Introduction of APCERT APCERT

Similar documents
Introduction of APCERT

Forum. Ningbo, China 25 February

APCERT Secretariat URL:

APCERT Secretariat URL:

APCERT Annual Report 2016

APCERT Secretariat URL:

The APEC Model. Global Partnership through Regional Initiatives

ipac Initiative Web Platform Between IP Academies for Sharing Information February 3, 2011 International Affairs Division Japan Patent Office

Australian Government Cyber-security Activities in the Pacific

ITU-ACMA Asia Pacific Regulators Roundtable July 2014

Report on Survey on the Participation of Business in Related National Committees Corresponding to International TCs & SCs

Software withdrawal: IBM Tivoli Storage Manager for Copy Services and IBM Tivoli Storage Manager for Advanced Copy Services - Replacements available

Monitoring and 3D Visualization of the Internet Threats

Building Global CSIRT Capabilities

CYBER INTELLIGENCE ASIA Combating Cybercrimes across the region Conference & Exhibition 20 th 22 nd March 2018 Singapore

Stakeholders Analysis

Compilation of Good Practices on Enhancing Resilience of GVCs to Natural Disasters

APCERT Annual Report 2017

IPv6 Deployment: Where are we now?

IPv6 Deployment: Where are we now?

Special Action Plan on Countermeasures to Cyber-terrorism of Critical Infrastructure (Provisional Translation)

National Cyber Security Strategy - Qatar. Michael Lewis, Deputy Director

CERT.LV activities, role in Latvia and globally. Baiba Kaskina, CERT.LV , Sofia, Bulgaria

The Role of SANAS in Support of South African Regulatory Objectives. Mr. Mpho Phaloane South African National Accreditation System

End of service: IBM Hardware selected products

2 nd ARF Seminar on Cyber Terrorism PAKISTAN S PERSPECTIVE AND EXPERIENCE WITH REFERENCE TO CERT IN COMBATING CYBER TERRORISM

IPv6 Deployment: Where are we now?

Presented by AI Yuxin, Programme Officer, CSAM

Contents. The Workshop IPv6 Collaborations in ASEAN Framework..8. The Results of IPv6 Collaborations in ASEAN..19. Conclusion and Recommendation 20

Safeguards on Personal Data Privacy.

NIST UPDATES TELECOM MRAS

Presentation by International Organization for Standardization

Technology and data privacy Global perspectives

2014 Luxury & Fashion Industry Conference for Multinationals

ASEAN s Cyber Confidence Building Measures

INDONESIA S PERSPECTIVE ON CYBER TERRORISM

The Case for National CSIRTs

CIRT: Requirements and implementation

Fundamentals of Cybersecurity/CIIP. Building Capacity: Using a National Strategy & Self-Assessment

MONITORING INTERNET ACCESS (As of August 20, 2002)

Information Security and Cyber Security

OAS Cybersecurity Capacity Building Efforts

About Issues in Building the National Strategy for Cybersecurity in Vietnam

1 History of CyberSecurity in the Philippines 2 3

Enterprise with Integrity

A Guide For Conformity Assessment Bodies to the APEC TEL Mutual Recognition Arrangement. APEC Telecommunications and Information Working Group

Emergency Communications and Disaster Management

JOINT MEDIA STATEMENT

NATIONAL STRATEGY:- MALAYSIAN EXPERIENCE

ThinkPad W700 series mobile workstation systems are eligible for Global Model Plus program

Expert Meeting on CYBERLAWS AND REGULATIONS FOR ENHANCING E-COMMERCE: INCLUDING CASE STUDIES AND LESSONS LEARNED March 2015

International Perspective on Philippine Internet Development Internet20PH 4 April Anna Mulingbayan

Outreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness

spam goes mobile Comverse User Forum 29th June 2005, Marbella (Spain)

Computer Security Trend 2008 from Japan. SQL Injection, DNS cache poisoning, Phishing, Key logger Malware and Targeted Attacks

RFC2350 TLP1: WHITE. Έκδοση National CSIRT-CY RFC2350

Croatian National CERT ACDC project Darko Perhoc, Head of National CERT CISSP, CEH, CCNP Security R&S,CCDP

Critical Information Infrastructure Protection. Role of CIRTs and Cooperation at National Level

Dialogue on Nonproliferation and Nuclear Security in Southeast Asia. Nuclear Cooperation in Southeast Asia. Stephanie Lieggi Senior Research Associate

Korea Phishing Activity Trends Report

The rise of major Adversaries is the most relevant trend in 2014, targeting Government and Critical Services

IPv6 Deployment: Where are we now?

Rohana Palliyaguru Director -Operations Sri Lanka CERT CC APCERT AGM and Conference, 24 th October 2018 Shanghai, China MINISTRY OF TELECOMMUNICATION

SAINT PETERSBURG DECLARATION Building Confidence and Security in the Use of ICT to Promote Economic Growth and Prosperity

An overview of the CERT/CC and CSIRT Community

Provisional Translation

CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT APRIL, SKOPJE

20/09/2013. Global Privacy and Data Protection: Practical Risk Assessment and Governance. Topics

ASIA-PACIFIC INFORMATION SUPERHIGHWAY (AP-IS) AND ASIAN HIGHWAY NETWORK

National Cybersecurity preparation to deal with Cyber Attacks

Netherlands Food and Consumer Product Safety Authority (NVWA) Alexander J. Moret e-cert Specialist. Geneva, 2016 Jun 28. June 28, 2016 NVWA 1

ICT Policy Perspective for APEC. Ministry of Internal Affairs and Communications March 2015

Senator the Hon Stephen Conroy Minister for Broadband, Communications and the Digital Economy. Deputy Leader of the Government in the Senate

The Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless

Indian Computer Emergency Response Team (CERT-In) Annual Report (2008)

Global Alliance Against Child Sexual Abuse Online 2014 Reporting Form

A Multi-Stakeholder Approach in the Fight Against Cybercrime

2nd ENISA Workshop German CERT-Activities. 5 th October, 2006 Brussels

Digital Health Cyber Security Centre

Introduction of CICC activities

Directive on security of network and information systems (NIS): State of Play

CSIRT in general CSIRT Service Categories Reactive Services Proactive services Security Quality Management Services CSIRT. Brmlab, hackerspace Prague

Indonesia Cyber Security Market

ThinkPad X200 notebooks are eligible for the Global Models Plus program with 3-year special bid on-site warranty

NEW JERSEY S HIGHER EDUCATION NETWORK (NJEDGE.NET), AN IP-VPN CASE STUDY

JOINT MEDIA STATEMENT

Update on the G.R.E.A.T. Project

A Guide for Industry to the APEC TEL Mutual Recognition Arrangement. APEC Telecommunications and Information Working Group

ASEAN Cyber Security and Cyber Crime Center: Possibility and Way Forward

Legal Foundation and Enforcement: Promoting Cybersecurity

แนวทางการพ ฒนา Information Security Professional ในประเทศไทย

DISASTER RISK REDUCTION AND RESILIENCE A Regional Approach

IPS Securex s revenue rose 36.5% to S$2.3 million in 1Q2018

Enhancing Joint Collaborative Efforts for Lab Preparedness. 2 nd GHSA Detect 1 Workshop 8-10 February 2017, Richmond Hotel Thailand

Data Governance for Smart City Management

UL and Business Continuity

Introduction to the Export Services Branch Programmes and Services Ministry of International Trade

JOINT MEDIA STATEMENT

Hardware withdrawal: IBM and InfoPrint Solutions Company printers in selected countries

Mobile Connect Driving Global Economic Growth Through Secure Mobile Identity

Transcription:

Introduction of Yurie Ito, JPCERT/CC (On behalf of the Secretariat) (Asia Pacific Computer Emergency Response Team) is a coalition of the forum of CSIRTs (Computer Security Incident Response Teams). The organization was established to encourage and support the activity of CSIRTs in the Asia Pacific region. Started from 15 teams from 12 economies Now 17 teams from 13 economies 1

Objectives Encourage and support regional and international cooperation on information security in the Asia Pacific region, Jointly develop measures to deal with large-scale or regional network security incidents, Facilitate info sharing and technology exchange, including info security, computer virus and malicious code, among its members, Promote collaborative research and development on subjects of interest to its members, Assist other CERTs and CSIRTs in the region to conduct efficient and effective computer emergency response capability, Provide inputs and/or recommendations to help address legal issues related to info security and emergency response across regional boundaries, Organize an annual conference (APSIRC) to raise awareness on computer security incident responses and trends. Members Full Members (15) AusCERT (Australian Computer Emergency Response Team) Australia BKIS (Bach Khoa Internetwork Security Center) Vietnam CCERT (CERNET Computer Emergency Response Team) People's Republic of China CNCERT/CC (National Computer network Emergency Response technical Team / Coordination C Center of China) People's Republic of China HKCERT/CC (Hong Kong Computer Emergency Response Team Coordination Center) Hong Kong, China IDCERT (Indonesia Computer Emergency Response Team) Indonesia JPCERT/CC (Japan Computer Emergency Response Team / Coordination Center) Japan KrCERT/CC /CC(Korea Computer Emergency Response Team Coordination Center, Korea Internet Security Center, KISA) Korea MyCERT (Malaysian Computer Emergency Response Team) Malaysia PH-CERT (Philippine Computer Emergency Response Team) Philippine SecurityMap.Net CERT (Securitymap Networks Computer Emergency Response Center) Korea SingCERT (Singapore Computer Emergency Response Team) Singapore ThaiCERT (Thai Computer Emergency Response Team) Thailand TWCERT/CC (Taiwan Computer Emergency Response Team / Coordination Center) Chinese Taipei TWNCERT (Taiwan National Computer Emergency Response Team) Chinese Taipei General Members (2) BruCERT (Brunei Computer Emergency Response Team) Negara Brunei Darussalam GCSIRT (Government Computer Security and Incident Response Team) Philippine 2

Cyber security Incident is changing Large scale, wide spreading incident (e.g. virus, warm out break, ) Specific Targeted Pin point incident, using powerful tool (e.g. Botnet) Script Kiddies, Manias Professionals, Criminals Motivation: for Fun - Stopping e.g. Denial of service Motivation: for Fame, Recognition - e.g. Web defacement Motivation: Specific. Stealing ID, money, information (e.g. Phishing, ID theft ) Incident Handling among members is changing - Start handling more complicating incidents 2002-2003 2003 (when was formed) 2004-2005 2005 (recent incident response) Response to the Wide-spreading Incident Slammer incident response case Reporting network traffic flow, updating local activities Sharing technical information and vendor s s notes Response to the Specific Targeted pin point attack Members sharing info e.g. public monitoring information attack announcement, targeted site, attacking tool information to help each team to protect constituency Recent China Japan Korea collaboration case Phishing site coordination 3

How does work? CSIRT:Computer Computer Security Incident Response Team s s incident response Independent from politics, market, industry Do not focus on WHO (attribute) and WHY (motivation) Focus on technically what is happening, how to stop the incident, how to prevent it, From technical perspective coordination CSIRT Common Policy My security is Depending on your security Web of trust CSIRT trust relationship is developed based on a long time operation collaboration relationship Systematic Handling with repeatable procedure, POC agreement Timely manner Each teams has appropriate domestic contacts to handle/response incidents. (ISPs, critical infrastructure, government ) Reaching to disconnected place using CSIRT network, where is difficult to reach - Consistent efforts Developed close collaborating relationship (Bridge the gap) Regular face to face meetings between teams (Develop trust) Developing long time tactical strategy addressing cyber related issues and work together - Training/Education/Awareness program Daily communication not only incident information but about team structure, problem, trend, project Site visiting time to time, Organizing regular gatherings POC arrangement between members 24 hours Hotline encrypted communication tool Practice - incident handling exercise CJK exercise 2004, expand the drill to all members 4

Based on operational experience Outreach to multiple sectors One important role of is education and training to raise awareness and encourage best practice. APEC-TEL: provided the recommendation/ situation awareness / trend to AP regional intergovernmental initiative as security experts group in AP ASEAN: members provide CSIRT training and Outreach program to newcomer economies Cross regional collaboration TF-CSIRT (TERENA( TERENA s Task Force of Computer Security Incident Response Teams): European Counterpart of FIRST: Implement TRANSITS standard CSIRT training material, add regional modules on top of the core material. TRANSITS program from EU Thank you. general contact (apcert( apcert-sec@apcert.org) http://www.apcert.org Yurie Ito (yito@jpcert.or.jp( yito@jpcert.or.jp) Director, Technical Operation, JPCERT/CC Tel: 81-3-3518 3518-4600 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback