Then, hackers were those who could solve arcane computer programming puzzles. Their hacks tended toward the humorous. However, as their capabilities developed '€” and the Internet became ubiquitous, some hackers crossed the line into illegality.

Today, there is a division between white-hat hackers, who search for technical vulnerabilities to avoid problems, and black-hat hackers, who seek to exploit gaps in computer security for their own purposes.

Even minor computer glitches are frustrating. When unscrupulous hackers exploit such glitches, the consequences can be legion, including identity theft, fraud, introduction of malware (malicious software), system infiltration, website defacement and unauthorized access.

Networks in Indonesia are also vulnerable. Iwan Sumantri of the Indonesia Security Incident Response Team on Internet Infrastructure and Coordination Center (ID-SIRTII/CC) said there were around nine million attacks launched on Indonesian targets in March alone.

'€œIn the last three months, cyber attacks toward Indonesia were made through port 22SSH, port 53 and port 443,'€ Iwan said.

The attacks on port 22SSH, a '€œsecure shell'€ were aimed at taking over routers in Indonesia and redirecting their Internet traffic to other places, Iwan said. The port 53 attacks mainly targeted vulnerable DNS servers, which are used to convert website URLs, such as google.com, into specific Internet Protocol addresses that refer to specific computer servers, such as 209.85.128.0, in the case of Google.

L33t: A screenshot of Hacker ID, a computer simulation that some local hackers use to boost their skills to the L33t, or '€œelite'€ level. (Courtesy of Hacker ID)
'€œA lot of WiFi users in Indonesia still refer to the Google DNS, and that is dangerous,'€ he said.

Yasser added that the number of local companies that were ISO certified had increased over the past two years.

'€œInformation security systems in companies are now quite hard to breach. The problem now is the end user, who becomes the weakest link '€” like what happened in the recent ATM skimming case,'€ Yasser said.

He was referring to the incident when thousands of customers of state-owned lender PT Bank Mandiri were unable to use their ATM cards.

Many expressed their confusion through social media, like Twitter and Path, which immediately generated speculation that the bank'€™s system had been hacked.

Officials at the bank denied the rumor, saying that they had blocked 2,000 ATM cards after finding indications that some of the cards had their PINs skimmed, or stolen by hackers through a variety of techniques.

Bank Mandiri'€™s senior executive vice president for transactional banking, Rico Usthavia Frans, said customers had lost between Rp 250,000 (US$21.52) and Rp 2 million as a result of the attempted fraud.

'€œCustomers have to start to be more aware of such schemes. The easiest thing they can do is read what banks have told them about information security,'€ Yasser said.

On the offense: The last stage was a capture-the-flag test, where teams had to break into each other'€™s systems to find protected files. (JP/Novia D. Rulistia)
Accordingly, the Defense Ministry recently organized the 2014 Cyber Defense Competition to improve the of hackers and raise awareness about Internet security given a rising number of attacks.

The second edition of the contest was held in cooperation with the Indonesia Open Source Association (AOSI), which promotes the use and modification of freely available technology and code; the Indonesia Information and Technology Federation (FTII); and the ID-SIRTII/CC, a computer security awareness non-profit backed by government and business.

Thirty teams from across the nation, including five comprising high-school students, competed in the finals, which were held at the Naval Academy in Surabaya, East Java.

'€œThis competition is to strengthen our soft power in order to better support our hard power,'€ Defense Minister Purnomo Yusgiantoro said during the opening of the competition.

'€œThrough this competition, too, we can learn their identities. I'€™ve been told that the skills of these young men are incredible, and that way, we can also measure and evaluate the skills of our own men in the ministry and the TNI,'€ Purnomo said.

M. Salahuddien from the ID-SIRTII/CC said that the hackers, who advanced from an online qualification round, went laptop-to-laptop against each other in a four-round final showdown.

Each team of three to five people was given a server to defend (and to launch attacks). Hackers were allowed to use their own laptops, although connecting to the Internet was forbidden so hacks would be done manually.

Salahuddien said that the first test was aimed at gauging the hackers'€™ skills in forensics, e.g., handling and finding evidences of possible hidden attacks in their systems.

'€œWe were very weak at forensics,'€ said Yohan, a participant from Jakarta. '€œWe could only finish one out of four problems. But we will catch up in the defending round because we deal with information security every day.'€

Colors: Indonesian hackers accounted for 5.7 percent of all attacks last year. (Courtesy of Indonesia Hacker)
Next was a computer network defense test, where teams were given about a half hour to design and prepare safeguards after an attack led by the committee'€™s hackers before going on the attack.

While some groups hacked their target servers easily, others had challenges.

The third round comprised penetration tests that required hackers to find security holes in their systems.

The last stage was a capture-the-flag test, where teams had to break into each other'€™s systems to find protected files, compiling reports and screenshots as they went deeper and deeper into their opponents'€™ networks.

ID-SIRTII/CC'€™s Iwan Sumantri said that the same test material was given to the students and general teams, since the skills of the students were equal or even better than their peers outside the ivory tower.

Organizers, however, divided the winners into two categories: students and general.

'€œThe jury assessed the teams through their report. The capability in making reports between students and general participants is of course different, so we separated the winners,'€ Iwan said.

The jury comprised representatives from the committee, IT experts, academics and independent experts.

Purnomo said that the Defense Ministry would keep a close eye on the contest'€™s winners, although they would not be directly recruited into its Cyber Operations Center (COC) hacker squad.

'€œIf they want to strengthen our COC unit, they will have to follow the regular recruitment process,'€ the minister said. '€œWe'€™re going to make an alumni association for this competition, so we can contact them right away if something urgent comes up.'€

Alpha Omega Team, which won the contest last year, also finished first in 2014.

One member of the jury, local IT businessman Irwin Day, said that Alpha Omega led in three out of four rounds. '€œTheir reports were also very complete and detailed.'€