210 likes | 370 Views
Cyberspace and the Police. Mamoru TAKAHASHI Head of Computer Forensic Center, Hi-tech Crime Technology Division National Police Agency, Japan. Security Measures by Government. Basic IT Law (Jan. 2001) Electronic Government To be established by fiscal 2003
E N D
Cyberspace and the Police Mamoru TAKAHASHI Head of Computer Forensic Center, Hi-tech Crime Technology Division National Police Agency, Japan
Security Measures by Government • Basic IT Law (Jan. 2001) • Electronic Government • To be established by fiscal 2003 • IT Security Office at Cabinet Secretariat is in charge of Security Aspect • Action Plan on Building Infrastructure to Counter Hackers and Other Cyber Threats (Jan. 21, 2000) • Special Action Plan on Fighting Cyber-terrorism against Critical Infrastructure (Dec. 15, 2000) • How Government and the Private Sector Can Work Together to Fight Cyber-terrorism (Oct. 2, 2001)
“Guidelines for IT Security Policy” • Formulated in July 2000. • Each ministry and agency in the government finished formulating its own policy by Dec. 2000. • Contents • Physical security • Human security (Education, Training, Password management) • Technical security • Operation • Security Practices had Reviewed by Nov. 2002
NIRTNational Incident Response Team • Established in April 2002, to react cyber attacks against e-government. • It’s mission is to share information and make emergency responses to counter cyber terrorism against e-government. • This is one of our projects to prepare for establishment of e-government.
NPA Organization for Technical Support to Cyber Crime Investigations
Trends of Internet Usage in Japan • Estimated 47.08 millions (2000), up 74% year over year. • Estimated 87.2 millions (2005). • Cf. Population : 126.9 millions (2000)
Intrusion Detection Network System • Collects information real-time from police forces nationwide. • Detects and analyzes incidents on the Internet. • Shares the analysis with various organizations. • Contact Point for other Organizations. • 24/7 Monitoring
1st Quarterly Report • 24/7 Cyber Force's watch activity • watching cyber attack attempts to the police facilities nationwide • Analysis of criminal and malicious activities on the Internet • based on data of the second quarter of FY2002 • First analysis of this kind in Japan • first ever analysis in Japan
Emanation Source Emanation source does not necessarily mean that the attacker(s) come from there.
Ping probe Port scan Access to backdoor Attack to DNS Attack to Web server DoS Attack Others Country Trend Italy US Japan China Korea 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Emanation source does not necessarily mean that the attacker(s) come from there.
Number of Attack 2000 1800 1600 1400 1200 1000 800 600 400 200 0 10 1 5 15 20 25 1 15 20 25 1 5 15 20 25 10 5 10 July August September
Ping probe Port Scan Access to back door Attack to DNS Attack to Web Server DoS Attack Others Attack Method
Usage of the Analysis • Public announcement • raising public awareness of security by providing data through the Internet • Strengthen relationship with critical infrastructure • promoting anti-cyber terrorism efforts • Strengthen international cooperation • information sharing with foreign law enforcement agencies
Future Work • Timely information provision • Information provision through the NPA security portal site (to be operational in March 2003) • Continuous research on analysis method • Maximization of analysis value • Promote information sharing among the industry, academia and the government (ex. Critical infrastructures, the Cabinet Secretariat, universities)
Conclusions • Malicious Activities on the Net are Active • Meaningful Analysis Method of Net Activities must be Devised • Crucial for the Police to have Technical Capability to deal with Cyber Crime → • Closer Relationship between Government and Industry is Crucial • Security Awareness is Necessary
Contact Information Mamoru Takahashi Head of Computer Forensic Center Hi-tech Crime Technology Division National Police Agency mtakahashi00@npa.go.jp