National Cybersecurity preparation to deal with Cyber Attacks

Transcription

1 National Cybersecurity preparation to deal with Cyber Attacks Dr. Chaichana Mitrpant Assistant Executive Director, Electronic Transactions Development Agency (ETDA) 1

2 Over all Internet usage in Thailand - Computers 32 % - Mobile devices 66.4% - Home use 13.4% - Commercial use 16.6% - Social Network (persons) 14,142,620 (facebook) Analog to Digital Era Trust on Cybersecurity Challenges e-transaction 1) e-payment 4) e-certificate 2) e-trading & service 5) e-medical record 3) e-filing and e-reporting (e-commerce = 56%, e-auction = 44%) 2

3 Potential Attacks 1980: Physical Attack 1990: Network Attack Physical attack is normally in the past years. Nowadays, it becomes Network attack. 3

4 Potential Attacks In the past 10 years, the threat is more complicate. The most common is phishing, unauthorized wireless access and attack via vulnerability of Web Application. 2000s: Wireless 2000s: Application 4

5 Potential Attacks 2010s: Client-Side Malware is usually transmitted via PDF, Mobile Application and Social Media Software 2010s: Client-Side (Malware) 2010s: Social Networking 5

6 North Korea behind hacking attack in March, claims Seoul South says computers in North were used for onslaught that wiped hard drives on PCs in TV stations and disrupted banks 6

7 Current Situation of Thailand In 2012, There were 772,938 IP addresses of all IP numbers 8,559,616 (9%) of computers in Thailand that compromised and malicious used as the tools for DDoS attack. In 2012, There were 534 websites reported as fraudulent financial. From January to March 2013, 707 websites were attacked and change data (Defacement). An approximately 50% of this number was from the Institution. 7

8 Threats Statistics classified by Type In 2012, ThaiCERT received 792 incidents 8

9 Importance of National Cybersecurity No center of command National agenda Increasing number of security threats 9

10 Management approach to Cybersecurity Prime Minister's statement on 76/2555 on March 19, 2555 was to establish the committee of the National Cyber security having Prime Minister is the Chairman. (Assigned Deputy Prime Minister Chalerm Yubamrung). Prime Minister assigned ETDA: To be Secretary of the National Cybersecurity in order to To Prepare a draft policy framework for National Cybersecurity / Cybersecurity Master Plan for Thailand. 10

11 Stakeholders in Cyber Security Economic Stability - Regulatory work - Justice work Social Peace National Cyber Security Urgent Center of Command Need ThaiCERT & Other CERTs Strengthening Capacity & Raising Public Awareness Military Stability - National Defense & Security Council - Intelligence Work - Facilities & Retaliation - Ministry of Defence & Army. 11

12 National Cyberecurity Committee (Prime Minister is Chairman) NBTC ISO/IEC 27001:2005 Driving Law Compliance. Develop standard according to Electronic Transactions Act Office of Electronic Transactions Commission Critical Infrastructure Group Policy/Promotion/ Regulator National BCP Develop plan to support the availability of emergency or disaster. (Continue from NESDB) Thailand Cybersecurity Policy National Security Council Internal Security Operations Command Urgent tasks (Prepare and develop framework) NIA Policy & Defense Security Professional Standard Enhance professional skill / Increase number of Expert / Compensation Royal Thai Arm Force & ศ นย ร กษา ความปลอดภ ย คอมพ วเตอร (Draft) Thailand Computer Crime Act (Second Edition) Prevention & suppression. คกก. นโยบายร กษา ความปลอดภ ยแห งชาต คกก.นโยบาย ต ารวจแห งชาต Law Enforcement Best Practices & Guidelines - Use of Smart Phone - Use of Social Network - Privacy Policy Other Messures คกก.คด พ เศษ ด แลการด าเน นคด อาญาท เป นคด พ เศษ Infrastructure to encourage. - Sector-based CERTs -NRCA - Government Monitoring - National Archive (e-authen tication) 12

13 Authority duties of National Cybersecurity Committee 1. Develop policy and National Cybersecurity Model Scheme 2. Set and develop guideline for measure, plan and cybersecurity programs 3. Monitor and evaluate measures and plans according to the guideline 4. Provide progress, situation and risk analysis of cyber threats report to the Council of Ministers 5. Appoint subcommitte es or working groups to support the operations 6. Coordinate with local and international cybersecurity 7. Other operations as assignment 13

14 (Draft) National Cybersecurity Policy Framework Primary Strategic Secondary Strategic 1 Governance and Organizational Structure 2 Cybersecurity Emergency Readiness 3 National Critical Information Infrastructure Readiness 4 Public-Private Partnership 5 Capacity & Capability Building 6 Legal Measures 7 Research and Development 8 International Cooperation 14

15 2013 Working plan of National Cyberecurity 1 st Quarter 2 nd Quarter 3 rd Quarter 4 th Quarter Collaborate with involved Agencies Develop plan and Workflow for interoperability when incidents occur Develop Security Framework Build Public Awareness Incidents Drill Practice Setup CERT as internal unit for other organization National Assessment FIRST event preparation Capacity Building 15