Universities Band Together to Fight Internet Threats
Tangerang, Banten. In an era where information is becoming an increasingly important commodity and online breaches can prove catastrophic, some organizations are setting up computer emergency response teams to ensure their security.
Such teams, or CERTs, are responsible for securing Internet access, computer networks and information assets. They also respond to threats such as hacking attempts, phishing and malware.
Fourteen universities from around the country recently joined forces to create Academy CERT Indonesia, during a workshop at Swiss German University in Tangerang, Banten.
Academy CERT is chaired by Richardus Eko Indrajit, who also serves as the head of the Indonesian Security Incident Response Team on Internet Infrastructure (ID-SIRTII).
“Academy CERT Indonesia will be a communication forum for researchers and Internet and computer security experts to exchange knowledge and research findings on malware,” said Bambang Setiawan, a deputy director at Sepuluh Nopember Institute of Technology in Surabaya, one of the 14 universities participating in the program.
“The community’s long-term plan is to develop an online system to connect the various Academy CERT members,” Bambang said.
He said the need for universities to coordinate their online security and databases was especially urgent given that they accounted for much of the country’s Internet traffic.
IGN Mantra, deputy for operational and network security for the ID-SIRTII, said: “The aim is to protect research data and academic papers, as well as administrative records that a university may have online.”
He said that a secure information system was crucial during registration for new university students, when the risk of a hacking attempt or some other intrusion into the university’s database was at its highest.
“Data can be stolen or even manipulated, resulting in compromised results for admissions tests, for instance,” Mantra said, adding that this potential risk justified the establishment of a coordinated CERT.
“Universities and defense industries are a good starting point for trying out such a system.”
Charles Lim, head of information system services at Swiss German University, said without a CERT, a university would be unable to promptly deal with security breaches.
The latest such incident was an intrusion into the library database of Yogyakarta’s Gadjah Mada University on July 21, in which the hacker left a note advising the site administrator to improve its security.
As of Friday, the library database was offline for maintenance.
Lim said Academy CERT would also help support research on malware and boost the academic community’s capacity to counter such applications.
Bambang said a great deal of malware was actually concocted by university students. Thus, Academy CERT would be vital in stemming its spread.
Similar concepts to Academy CERT have already been implemented elsewhere, most notably in Japan, which has also successfully rolled out the concept for the business community.