| Cyber Crime - Safety First |
Cyber Crime - Safety First(Click Here to download the pdf with the article and photos as it appeared in the press) This month Bernard Collin - CEO of SafeComs Co. Ltd. Offers advice on how to ensure we're complying with the lawLike newly enacted laws in many other countries, Thailand's Computer Crime Act has 'a few bugs' that will need to be worked out. In the meantime, what can you do to ensure that you are complying with the law? "Before you can comply, be sure your systems are secure," advises Bernard. It's unlikely, but not impossible, that an employee is going to use a company computer to commit blackmail or send spam. Criminals however will cover their tracks by taking over a company network or individual computer to commit their crimes. Service providers offering public access on university campuses and at hotels and coffee shops are more vulnerable. In either case, it's surprisingly easy to hack into someone else's computer network and use it for criminal activities. Bernard says, "The first thing we do for our clients is check their security status. You should first make sure none of the bad guys can get to your computers. That means no illegal software, proper gateway security and password administration, encryption of sensitive data, a firewall and virus, spyware, malware and adware checking in place. A professional data backup system goes without saying." "Illegal software is one of the biggest threats," warns Bernard. According to an informal SafeComs survey, one in five locally available pirate software programs are infected with trojans designed to give criminals access to your computer files. "A properly set firewall is a necessity", says Bernard, "too often, firewalls are set to block incoming traffic but do not check outgoing traffic, and this is how the criminal traffic is established, bypassing an expensive security system. A 'root kit virus' that steals login details for online bank accounts was recently discovered on thousands of genuine websites and experts estimate that millions of computers have already been infected. Bernard notes that, "Few commercial anti-virus packages currently detect its presence." Compliance: How to "Ignorance of the law does not excuse." Bernard recommends, "The best policy is to demonstrate that you are taking all reasonable measures to comply with the law. Because it's so new, the Computer Crime Act is a bit of a puzzle and it's difficult to know if you are in compliance or not." While there is still some debate, the law seems reasonably clear on what data you need to keep and for how long. "In this respect, it's a hardware and methodology issue," says Bernard. SafeComs can quickly and easily install a 'SafeLogger' system that pretty much covers your compliance requirements." A SafeLogger can be set up to record data from any device used to access the internet from your internal network. Bernard cautions service providers who decide to go the do-it-yourself route to take some care with setting the software parameters. "We visited one site where after a few weeks of logging they had over seven gigabytes of data, which is unreadable and therefore not in compliance with the law. Just storing the data doesn't meet compliance requirements, you have to be able to open and read the file." The other issue is respect for privacy. The law does not require that service providers retain data on the content of email or other communications. "Be careful not to overstep your bounds," cautions Bernard, "or you could be facing legal problems in other areas of the law." The long road ahead Everyone can agree that using the Internet to smear your ex, cheat lonely widowers or cause grievous harm to a business rival are actions that deserve legal prosecution. Legal instruments like the Computer Crime Act can and should have a positive impact on internet users, protect online privacy and ensure internet security. There is also widespread agreement that the current law is far from perfect and will no doubt endure many cycles of amendments. In the meantime, give yourself some peace of mind and take Bernard Collin's advice: protect your business by taking the basic measures to ensure your network security and log the mandatory data. Highlights Article 8: Those who conduct whatever acts electronically to intercept data being transferred between others' computers, when such data is not for public use, are subject to three years jail and/or a 60,000 baht fine. Article 9: Those who unlawfully damage, destroy, delete, alter, or modify, wholly or partly, information on other's computers: subject to three years jail and/or a 100,000 baht fine. Article 11: Those who send data or electronic mails to others without revealing their identity, or by posing as someone else, in an act that disrupts the others' normal computer use: subject to a 100,000 baht fine. Article 18: Inspectors are required to minimally access information on targeted computers and, if unable, are required to produce solid evidence to owner of private premises to support their suspicion over illegal activities and then seize the computers, without court warrants. Entry will be only during daytime and only after showing their ID cards. Want to know more? Internet and network security http://www.safecoms.com/about-us.html SafeComs Thailand is a privately-held Bangkok-based company established in 2004 by a group of expert security engineers. SafeComs are happy to answer questions about hardware and software solutions for compliance with the new law. An unofficial translation of the Computer Crime Act http://www.prachatai.com/english/news.php?id=117 Check if a website contains malware that could infect you. http://www.browserdefender.com/ Not sure how safe a website is? Browser Defender will test Web sites for excessive pop-ups, "phishing" and other fraudulent practices, and browser exploits. Downloads are tested for viruses and bundled adware, spyware or other possibly unwanted programs. Computer Crime Acts Worldwide http://en.wikipedia.org/wiki/Computer_crime As usual, Wikipedia provides a reasonably good primer on the basics of computer crime. This article lists countries with CCAs, including Malaysia and Singapore. Thailand's CCA is not listed yet.
|
Remote Access Support
Latest Updates
- Let's Soirée with PEPPERCAN!
- Peppercan in OAS & IT FAIR 2011!!
- Let's Petit Déjeuner with PEPPERCAN!
- Bangkok Software Summit 2010
- Thailand ICT Award 2009
- Peppercan - Enterprise Managent Tool
- Web 2.0 Division
- Austcham Awards 2008 - Safecoms wins plaudits for offering best value
- Beluthai and NTCC Awards 2007 - Safecoms best 'Startup'
- Austcham Awards 2008
You are here :
Home 
About Us Press Clippings Cyber Crime - Safety First
About Us Press Clippings Cyber Crime - Safety First