Security
begins with YOU!
Interview by Sabaina Bukhari & Syed Asim Ali
An enlightening
tête-à-tête with the energetic Qazi Ahmed of PakCERT
Computer
and network security has been a problem in Pakistan for the last couple
of years. Hackers, both inside Pakistan and elsewhere, are slashing
away at easy, vulnerable targets. Ranging from the intelligent, diligent,
and knowledgeable intruder, to the bored, having-nothing-better-to-do
script kiddy; they all pose an obvious threat to your network.
The
PakCERT Coordination Center (PakCERT/CC) is dedicated to provide you
the latest security alerts and advisories to help you build a secure
network. PakCERT is a member of Asia Pacific Security Incident Response
Coordination Working Group (APSIRC-WG).
Qazi
Ahmed is the President, Director, of PakCERT. We talked to him about
the various aspects of PakCERT's operation, and goals. He gave us an
insight into the network security arena here in Pakistan. Here are the
excerpts from our discussion with him.
@internet:
Why PakCERT? How did the idea originate?
Qazi:
Internet crimes are on the rise all over the world as different breed
of hackers and making regular runs against all types of Internet communities.
It could be a normal PC connected to the Internet just to check e-mail
or surf the Internet, a corporate server dealing in online transactions,
an ISP access, a mail server, or a government-owned computer system;
there is no exception. Internet security has been as issue of major
concern for quite sometime now, as hackers are now targeting government
and corporate services to steal information and render machines and
servers incapacitated. The hackers, whether intelligent of mere script
kiddies, just want to put "I 0wn j00" (I own you) on your
web site; chalking up one more web site defacement to their name.
Incident
response and security teams continue to form around the globe. But we
never had any Emergency Response Team in our country to create awareness
among the local community about the ins and outs of computer security.
Security has been my passion for years and I always wanted to do something
in the field of security for the country. There are many CERTs around
the world like SingCERT (Singapore), AusCERT (Australia), JPCERT (Japan),
HKCERT (HongKong, China) etc. but there was no CERT for Pakistan. So
I decided to take this step and formed PakCERT.
@internet:
What is APSIRC?
Qazi:
PakCERT is currently a member of the Asia Pacific Security Incident
Response Coordination (APSIRC), a working group of the Asia Pacific
Network Group. APSIRC is a team of all Computer Emergency Response Teams
working the Asia Pacific region. APSIRC-WG arranges meetings and seminars
and coordinates with other APSIRC members regarding security related
issues.
@internet:
In your opinion, why is a CERT needed?
Qazi:
Computer security is the need of today's world. Everything is going
online. Being online could be a fortune and also your worst nightmare.
Not many people have the idea of computer security and not everyone
can put a lot of time reading books or researching security vulnerabilities.
Different countries have different type of computer communities. Some
are very mature about security and some are not. Hence, there needs
to be a centralized place for every country where the specific community
can find the latest security information which it can easily understand
and implement. CERT is the solution. Every CERT, responsible for its
country, works according to its community.
@internet:
Any problem you faced in the formation of such an organization?
Qazi:
Well, I faced a lot of problems during the formation of PakCERT. Not
many have the idea of CERTs and security services. The main thing is
that our people don't know much about security and thus they are not
serious about it. Those who have a small idea are not updated, and are
not ready to accept a change. So getting people realize the need, and
understand the importance of the establishment of such an organization
was the first major challenge.
@internet:
What are the objectives of PakCERT?
Qazi:
Among our goals is the promotion of cooperation amongst IT constituents
in Pakistan for the effective prevention, detection, and recovery from
computer security incidents. PakCERT provides a means for the dispensing
of alert and advisory information on potential threats and emerging
security breach situations.
@internet:
What sort of customers do you have?
Qazi:
At the moment, we have customers ranging from ISPs, hosting companies,
government organizations, e-commerce portals, private companies, and
hospitals.
@internet:
For many of us, computer security is still considered an alien phenomenon.
Talk about security and you will hear a dozen firewall names, encryption
techniques, and blah, blah. No, it's not just like that. How can you
stop an intruder cracking into your web site even if you have a firewall
installed on the server with only one port open, which is using Secure
Socket Layer (SSL) to provide the web services? If you are running a
vulnerable web server, then an intruder needs nothing but a piece of
code to exploit the web server itself! Once your server is compromised,
the intruder can use the SSL to transfer data on his/her computer so
that no one can see the intruder's activity. The thing to understand
here is that computer security is not a tool or software which you can
download or install and feel safe.
Qazi:
Many of the system administrators, especially ones here in Pakistan,
don't care much about security. They think security is about taking
backups and restoring data after the intrusion. People have a lax attitude
towards the concept of security because they have little or no knowledge
about it, and sorry to say, many of them portray computer security as
a "mission impossible" because they feel insecure about their
jobs! No, I am not satisfied with the security trends here.
@internet:
What is Ethical Hacking? What are the PakCERT Ethical Hacking Services
about?
Qazi:
To learn about Ethical Hacking, you first have to know the real meaning
of 'hacker' and 'hacking'. The media loves to call every other intruder,
crack, or script kiddy a hacker. Hacking is not about getting into systems
or sabotage. Traditionally, the term 'hacker' means one who tinkers
with unfamiliar systems in an effort to gain insight or to re-engineer
it for the better. A 'Cracker,' on the other hand, refers to those malicious
hackers who break into systems for fun or profit. According to hackers,
the code of hacker ethics prohibits any profit from their activities.
In fact, their motive for such practices is the activity itself. Hence,
they divide themselves into "white-hat" hackers (ethical hackers)
and "black-hat" hackers (crackers).
PakCERT
Ethical Hacking Services were introduced to provide anyone the means
to protect their valuable information assets by giving organizations
and individuals direct access to hackers and other IT professionals
not usually available for hire. We protect the information assets of
our clients through the use of education, technology and experience,
while maintaining the strictest levels of confidentiality in the industry.
Armed with the latest exploit codes and techniques the underground is
using for years to compromise your networks, we use the same techniques
to harden your network from such intruder attacks.
@internet:
What are your future plans for your organization?
Qazi:
Looking at the local community, we have realized that we need to start
teaching people about security from scratch. People are still impressed
by the kids who use trojans to enter and take control of your computer,
or script kiddies defacing web sites. We have conducted some seminars
to create awareness about computer security and are planning a series
of seminars in different sectors. Any company, institute or university
interested can contact us and we will arrange one for them.
