Security begins with YOU!
Interview by Sabaina Bukhari & Syed Asim Ali
An enlightening tête-à-tête
with the energetic Qazi Ahmed of PakCERT
Computer and network
security has been a problem in Pakistan for the last couple of
years. Hackers, both inside Pakistan and elsewhere, are slashing
away at easy, vulnerable targets. Ranging from the intelligent,
diligent, and knowledgeable intruder, to the bored, having-nothing-better-to-do
script kiddy; they all pose an obvious threat to your network.
The PakCERT Coordination
Center (PakCERT/CC) is dedicated to provide you the latest security
alerts and advisories to help you build a secure network. PakCERT
is a member of Asia Pacific Security Incident Response Coordination
Working Group (APSIRC-WG).
Qazi Ahmed is the
President, Director, of PakCERT. We talked to him about the various
aspects of PakCERT's operation, and goals. He gave us an insight
into the network security arena here in Pakistan. Here are the
excerpts from our discussion with him.
@internet: Why PakCERT?
How did the idea originate?
Qazi: Internet
crimes are on the rise all over the world as different breed of
hackers and making regular runs against all types of Internet
communities. It could be a normal PC connected to the Internet
just to check e-mail or surf the Internet, a corporate server
dealing in online transactions, an ISP access, a mail server,
or a government-owned computer system; there is no exception.
Internet security has been as issue of major concern for quite
sometime now, as hackers are now targeting government and corporate
services to steal information and render machines and servers
incapacitated. The hackers, whether intelligent of mere script
kiddies, just want to put "I 0wn j00" (I own you) on
your web site; chalking up one more web site defacement to their
name.
Incident response
and security teams continue to form around the globe. But we never
had any Emergency Response Team in our country to create awareness
among the local community about the ins and outs of computer security.
Security has been my passion for years and I always wanted to
do something in the field of security for the country. There are
many CERTs around the world like SingCERT (Singapore), AusCERT
(Australia), JPCERT (Japan), HKCERT (HongKong, China) etc. but
there was no CERT for Pakistan. So I decided to take this step
and formed PakCERT.
@internet: What is APSIRC?
Qazi: PakCERT
is currently a member of the Asia Pacific Security Incident Response
Coordination (APSIRC), a working group of the Asia Pacific Network
Group. APSIRC is a team of all Computer Emergency Response Teams
working the Asia Pacific region. APSIRC-WG arranges meetings and
seminars and coordinates with other APSIRC members regarding security
related issues.
@internet: In your opinion,
why is a CERT needed?
Qazi: Computer
security is the need of today's world. Everything is going online.
Being online could be a fortune and also your worst nightmare.
Not many people have the idea of computer security and not everyone
can put a lot of time reading books or researching security vulnerabilities.
Different countries have different type of computer communities.
Some are very mature about security and some are not. Hence, there
needs to be a centralized place for every country where the specific
community can find the latest security information which it can
easily understand and implement. CERT is the solution. Every CERT,
responsible for its country, works according to its community.
@internet: Any problem you
faced in the formation of such an organization?
Qazi: Well,
I faced a lot of problems during the formation of PakCERT. Not
many have the idea of CERTs and security services. The main thing
is that our people don't know much about security and thus they
are not serious about it. Those who have a small idea are not
updated, and are not ready to accept a change. So getting people
realize the need, and understand the importance of the establishment
of such an organization was the first major challenge.
@internet: What are the
objectives of PakCERT?
Qazi: Among
our goals is the promotion of cooperation amongst IT constituents
in Pakistan for the effective prevention, detection, and recovery
from computer security incidents. PakCERT provides a means for
the dispensing of alert and advisory information on potential
threats and emerging security breach situations.
@internet: What sort of
customers do you have?
Qazi: At
the moment, we have customers ranging from ISPs, hosting companies,
government organizations, e-commerce portals, private companies,
and hospitals.
@internet:
For many of us, computer security is still considered an alien
phenomenon. Talk about security and you will hear a dozen firewall
names, encryption techniques, and blah, blah. No, it's not just
like that. How can you stop an intruder cracking into your web
site even if you have a firewall installed on the server with
only one port open, which is using Secure Socket Layer (SSL) to
provide the web services? If you are running a vulnerable web
server, then an intruder needs nothing but a piece of code to
exploit the web server itself! Once your server is compromised,
the intruder can use the SSL to transfer data on his/her computer
so that no one can see the intruder's activity. The thing to understand
here is that computer security is not a tool or software which
you can download or install and feel safe.
Qazi: Many
of the system administrators, especially ones here in Pakistan,
don't care much about security. They think security is about taking
backups and restoring data after the intrusion. People have a
lax attitude towards the concept of security because they have
little or no knowledge about it, and sorry to say, many of them
portray computer security as a "mission impossible"
because they feel insecure about their jobs! No, I am not satisfied
with the security trends here.
@internet: What is Ethical
Hacking? What are the PakCERT Ethical Hacking Services about?
Qazi: To
learn about Ethical Hacking, you first have to know the real meaning
of 'hacker' and 'hacking'. The media loves to call every other
intruder, crack, or script kiddy a hacker. Hacking is not about
getting into systems or sabotage. Traditionally, the term 'hacker'
means one who tinkers with unfamiliar systems in an effort to
gain insight or to re-engineer it for the better. A 'Cracker,'
on the other hand, refers to those malicious hackers who break
into systems for fun or profit. According to hackers, the code
of hacker ethics prohibits any profit from their activities. In
fact, their motive for such practices is the activity itself.
Hence, they divide themselves into "white-hat" hackers
(ethical hackers) and "black-hat" hackers (crackers).
PakCERT Ethical
Hacking Services were introduced to provide anyone the means to
protect their valuable information assets by giving organizations
and individuals direct access to hackers and other IT professionals
not usually available for hire. We protect the information assets
of our clients through the use of education, technology and experience,
while maintaining the strictest levels of confidentiality in the
industry. Armed with the latest exploit codes and techniques the
underground is using for years to compromise your networks, we
use the same techniques to harden your network from such intruder
attacks.
@internet: What are your
future plans for your organization?
Qazi: Looking
at the local community, we have realized that we need to start
teaching people about security from scratch. People are still
impressed by the kids who use trojans to enter and take control
of your computer, or script kiddies defacing web sites. We have
conducted some seminars to create awareness about computer security
and are planning a series of seminars in different sectors. Any
company, institute or university interested can contact us and
we will arrange one for them.
