SINGAPORE (Reuters) - South Korea said on Tuesday it was drawing up a cyber security master plan after a wave of hacking attacks against global agencies and companies but some other Asian governments appeared to have no blueprint for tackling the threat.
Indonesia, a rapidly growing G20 country, warned that hackers could cause serious damage to its institutions.
Internet industry bodies and security experts in Asia said the borderless nature of the internet called for a coordinated international policy response.
Recent cyber attacks on multinational firms and institutions, from Google and Citigroup to the International Monetary Fund, have raised fears that governments and the private sector are ill-prepared to beat off hackers.
The latest high-profile target was the U.S. Senate’s website, which was hacked over the weekend.
“Every day, not every month, but every day, we get 1.2 million hacker attacks in Indonesia, both from within the country and outside,” said Gatot Dewa Broto, Indonesia’s communication and information ministry spokesman.
“If we don’t improve (our capabilities) we could face a possible public and commercial institutional collapse.”
In Seoul, capital of the world’s most wired country, a large government task force is working on tactics to address threats, and officials said on Tuesday they would allocate extra cash and manpower to toughen protection of national economic and industrial installations.
South Korea, still technically at war with North Korea, is vulnerable due to its high Internet penetration and as the likely target of its reclusive rival, officials said.
“Ensuring cyber security is no longer a matter of choice but is an issue of top priority that impacts national security,” an official at the nation’s communications watchdog said. The official asked for anonymity because he was not authorized to speak to the media.
Earlier this month, Internet giant Google pointed the finger at Chinese hackers for an attempt to access the Gmail accounts of assorted rights activists, officials and others.
China’s government has denied involvement, and said it too is a victim of international hacking.
“China has also many times reiterated that we are willing to open up exchanges and cooperation with the international community about Internet security,” Foreign Ministry spokesman Hong Lei said on Tuesday.
Entertainment giant Sony suffered serious damage to its reputation after hackers accessed the details of millions of PlayStation users, while Lockheed Martin and Citi also reported attempts to steal data.
A national government was the most likely culprit in the attack on the IMF, experts say, given the complexity of the assault and its targeting of the organization’s secrets.
In the Philippines, efforts to legislate against cyber threats have foundered because of a lack of urgency, said Trish Abejo, chief of staff of the head of the government’s Commission on Information and Communications Technology.
“We have very limited laws so we’re pushing for an anti-cyber crime bill in Congress (parliament), but it has been sleeping there and not given priority because it sounds very technical,” Abejo said.
The perception that security of information is a technical problem, rather than an operational or strategic one, has until recently meant the issue has not been a government or corporate priority.
“What that means is the chief executive level is not getting visibility of the real problem and they are the people who own the risk,” said Tim Scully, head of cyber security for BAE Systems Australia.
“There definitely needs to be a global, if not a regional, approach to cyber security.”
India’s top information technology bureaucrat, R. Chandrasekhar, said high-level cooperation between states was needed.
“Government to government contacts are there...(but) at the middle level,” he said. “Concerted efforts are needed. We are yet to see the emergence of a clear organizational mechanism.”
India’s computer networks have frequently been attacked, with the hackers suspected to be from China and Pakistan.
A spokesman for Australia’s Attorney-General Robert McClelland said cyber security would be a key issue at a meeting of attorneys-general from Australia, the United States, Canada, Britain and New Zealand in Sydney next month.
“Cyber security is an international issue that requires a coordinated response by all nations,” the spokesman said.
World leaders should put cyber security on the agenda at forums such as the G20 and urge “slower-moving” nations to take a stand against hacking, the co-founder of a global industry body said.
Peter Coroneos, co-founder of the International Internet Industry Association and head of Australia’s industry body, said such leadership by major powers could support and hasten early industry efforts to adopt global anti-hacking safeguards.
“Getting the issue elevated to a level like the G20 would be a good way to promote engagement with economies that might otherwise move a little slower,” Coroneos said.
A Japanese official said government-affiliated organisations in Japan had managed to repel major cyber attacks, but added this was no reason for complacency.
“Rather than governments, private companies and research institutes seem to be taking the initiative,” added Masashi Eto, senior researcher at Japan’s National Institute of Information and Communication Technology.
Andrew Forrest, chief executive of Australia’s third-largest iron ore miner, Fortescue Metals Group Ltd, said cyber hacking by states was a major concern for resource companies.
“Government to business espionage I think is below the belt, and I think all governments should stop it,” Forrest told reporters at Australia’s parliament on Tuesday.
Reporting by Reuters bureaux; Editing by Dean Yates