The Ministry of Defence (MoD) will establish their Cyber Security Headquarters at the Sri Lanka Airforce (SLAF), a MoD official said.
This unit will have representations from the tri-forces and the police force and will work towards improving cyber security capabilities and intelligence for national security purposes.
The MoD official said the SLAF Commander, Air Marshall, Kapila Jayampathy, had initially volunteered to set up a cyber security system for the army and was later expanded to all forces.
The official said this as he answered questions on how prepared the forces were to deal with cyber security threats at the Colombo Air Symposium.
At present the Airforce which deals with the most advanced technologies of the tri-forces has the most comprehensive cyber security system.
Thus it was natural that the SLAF would take a leading role in setting up the system for all security forces.
National Institute of Security Studies, Researcher, Priyanka Moonasinghe who presented on ‘The Role of Cyber Espionage as an Asymmetric Threat through Air Power’ at the Air Symposium speaking on the SLAF cyber security system said the Information and Technology Unit of the SLAF had direct domain control and monitoring of over 4000 computers with internal and external networks.
They operate from 25 bases centrally connected to one administrative controller.
“In an effort to minimize threats from the cyber domain, the staff is not allowed to install hardware or software or use external storage devices, with the exception of few designated computers. This safeguards them against threats such as Red October”, said Moonasinghe.
Red October was a cyber-attack launched on many government agencies around the world, mainly in Eastern Europe, Central Asia and former Soviet nations to steal sensitive security information.
“The SLAF system which has many networks also has many layers of defence and is multipronged, making it harder for hackers”, she further explained.
The SLAF also has a Cyber Command Operations Centre which is the cyber security and monitoring section that gathers intelligence on a 24 hour basis to inspect threats from the cyber domain.
The Operation Centre conducts cyber threats on its own system to identify its loopholes and fix them.