ attacks, according to the Information and Communication Technologies Agency (ICTA). It has already called for Expressions of Interest (EOI) for this project which would be launched by ICTA with the collaboration of the Sri Lanka Computer Emergency Readiness Team and Co-ordination Centre (CERT/CC) and the Ministry of Telecommunication and Digital Infrastructure.
The aim of the project is to conduct vulnerability assessments and accessibility tests for all websites of Government organisations. It was not so long that a 17-year-old boy managed to hack into the President’s website. (He was pardoned later). International hackers have far more resources at their command. Thus the ICTA intends to conduct audits on approximately 120 websites which includes those of Ministries and Departments. An initial assessment of the Government websites would be carried out to identify the possible security issues and to advise the respective organizations on fixing the identified security issues.
The private sector too should take a cue from this initiative and implement a cyber security drive of their own as most organisations are now 100 per cent dependent on computer systems for their day-to-day operations. Individual users of computers and smartphones must also take steps such as installing virus guard software to ward off potential cyber security attacks.
Attempts are being made around the world to defend computer systems against attacks. Senior cyber security and mobility experts from across the globe will gather in Dubai this week to discuss about the latest developments in the IT security arena and explain how business strategies need to be evolved to effectively fight against increasing cyber attacks. Intelligence, vigilance and international cooperation are vital to defeat the designs of hackers and cyber attackers.
We could also try to reduce our dependence on computers where possible. Some governments have asked their top civil servants to use old-fashioned typewriters or even use handwriting for top secret documents. We can also try writing a real physical letter once in a while instead of always sending emails. Instead of living on Facebook, why not interact with friends in real life? Indeed, our virtual social lives have almost obliterated real social interactions. Being a little less connected on the Net may enrich our lives in other ways.
But the Web is here to stay and we cannot untangle ourselves from it totally. It is mostly a force for good, though there is undeniably a dark side to it as well. It is therefore vital that the world should try to protect the World Wide Web from those dark forces wishing to destroy this very fabric that binds us in the digital age. Governments and corporations must come together in this pivotal exercise.