Database should be secured and protected by multi-tier of firewall - and should not be resided in the public web server that are facing the public.
Otherwise, data will be hacked and stolen once the public web server(s) is compromised.
Web proxy instead of Web server should be used for Internet facing - public serving websites - as additional layer of protection.
Professional IT network and security designers should be employed to design and implement Government websites.
Independant security auditor - to conduct vulnerability scanning and penetration test should be performed - before commissioning the system.
For this case, this is a network penetration - which is much more serious than web defacement - because it means network & IT security is not effective or not properly designed that cause hackers to penetrate the network and system all the way to steal the data.
Defense-in-depth security and end-point security if implemented correctly will be able to prevent such hacking.
But I agree that hackers can be treated as terrorists according to their crimes.
The Minister meant IT system not resilient power supply.
If you ever see the movie "Diehard 4" - this is what the Minister meant.
Die Hard 3 was what you meant? They have a powerful travelling hacking truck?
Provided the stations were wifi and hackable then?
And they had a mainframe computer to speed things up?
To me, at least 30% is imagination and 50% sci-fi.
See those people who could communicate within tunnels and even bank vaults. Impossible.
No is Diehard 4, where they can use computer network to trigger C4, control traffic light to redirect traffic, send gas via gas pipe to cause explosion.
But network should not be designed that way to give maximum impact to hackers to do such damage. It is meant for movie or science fiction.
Babe Xianlian Zeng
Else tunnels and bank vaults will cut off radio signals - as they cannot penetrate thick walls.
Defense-in-depth security and end-point security if implemented correctly will be able to prevent such hacking.
But I agree that hackers can be treated as terrorists according to their crimes.
The Minister meant IT system not resilient power supply.
If you ever see the movie "Diehard 4" - this is what the Minister meant.
Critical Information Infrastructure can be remotely
controlled & hacked through Internet or via other means - that will cause
the systems to malfunction causing harm.
But professional who know
how to safeguard and protect such network and systems - will be able to
withstand hacking and mitigate and even prevent such risks.Die Hard 3 was what you meant? They have a powerful travelling hacking truck?
Provided the stations were wifi and hackable then?
And they had a mainframe computer to speed things up?
To me, at least 30% is imagination and 50% sci-fi.
See those people who could communicate within tunnels and even bank vaults. Impossible.
No is Diehard 4, where they can use computer network to trigger C4, control traffic light to redirect traffic, send gas via gas pipe to cause explosion.
But network should not be designed that way to give maximum impact to hackers to do such damage. It is meant for movie or science fiction.
Babe Xianlian Zeng
Note :- communicate within
tunnels is possible if they have wireless base station install within the
tunnels.
Bank vaults also possible if
they have wireless base station within the bank vaults.Else tunnels and bank vaults will cut off radio signals - as they cannot penetrate thick walls.
No comments:
Post a Comment