OIC – CERT

Cyber attacks cases incident is raising rapidly around the world and it is gaining
recognition as a credible threat to economy and security of a nation. Cyber siege on
Estonia in May 2007 paralyzed Internet communications targeting the government,
banking, media, and police websites for three weeks. Huge economic losses were
incurred as online transactions were disrupted.

This fits with the argument of military strategists that physical attack or bombing against
critical infrastructure would disrupt and cripple an enemies’ capacity to wage war. During
World War II, the Allied Forces applied this theory by destroying critical infrastructure
such as electrical power, transportation and manufacturing facilities. The same doctrine is
now duplicated through cyber attacks.

The cyber siege on Estonia is a prime example of a paralyzing cyber attack. Estonian
Defense Minister Jaak Aaviksoo said that "The attacks were aimed at the essential
electronic infrastructure of the Republic of Estonia. All major commercial banks, telcos,
media outlets, and name servers — the phone books of the Internet — felt the impact, and
this affected the majority of the Estonian population. This was the first time that a botnet
threatened the national security of an entire nation."

A bot or zombie is a computer that is being infected with malicious software either in the
form of virus or Trojan that allows it to be controlled by a cyber criminal. Herds of bot
are then organized into a botnet that acts in tandem. A classic attack carried out by botnet
is to simply overwhelm a web server with high volume of information that will deny
legitimate users to access the website.

The attack which is termed denial of service had news sites as it early victims. On 28
April 2007, the website of Postimees is flooded with 2.3 million page views and crashed
20 times. Soon after, cyber attacks also crippled ATMs in the town of Tallinn. The attack
escalates into a siege when web site operators around Estonia have to cut international
connection to stave off attacks.

The incident in Estonia started when the government decided to move a Soviet war
memorial in Tallinn. The action offended the Russian government and invited an official
rebuke from Kremlin. It also leads to street riot which kills one and injured 150 others.

In the same time, instructions on how to carry out cyber attacks are circulating in Russian
on Russian websites. Fueled by nationalistic sentiment, Russian community of hackers
mounted the attack on Estonia.

The siege is only diffused when US and European experts assisted to identify and block
the botnets that are scattered in 128 locations around the world. This highlights the need
for international cooperation in combating cyber attacks due to its borderless nature.
Realizing this as a credible threat, formation of Computer Emergency Response Team
(CERT) among OIC member countries was proposed during the Annual Meeting of
Islamic Development Bank (IDB) Board of Governors at Putrajaya, Malaysia in 2005.
Seeking to establish an OIC-CERT, the meeting was tasked to initiate the establishment
of a Task Force in cooperation with leading OIC member countries.

The first Task Force meeting in the following year led to the appointment of
CyberSecurity Malaysia and National Agency for Computer Security Tunisia as the
protem Chairman and Secretariat. Islamic Development Bank also lends their support by
providing financial assistance.

Key aspects of OIC CERT include strengthening the relationships among CERTs in the
OIC member countries and enhancing information sharing in cyber security field. It also
seeks to prevent and reduce cyber-crimes as well as providing cyber emergency channels
among member countries. Other agendas include cultivating education in ICT security
and promote collaborative technology R&D.

Finally, the collaboration of OIC-CERT proposal (Resolution No. 3/35-INF) have been
approved and accepted during Council of Foreign Ministers of the OIC Meeting in
Kampala, Uganda in June 2008. To date, only Malaysia, Indonesia, Tunisia, Pakistan,
Nigeria, Iran and Saudi Arabia have became members of OIC-CERT.

It is prudent to expand the membership as cyber war have already encroach the OIC
sphere. In January 2009, Kyrgyzstan faced attack on two of it four (Internet Service
Provider) ISP, grounding 80% of its westbound traffic. Some analyst pointed out that the
attack came on the same day with the pressure from Russia towards Kyrgyz President
Bakiyevk to close U.S. access to a key airbase.

The OIC might have been lamented for their lack of peacekeeping force but at least OIC
CERT will prepare OIC in facing the era of cyber war. Hopefully this cooperation in
cyber world paves the way to greater collaboration in defense and technology among
Muslim nations.