KSA tackles cybercrime

The Saudi Arabian government recently drafted tough new laws targeting electronic crimes; GITEX Preview’s Eliot Beer spoke to Dr Abdulrahman Al-Shenaifi, senior advisor on IT and security to the Saudi Interior Ministry about the new measures taken and explored the current risk environment in the Middle East.

  • E-Mail
By  Eliot Beer Published  April 9, 2007

|~|shenaifi1ksa200.gif|~|Dr Abdulrahman Al-Shenaifi, senior advisor on IT and security to the Saudi Interior Ministry.|~|The Saudi Arabian government recently drafted tough new laws targeting electronic crimes; GITEX Preview’s Eliot Beer spoke to Dr Abdulrahman Al-Shenaifi, senior advisor on IT and security to the Saudi Interior Ministry about the new measures taken and explored the current risk environment in the Middle East. GITEX PREVIEW: Looking at the cybercrime laws, what are you involved in at the moment in Saudi Arabia - what is your main focus with the laws? DR ABDULRAHMAN AL SHENAIFI: The cybercrime unit is part of the security organisation - the public security section of the Ministry of the Interior of Saudi Arabia - within the investigations unit. I’m in charge of building this unit to fit in with the direction of the MoI (Ministry of the Interior), and we will be closing the RFP in a few weeks; it’s the newest addition to the public security system for fighting crimes. It’s going to be very challenging work - we will be establishing our forensic labs, we will be training our staff to manage this technology, and also training investigative officers in cybercrime. In the end, we’d like to create what I call cyber-cops - to fight cyber-crooks. This unit is going to be built on advanced technology, with a vision put forward to really achieve the highest mode of fighting crimes in cyberspace. We will create a data centre specially to host the system, and to support the unit’s efforts in fighting crimes. GP: Is this the project that you’re working on alongside HP ProCurve? AS: We are adopting ProCurve networking technologies in our organisation. We found that the ProCurve integrated solution fits our vision very well, in addition to its security and reliability properties. And I found the staff of ProCurve to be very forthcoming - they like to assist in every way they can, and also to enhance our credibility as an organisation. They also like to work as a partner, combining our vision with their technologies, so that we could adopt a progressive mode in adopting a lot of different technologies. They add a touch of humanity to technology.||**||External threats|~||~||~|GP: One of the problems with cybercrime is much of it tends to occur outside of the target country - how will you be liasing with other police organisations? AS: The world is fighting cross-border crimes through Interpol, the international police organisation. In cybercrime - borders do not exist, but with the help of a lot of friendly countries, Interpol can coordinate their activities to fight a lot of such crimes. Of course, we will look forward to seeking a lot of assistance from advanced countries in the East and the West, to assist in fighting crime that does not happen on Saudi soil. And they will use our abilities to fight crime committed from within Saudi Arabia in another country. We have to coordinate, because this is the new theatre of war - there is information warfare going on. A lot of people can see this. GP: A lot of enterprises are becoming increasingly worried about security, but many of them still do not have dedicated IT security people. What advice would you give to enterprise network and IT managers on how they should tackle their security infrastructure at the moment? AS: My advice would be simple - stop buying stuff for coffee and tea, and start buying a lot of software and hardware to protect your organisation. Any organisation, which does not allocate enough resources to protect its vital assets -its information - deserves to be hacked, in my opinion. Because they should take care of their information, which is their asset, especially when looking at organisations that deal in research, laboratories, developing new products; they generate a lot of classified information that actually belongs to the organisation. They should create awareness programmes, they should hire a professional information security officer to draft an effective policy on how to handle information. They also need to involve top management with the issue - once they involve top management, they will get a lot more resources. Technical staff should raise the level of their concerns about securing their assets to the top. GP: Sometimes CEOs are not technical at all, and don’t see IT as relevant or important - is there any way to demonstrate the threat? AS: Do penetration testing, to show them how weak their systems are - bring the senior management in to see the reality they are facing, see their systems are not completely secure. We are not protecting a physical environment, with high walls and guards - we are protecting a system which is connected to the outside world, through networking and the internet and a lot of media. Show them their system is vulnerable. Awareness programmes are one way, but if they don’t work, break the system! Penetrate it, and tell them that’s the weak spot - that will attract their attention.||**||Friend or foe?|~|shenaifi3ksa200.gif|~|Al-Shenaifi: "Any organisation, which does not allocate enough resources to protect its vital assets - its information - deserves to be hacked, in my opinion."|~|GP: At the moment it is hard to hire security professionals in the region; what are you doing to promote training of security professionals in the Middle East? AS: We are concentrating on training our staff, in relation to managing our systems and securing our systems. The first step in securing your systems is securing your network, from inside and outside - that is why we are introducing new software from Sphere networks. This is already installed, and it is facilitating the job of the network managers to see the environment around the network. So any penetration that gives them an edge on detecting a threat before it gets into the system. Besides this, having a good staff that really knows what they’re doing in security. You also need vision and leadership - a lot of technical projects cannot be achieved, because they are lacking vision and leadership. If you have those, I think you will end up by having good and secure systems. You cannot assess security as ever being 100%, but what security means is you have barriers, just like a country having an army, an air force, a missile defence system, an intelligence system, a counter-insurgency system - just like that. But this is a different world, this is a world that you cannot see, going into the network environment. My network, or any network, can be used by my adversaries - I don’t know whether the guy using the network is a friendly neighbour, or a hacker sitting in a dark room. GP: In terms of getting leadership and technical vision, do you think that organisations in the Middle East should consider investing in specialists from abroad and actually make the move import someone who has had relevant experience in enterprise security into their company? AS: Of course, absolutely - if you don’t have the skills, bring in someone who has and have them train your staff. I know it’s very costly to bring in security experts, but you have to put the resources in. Then you need to have this knowledge transferred to your staff, and your staff can pick it up from that point. But you have to keep on training them, because the weapons are changing - if you can use a gun, the bad guy might have a missile. You should have a system that defends you. All the time the systems are changing, and you need to keep up-to-date with them, on the threats and the defence mechanisms. The market is full of weapons - information warfare weapons. But these are virtual weapons - you cannot actually see them, they are signals. There are surveillance weapons, weapons that can track, sniffing concepts, even physical weapons based on magnetic field concepts - EMP (electro-magnetic pulse) that are extremely dangerous, and could burn out every chip within an organisation. These are not in the hands of everybody, but because there are thousands of viruses and programmes on the internet - take one, and send it - that’s all you have to do. GP: A significant number of people in the Middle East don’t think security is something which affects them - that it’s only the US and Europe that are targeted; what would you say to that? AS: I think they are fooling themselves. They should see reality as it is - once you connect, you are not alone, whether you tap in in England, in America, in the Middle East, anywhere. Once you connect to an outside network, you are not safe - you need to put up barriers, protect your network inside and outside, and watch what’s going on. Create an environment to secure your system, your network, through professionalism and training - raise the level of awareness, in both technology and security. Everything can be open.||**||Cybercrime on the rise|~|isaac1symksa200.jpg|~|Kevin Isaac, regional director of Symantec MENA.|~|According to Symantec’s latest Internet Security Threat Report — a bi-annual survey that the security firm produces — the UAE is now ranked in the top 50 out of 180 countries for originating attacks of all types, at 46, the same placing it holds for countries targeted by denial-of-service (DoS) attacks. For bot-infected computers, the UAE is actually slightly worse, ranking 44th worldwide. No other Middle Eastern country comes near these statistics, with Saudi Arabia ranked at 61 for attacking country, Kuwait 65, Bahrain 76 and Qatar 78. The massive rise in bot networks was one of the more alarming findings of the Threat Report, with Symantec finding more than six million bot-infected computers worldwide during the second half of last year, up 29% from the previous period. Increased bandwidth and accessibility tends to go hand-in-hand with increased security problems, according to Kevin Isaac, regional director of Symantec MENA. “I think we are going to see a spike in Saudi Arabia in the next 12 months as we see DSL connections and broadband in the home increasing there,” he pointed out. ||**||

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code