Lessons From Akshardham for Cyber Space Security

.

 

The International  Anti Terrorism Forces have once again been shaken up from their complacency after the Bali terrorists attack. We in India which has been a witness to Akshardham attack recently can see that  there is a pattern to the two attacks which  could lead to some thoughts that are relevant to Cyber Space Security.

Both the Bali Club and Akshardham were "Soft Targets" for the terrorists. Both targets  were far removed from any policies affecting the Terrorist's professed cause unlike a BSF picket in Srinagar or the White House. The victims were also not in anyway concerned with the issues for which the terrorist outfits are fighting. But still, the attacks succeeded in creating a panic amongst public and it will take several years for public to get out of the fear psychosis they have been driven to.

There is no doubt that Bali will perhaps be erased from the tourist map of many countries and Indonesia needs to rework their tourist economics. Similarly, temples in India need to look at "Frisking" and "Installing Metal Detectors" to screen the devotees. Imagine the aberration when the pilgrims chanting "Govinda, Govinda" in Tirupati are stopped and subjected to frisking. Many will consider this a loss of sanctity of the temple and reduce their visits. Sociologists need to study the possible impact of such change of perceptions and whether this will add fuel to fire.

In fact ,it is difficult to say if the same effect could have been achieved if an army barrack had been attacked. We must therefore admit that the terrorists have succeeded in their objective of "Dividing the Society" through these attacks.

Despite recognizing the disastrous impact of such attacks, the tragedy is that the Government or the law enforcement Authorities cannot ensure that such acts would not be repeated. The world is so big that, there will be many more soft targets available to a determined terrorist particularly if he is from a suicide squad.

In finding a solution to terrorism, we therefore need to look at such steps that make the attacks difficult and less productive for the terrorist so that in course of time the motivation for such attacks die down.

These principles are universal principles that apply even to Cyber Space Security. In Cyber Space, the terrorist attacks take the shape of " Un authorised Access" to Information Space and theft, manipulation  or destruction of information. Just as in the case of Meta Society terrorism, attacks on soft targets are more effective than the attacks on defense establishments, Cyber terrorists will consider it a better strategy to attack soft targets and create a feeling that Cyber Space Activity is unsafe and unfit for commerce.

This can be done by an intelligent attack on bazee.com or nse-india.com rather than on the Ministry of Defense website. Attacks on Infy.com or wiprotechnologies.com, or cherrysoft.co.in may unnerve the vibrant IT industry to the extent that the confidence on these companies enjoy with their customers will be eroded.

The first step to find a defense against Cyber Terrorism is therefore to reduce the presence of soft targets and make it difficult and less productive for terrorists to conduct successful soft target attacks.

This should start with  instilling a minimum security awareness amongst the people concerned.

It must be noted that after the Akshardham attack, many temples and hospitals who consider themselves to be soft targets for terrorist attacks have shown an inclination to go for insurance cover for their customers in some form. If these non commercial organizations can think of such insurance coverage, there is no reason why Corporate networks do not cover themselves and the users through an insurance programme that provides some protection against terrorist attacks.

If such insurance programmes have to succeed, then there has to be some process by which the security measures taken by a Company are certified. Also, in order to indemnify the insurance companies, the security measures should also be "Cyber Law Compliant".

A "Techno Legal Security Compliance Audit is therefore a pre-requisite to development of an Insurance Plan".

Such an audit should help the companies develop a "Cyber Space Security Policy" which eventually should aggregate to  cover the 20 million Netizens supporting over Rs 7500 crores of E-Business per year.

To make such an effort effective, IT Companies who have a large stake in Information Assets of the Country have to come together along with like minded individuals to form a consortium that can pool all available resources and provide leadership for an effective anti-cyber terrorism action plan.

naavi.org invites the suggestions of public in this regard and wants to identify people who can assist in the process.

Naavi

October 15, 2002

Related Article:

National Security Policy for US-A report (PDF Document)

 

Your Views can be sent here



For Structured Online Courses in Cyber laws, Visit Cyber Law College.com

.

Back To Naavi.org