The Inter Islamic Network on Information Technology (INIT) successfully convened 5th5 – day International Training Workshop on ‘Internet Security: Enhancing Information Exchange Safeguards’ in Ankara, Turkey. The Workshop was inaugurated by Prof. A. Arif Ergin, President, Scientific and Technological Research Council of Turkey (TUBITAK), Government of Turkey, on September 14, 2015 at Ankara, Turkey. The Workshop was the 5th edition of the series and was organized in joint collaboration with the Islamic Educational, Scientific and Cultural Organization (ISESCO); the Commission on Science and Technology for Sustainable Development in the South (COMSATS);the COMSATS Institute of Information Technology (CIIT), Pakistan; and the Statistical, Economic and Social Research and Training Centre for Islamic Countries (SESRIC), Turkey. The Workshop spanned over a period of 5 days from September 14-18, 2015.
Prof. Ergin, in his inaugural address, warmly welcomed the foreign experts and participants of the Workshop. He expressed his gratitude for the experts and participants for ensuring their participation in the Workshop. He stated that the survival and socio-economic development of nations depend upon their scientific knowledge and command over technology. Noting that the world is moving fast from traditional computing to cloud computing, Prof. Erginemphasized that cyber security has become extremely difficult to achieve considering the fact that the information and data is distributed over thousands of network nodes all over the world. He noted that the developing countries, particularly Islamic countries, lack the capability to produce microelectronic hardware and software (indigenous goods) for various applications including cyber security in telecommunication industry, and resultantly have to rely heavily on the countries of the west to fulfill their needs in this regard. He called for enhanced collaboration among the relevant organizations of the developing countries, in general, and OIC countries, in particular, in order to develop their own hardware and network protocols in order to ensure the security of their confidential information. He apprised the participants that TUBITAK houses 19 research facilities in Turkey, nine of which are working in different fields of Information and Communication Technologies (ICTs) and electronics.
Earlier, in his welcome address, H.E. Ambassador Musa Kulaklikaya, Director General SESRIC, expressed pleasure on hosting this important workshop, and welcomed all foreign and local participants of the Workshop. He considered information and internet security as an extremely important area, keeping in view the fact that cybercrimes cause tremendous losses of revenue, confidential information and infrastructure. He stated that cyber security is especially important for the developing countries, as they are in the early stages of becoming knowledge societies, and can suffer irreversible damage at the hands of cyber criminals. He stressed the significance of collaboration among the developing countries in different areas of cyber security, including legal measures; technical, policy and procedural measures; organizational development; and capacity building. He informed that SESRIC is actively engaged in building scientific capacity of OIC member countries since 2009, which includes organizing a number of capacity building events each year, as well as conducting scientific studies. In this regard, he informed that SESRIC has organized 10 capacity building events in the field of ICTs during the recent years, and is also hosting the e-government web-portal of the Government of Turkey.
Dr. S.M. Junaid Zaidi, President INIT and Rector CIIT, in his message read out on the occasion by Mr. Muhammad Atiq-ur-Rehman, Senior Program Officer, INIT, stated that the information technology has advanced at an unprecedented pace ever since the advent of modern computing. However, he stated that this progress has come with a cost in the shape of cyber crimes. He called for special protocols to be put in place in order to ensure cyber security in governmental and business activities. Dr. Zaidi stated that INIT is mindful of all necessities for achieving safe data exchange, without breaching the boundaries of relevant legislation. It was informed that INIT has devised certain programs and initiated a number of activities in different fields of information technology for directing and encouraging use of ICTs and associated systems to promote collaboration and cooperation in building human resources and institutional capacity, encouraging dialogue, maintaining data banks, assisting in training, research and development, disseminating information, automating the governmental and business processes in the OIC Member States. He was confident that the knowledge accorded during the workshop will facilitate the promotion and strengthening of initiatives related to internet security and data protection.
Dr. Aicha Bammoun, Expert Science Directorate, ISESCO, conveyed the greetings of the Director General ISESCO. She stated that information and internet security is legal and ethical requirement of businesses and organizations, and stressed the significance of securing the computing devices against malicious cyber-attacks that often attempt to breach into critical confidential information or to gain control of the systems. She informed that ISESCO is implementing various activities that aim to strengthen and promote knowledge and skills that are necessary to induce progress in the scientific and technological research sectors to keep pace with the requirements of the new age. ISESCO facilitates transition towards knowledge-based economies through developing intellectual potential of societies and providing capable human resources. She hoped that the workshop will highlight the significance of cyber security, and will impart necessary skills and knowledge to the IT professionals enabling them to reduce the number of cyber-crimes in their respective organizations and countries.
Dr. Imtinan Elahi Qureshi, Executive Director COMSATS, in his message read out on the occasion by Mr. Tajammul Hussain, Advisor (Programmes) COMSATS, extended gratitude to ISESCO, INIT, CIIT, and SESRIC for joining hands with COMSATS in order to organize this important workshop. He stated that with the ever-increasing use of computers, laptops and smart phones, connected to the Internet, by general public for performing daily life activities, came fraudulent activities that range from system hacking to identity theft and cyber stalking. Internet security has, therefore, become exceedingly important for individuals, organizations, and businesses in order to ensure that their identities, documents and passwords are not compromised. Dr. Qureshi stated that the afore-stated threats can only be encountered through collective action by the governments, IT experts and organizations of the world. He informed that COMSATS is committed to developing and strengthening linkages among the countries of the South for exchange of resources, technology, and knowledge. He acknowledged the consistent support of ISESCO and INIT towards COMSATS’ programmes and activities in the common Member States, and thanked SESRIC for accepting the proposal of hosting this important event. He also desired and looked forward to having further collaboration with SESRIC on long-term basis, similar to COMSATS’ collaboration with ISESCO, UNESCO and INIT.
The inaugural ceremony was also attended by the representatives of diplomatic missions of various OIC and COMSATS Member States in Ankara, including Tunisia, Gambia, Bangladesh, Colombia, Jordan, Brunei Darussalam, Guinea, Morocco, Uganda, Indonesia, Chad, Sudan and Pakistan, as well as a number of scientists and researchers belonging to universities, R&D organizations and government departments of Turkey.
Following topics were covered during the workshop:
- Organizational Security and Industry Standards
- Security Policies, Objectives and Procedures
- ISO 27001 ISMS Standard and related (Security Controls)
- Risk Assessment (Methodology, Identification, Assessment & Treatment)
- Cryptography and secure email
- Information Security Design Principles
- Emerging Cyber Threats and their Significance
- Various Phases in Planning a Cyber Attack
- Recent Distributed Denial of Service Attacks
- Possible Mitigation Solutions to Service Attacks
The above included specially designed hand on session on the following:
- ISMS Policy/Procedures Writing
- Information Assets Identifications
- Risk Assessment
- Risk Treatment (ISO 27001 Control Implementation)
- Ethical Hacking
- Metasploit framework
- Post exploitation and back door
- Enumerating Windows Users
- Enumerating Open Ports
- Enumerating Running Services
- Hacking Windows Operating Systems
- Using Encoders to bypass Antivirus and Firewalls
- Breaking Wireless Security (Cracking WEP, Cracking WPA/WPA2 )
- Password Attacks
- Capturing Secure/Insecure Passwords over LAN
- Cracking Windows Systems Passwords
This five-day workshop trained about 40 young researchers, practitioners, academicians, system administrators and programmers working in the field of Internet/Information Security and cryptography from Brunei Darussalam, Jordan, Nigeria, Maldives, Morocco, Tanzania, Mauritania, Pakistan, Palestine and Turkey.
Click here for Program
Click here for Pictures