|
Login Area
|
|
|
|
|
Register or Login
to gain full access
to the Resources of the
Center for eGovernance
Program @ SEE
|
|
|
|
|
|
Conclusions of the Regional Electronic Security Forum
|
|
|
|
|
Electronic insecurity threatens the passage towards Electronic Government – The continuous education of citizens and the collaboration between institutions are the key answers for the increasing electronic threats
 
The prevention of electronic threats in Greece is incomplete, fact that is opposite to the European Union regulations and common objective for the EU countries.
The introduction of Information and Communication Technology (ICT) in public administration (eGovernment) is essential along with the indispensable modernisation of the electronic safety infrastructure. The successes of the electronic crime services are not sufficient in their role of protecting the citizens from the crimes attempted on every day basis, on the internet. The key answer to the problem is establishing a culture of informed users that will be able to collaborate with the legal authorities, when an illegal activity falls in their perception. These are the crucial indications of the first day of the Regional Electronic Security Forum: Telecommunications Networks and Systems Security organised by the Southeast Europe Telecommunications Academy (INA Academy).
The coexistence of several involved Institutions, many times with overlapping roles results in lack of interoperability and collaboration that puts communcations infrastructure at risk. Lack of co-operation between the public and private sector is one of the most important reefs in protecting the Information and Communication Technology (ICT) infrastructures in the Public Administration sector, according to the professor of Athens University of Economics and Business, Dimitris Gritzalis.
The foundation of a central institution for the protection of the public ICT infrastructure, supported by a relevant Research institute that will produce knowledge in the field, equipped with the required technological infrastructure, is the basic proposal submitted to the Infosoc S.A. by the solicited Working Group that produced a study on the “Development of a framework for the protection of Public Infrastructure”. Professor Gritzalis is leading this Working Group, the so called e-Government Forum, among a number of public sector experts. According to the Professor, a specific approach should be considered particularly regarding the localisation of all critical infrastructures and the employmwennt of additional security measures for high risk network nodes, such as ‘SIZEYXIS” of the Ministry of Interior Public Administration and Decentralization, the information systems of the Centers for the Citizens (KΕΠ), the electronic taxation system “TAXISnet” and data centres of the Infosoc S.A..
An indication for the importance of the“ high risk” safety nodes was given by the technical director of SIZEYXIS, Mr. Christos Moschonas, who said that today the SIZEYXIS network, a platform of telecommunications services (voice, data and video) to all institutions in the Public Administration links together and supports 3.200 government owned services (ministries, regions, prefectures, municipalities, hospitals etc.). According to his estimation, by the beginning of 2009, it is expected that the Institutions linked will reach the amount of 4.200, aiming at 10.000 in the next years.
Moreover, another issue highlighted during the course of the Forum is, according to the representative of Institute of Communication and Computer Systems (ICCS), Mr. Yannis Charalabidis, is the process of certification of information that is introduced in the information systems of eGovernment services. An estimation by Mr. Charalabidis, reports that in the next 30 years each one of us will need to put approximately 10.000 signatures (real and digital), while it will have to be documented in at least 100 different places, which results in an increasingly confusing and impractical situation in the process of user data management. Finally Mr, Charalabidis, pointed out the need for interoperable security systems and simplified processes.
An answer to the electronic threat attempts was given by the Global Trust Center, an independent, international organism that deals with the development of optimal practices, via which the confidence in the digital world might reflect the rights and obligations of the individual in the natural world. Central role in the model of Trust that is being studied, according to the director of the Global Trust Center Mr. Ray Nightingale, is the “witness”. The Witness was imported in the digital world to enable the verification of date elements declared by each user in a transaction, the management of proofs/receipt of electronic transactions and the revelation of processes in the authorized parts.
The Director of Public Sector Affairs of Microsoft Hellas, Mr. Panos Theodosopoylos, proposed that modern Information and Communications Technologies (ICT) can constitute an important ‘Ally’ for the state. The strategy of the Microsoft in the security sector, he added, moves from the investment in the technology to the collaboration with other enterprises, while the main programs that are being materialised by the company concern the security related to programs for governments, to the localization of systems for the exploitation of children, for electronic frauds (raffles etc.), and towards the interoperability of security systems.
During his speach, the President of the Federation of Industries in Northern Greece, Mr. Giorgos Mylonas pointed out that in Greece the importance of electronic security has still not become fullly understood and in fact, the indicator of violation of privacy & security of electronic data in the country has reached 41%, when the corresponding number in the is 17%.
The conference was organised under the framework of the Program for International Development Collaboration of the Hellenic Ministry of Foreign Affairs (Hellenic Aid) entitled: “Center for Electronic Governance Program at South-East Europe”. In the scope of the Program, as stressed by INA Academy President, Mr. Vasilis Takas, a series of Executive Training Workshops on issues of electronic Governance will materialise in the next half-year period in the Western Balkan region.
In Greece, the importance of these issues have only recently become obvious to the users of the internet as they are starrting to realise that in order to confront electronic threats better understanding of security issues and collaboration with the responsible entities and organisations is critical. According to the Head of the Department for the Prosecution of Electronic Crime, Mr. Manolis Sfakianakis, (Hellenic Ministry of Interior Public Administration and Decentralization) “Young people have begun to approach the police, to give information when emmergency situations arise involving friends and fellow students, while it is no longer thought that such an act is an act of betrail ot ‘snitching”, since it is realised that it is the only way electronic crimes may be stopped or even prevented, even so when a human life may be involved”.
The collaboration of citizens, reported Mr. Sfakianakis, but also the enhanced awareness of the general public, which is particularly targeted towards malicious attacks on the internet, has led the Department for the Prosecution of eCrime to reveal dangerous networks, and to confront and prevent in numerous cases a crime about to be committed. A typical example is the crime that concerns in the act of stealing banking codes, through misleading emails, the so called “phishing”. Many Greek users of electronic banking responded to illusive emails and suffered economic damage, from amount being transferred from their accounts to those of perpetrators. Between September 2006 and January 2007, 12 such affairs were resolved and 22 perpetrators were arrested. Making this issue publicly known resulted in only one new case to be traced in the last 14 months.
Moreover, Mr Sfakianakis prompted, that particularly the young users of internet should be aware not to input any personal data, photographs and video in social networking web sites, such as “facebook”. He also added, “we have seen families destroyed, children abandoning school, when as an example degrading photographs were uploaded on the Internet and circulated among peers involving erotic activities between school students”. According to Mr. Sfakianakis, particular attention is required especially in the cases when somebody is asked to give out their mobile or computer ID for “routine services”. As he clarified, “we should never leave personal data in the mobile or computers devices we use, since they may be deceitfully retained and be traded via the internet”.
Mr. Sfakianakis also presented cases solved in Greece via international collaborations. Among them: the capture of a network for the illegal distribution of software, that cost the software company about 360 millions Euros, cases of so called ‘cracking’, like the one when Greek citizens unlocked the data bank server of USA and American celebrities were debited with enormous financial sums, or the Cracking case in a British company listed in the stock market and in an international banking group. Recently, the case of an international network that promoted prostitution was revealed.
Additionally, according to Mr Sfakianakis, the Greek banks are equipped with the one of the most secure systems for the protection of consumers from malicious attacks during electronic transactions. It is remarkable that no case has been reported for stealing codes from Greek banks, and the utilized mechanism of production additives code (extra pin) is absolutely safe. As he clarified, in the last case of so called “phishing” in our country, the user of the system ‘lost’ his code through an attack by a malicious “Trojan Horse” program that was dispatched by the perpetrator into the computer of the victim. All this become increasingly important when, according to data presented, the average legal electronic transactions worldwide are reaching the 3, 5 billions of dollars per minute.
The representative of Microsoft Greece Mrs. Kontantina Logotheti stressed out that while the Internet offers a unique environment of learning, education, entertainment and communication, it hides also dangers, which we owe to be aware of in order to protect ourselves and especially the children. Microsoft is aiming to contribute so that the Internet will become a safe place as possible adults and children users. For this purpose, it realises collaborations with responsible parties and organisms, offering the essential tools and technological support for the confrontation of electronic crime and mainly informing the wide public about the safe use of the internet.
Fraud on the internet via stolen electronic identities is the faster developing crime in the world, according to the Director of Governmental Relations for Europe, Africa, Asia Pacific of SYMANTEC, the largest manufacturer of security software, Mr. Ilias Chantzos. According to data from the company’s last report, one can observe a rapid increase in the order of 68% in the availability of software products for the production of viruses and in the next few years malicious software tools will exceed those preventing the software crime. The prices of malicious software, that ensure the perpetrators and access in confidential information and data, ranging from banking all the way to the health sector, vary between 50 and 3.000 dollars.
The Regional electronic security Forum was co-organised this year in collaboration with the Hellenic Telecommunications Organization (OTE) and was under the aegis of Ministry of Transports and Communications and Special Secretariat of Digital Plan of Ministry of Finance. Microsoft Greece supported the conference as the Grand Sponsor of the event. The event was also sponsored by the Swedish organization for Trust and Security, The Global Trust Center, and it was supported by the Federation of Industries of Northern Greece, the Chamber of Companies of Information technology of North Greece, the Technical Chamber of Greece, and the Union of Computer Informatics. The newspapers Express, Chrimatistirio, Macedonia, SeeNews, magazines Security Manager and IT Security and television channels ERT3 and TV100 supported the event through significant media exposure.
More information in the web page of congress www.esecurityforum.org
|
|
|
|
|
|
Publications
|
|
|
|
|
|
|
e-Readiness Assessment Reports
|
|
|
|
e-Government Case Studies
|
|
|
|
e-Government
Best Practice Guide
|
|
|
|
Supporting the activities of
|
|
|
|
INA Academy is a founding member of the Center for eGovernance Development in SE Europe, an Initiative supported by the Regional Cooperation Council.
|
|
|