200 likes | 223 Views
This report outlines the objectives and accomplishments of TWCERT/CC in combating phishing attacks, with a focus on reducing financial losses, speeding up response times, and predicting phishing behavior. It also highlights key participant organizations and statistics on phishing sites in Taiwan.
E N D
TWCERT/CC Anti-Phishing status report
TWCERT/CC Objectives • Establish Joint Defense to Strengthen Information Security Infrastructure • Improve Network Security to Protect Users’Rights • Strengthen Security Notification Mechanism to Improve Process Efficiency • Establish Resource and Information Sharing Platform to Accumulate Technical Capacity
3-phase of TWCERT/CC Establishment Alliance Alliance Security Alliance Services Training Meeting 1998-2005 Preparation phase – funded by TWNIC 2010-2012 Operation phase – operated by TWNIC 2005-2009 Implementation phase - partially supported by TWNIC 2009 JPCERT/CC MOU 1998/9 establish 2010/1 TWNIC host TWCERT/CC Transform Version scan for DNS, Mail and Web server DNS setup validation system Anti-Phishing Notification Window Cyber Clean Center E-learning system 2001/10 Join FIRST 2002 Join APCERT 2003 Seoul-Melbourne Anti-Spam Agreement Training \ Anti-Phishing Cyber Clean Center NBEN security center plan and setup NICI Intrusion Detection system for research network TA-CERT NCC-CERT Working Group Security Alliance Project Training Course Certification program Working group meeting every week Advisory Committee meeting twice a year Annual General meeting once a year Training 2001 TWNCERT 80 Security education every year Security workshop each quarter Security Alliance 2010/10 Taiwan Security Alliance 2010/10 TA-CERT Launch 2011/3 NCC-CERT Launch 2011 EC-CERT 3
TWCERT/CC Structure Anti-Phishing Notification Window WG Leader Support Team International Affairs Leader Project Manager Cyber Clean Center WG Leader Director Advisory Committee Chairman Consultant Nai-Wen Hsu Anthony Lee Geng-Da Tsai Supported by TWNIC Shian-Shyong Tseng Ai-Chin Lu Nian-Shing Chen Tien-Lai Teng Full-time Staff Full-time Staff Full-time Staff Ian Chiang Abel Yang, Haway Liang Tsz-Heng Kuo Volunteers from Volunteers from RDEC NCHC National SYS University Computer Center, MOE ICST Chunghwa Telecom RDEC NCHC National SYS University Computer Center, MOE ICST Chunghwa Telecom
Relationship between TWCERT/CC and other CERTs FIRST APCERT CSIRT community Oversea CSIRT Other CERTs Other organization International TWCERT/CC Domestic International cooperation CERTs coordination Information sharing Research Education NCC CERT MCERT TANet CERT TWNCERT GSN CERT EC-CERT
Taiwan Security Alliance Government organizations TWNCERT MOTC Advise ISPs NCC-CERT Coordination TWCERT/CC Committee Academic TA-CERT IASP TWIA Administrative support TWNIC
TWCERT/CC Anti-Phishing status report
Objectives • Reduce/prevent financial losses from phishing attacks • Speedup the anti-phishing process and reduce the uptime of Taiwan phishing sites within 24 hours • Predict the phishing behavior and stop it in advance
Participant • Ministry of Transportation and Communications • National Communications Commission/NCCCERT • Research Development Evaluation Commission/TWNCERT/Information & Communication Security Technology Center • Ministry of Education/TANet CERT/Nation Sun Yat-sen University • Taiwan Internet Association • ISPs • TWCERT/CC
Phishing sites in Taiwan Source:APWG Global Phishing Survey: Trends and Domain Name Use
APNOW mechanism 7 Technicaladvice 8 4 ISP/Members Notice & Takedown Phishing Site 1 Collection APNOWplatform 3 2 6 5 Publicauthority 10 hours Report dispatch Notice & Takedown Phishing Site 6 hours 8 hours Check whether phishing site existence Public authority shutdown phishing site Return to informer 10 hours 14 hours Phishing site alive less than 24 hours
Statistics • There are 388instances since 2010Q4 • Phishing sites average uptime is 22.5 hours