Ministries seek to avert cyber security 'crisis'

The Ministry of Defence (MoD) and Ministry of Information and Communications Technology (ICT) are ramping up efforts to boost cyber security, with one expert describing the security situation in Thailand as a "crisis".

Ministry officials, speaking at a cyber security conference yesterday, said the public sector is at growing risk of cyber attack due to the popular use of social media and inadequate security systems.

Maj Gen Bunjerd Tientongdee, a deputy director of the MoD's department of Defence Information and Space Technology, said the increasing number of social media users was causing concern among cyber security experts.

Online social media analytics company ranks Thailand 14th in the world for number of Facebook users. There are now more than 17.6 million Facebook users in the country, according to the company, a rise of more than 3.3 million in the last six months.

Maj Gen Bunjerd referred to the role of social media in the Arab Spring uprisings last year, saying it was possible Thailand would follow a similar course if social media were used for political purposes.

He said the military was concerned that the widespread use of social media could lead to public misinformation.

There had already been several cases of government servers being threatened, he said, but he could not publicly disclose any specifics.

"Our legal framework has yet to evolve to cover the online world," Maj Gen Bunjerd said. "We're working with the ICT and related authorities to design laws and regulations to improve cyber security management."

Gp Capt Anudith Nakornthap, ICT Minister, said the ministry was also working with other Asean countries to develop integrated legislation to suppress transnational cyber crime and to improve cyber security systems.

The online world has no boundaries, he said, and cooperation is needed between countries to develop effective cyber protection policies.

He said that 59 public, state and private enterprises in Thailand have been granted ISO/IEC 27001, an international information security management system certification.

In Japan, 4,152 similar businesses have received the certification, while 573 have received it in the United Kingdom.

Mr Anudit said only about 150 Thais have been certified as information systems security professionals (CISSP). About 90,000 people around the world are CISSP certified, he said, with Singapore housing around 1,110 of Asean's 1,608 certificate holders.

The CISSP qualification is a globally recognised standard of achievement that confirms an individual's knowledge in the field of information security. With such a small number of certificate holders in Thailand, Prinya Hom-anek, president of cyber security consultancy firm Acis Professional Centre, said the cyber security situation in the country has reached "crisis point".

"The cyber security systems in most state agencies are completely inadequate, mainly because of a lack of funds and awareness," Mr Prinya said.

He cited the widespread use of free email among state officials and politicians, which increases the chances of serious information leaks.

Prime Minister Yingluck Shinawatra had her Twitter account hacked last year by an opponent who posted critical comments on her page.

"It would be a serious threat, especially in two years [when the Asean Economic Community comes into effect], if we are not aware of the need for cyber security improvement," Mr Prinya said.

About the author

Writer: Paritta Wangkiat