As an increasing number of daily business
activities move online, including advertising, selling, finding new
markets, reaching out to customers, recruiting staff, communicating with
customers and suppliers or even carrying out financial transactions, it is
becoming increasingly important for Thailand to ensure that it is being
protected from cybersecurity threats.
There are a number of cyberattacks that
Thailand is vulnerable to. Denial-of-service
(DOS), for example, is when a hacker is able to successfully prevent
the authorised functionality of networks, systems, or applications by
exhausting resources. Once the system is under such an attack, the hackers normally
ask for a ransom or fee to regain access to files.
Malwares such as the Trojan horse is another
example of a cyberattack. These are “deadly viruses” which are spread by email,
instant messaging, malicious websites and infected non-malicious websites. A
backdoor Trojan horse gives
malicious users remote control over the infected computer. They enable the author to do anything they wish on
the infected computer –
including sending, receiving, launching and deleting files, displaying data and
rebooting the computer.
A botnet, which is short for robot network,
is an aggregation of compromised computers that are connected to a central
“controller.” The compromised computers are often referred to as “zombies.”
Botnets are designed to steal data. Botnet hackers have been improving their
encryption capabilities and are thus becoming more difficult to detect and
apprehend.
Plans to set up the Cybersecurity Agency in
Thailand is therefore, well underway. The first
preparatory meeting that was held in the beginning of May this year,
highlighted the national plan and policy framework for cybersecurity, critical
information structure and standard operating procedures and the plan to develop
cybersecurity human resources.
The Minister of Digital Economy and society
Pichet Durongkaveroj said that the new Cybersecurity Agency will act as the
central coordinator to ensure that Thailand’s national cybersecurity reforms,
conforms to the international standards. The ultimate purpose of the Cybersecurity
Agency is to alleviate Thailand’s current ranking in the International
Communication Union (ITU) Global Security Index.
During the meeting the risks that the new Cybersecurity
Agency would face were highlighted. The risks that were identified included
reputational risks and operational risks. Reputational risks, which occurs when
organisations succumb to cybersecurity breaches, are amongst the most damaging
for the organisation as it undermines the attacked organisation’s incompetency.
In order to mitigate these risks, the new cybersecurity agency will be
collaborating with more critical infrastructure companies within Thailand, to
strengthen the networks and prevent hacker penetration.
The new cyber security agency also hopes to
overcome some of the challenges it will face including raising awareness
amongst individuals. Raising awareness is very important when it comes to
cybersecurity as major breaches and cybersecurity violations occur due to the
unawareness of individuals. To overcome this challenge, the new Cybersecurity
Agency plans to set up a Government Monitoring System Project, conduct
incidents drills and set up a standard and accreditation body.
Although still in the beginning stages, the
Cybersecurity Agency seems to be a promising initiative set up by the Thai
Government to safeguard Thailand against cyberattacks.