240 likes | 451 Views
CIRT - Computer Incident Response Team. GOVERNMENT OF MONTENEGRO MINISTRY FOR INFORMATION SOCIETY AND TELECOMMINUCATIONS Doc.Dr ADIS BALOTA, dipl.ing.el DEPUTY MINISTER AND MANAGER OF CIRT TEAM. National CIRT of Montenegro. MINISTRY FOR INFORMATION SOCIETY AND TELECOMMINUCATIONS.
E N D
CIRT- Computer Incident Response Team GOVERNMENT OF MONTENEGRO MINISTRY FOR INFORMATION SOCIETY AND TELECOMMINUCATIONS Doc.Dr ADIS BALOTA, dipl.ing.el DEPUTY MINISTER AND MANAGER OF CIRT TEAM National CIRT of Montenegro MINISTRY FOR INFORMATION SOCIETY AND TELECOMMINUCATIONS
Cyber security challenges of the 21st century • Protection of the critical national infrastructure • Rapid growth of the cyber attack, criminal and terrorism • Inefficient international corporation and legislation • Constant progress in complexity of cyber attack • Generally insufficient level of development of cyber security awareness and cyber security culture
CYBER CRIME • Cyber Crime or E-crime, or HTC includes criminal activities in which computers and other IT equipment and computer networks are subjects, tools, objects or scene of a crime
Nigerian letter, fake massages • Fake web sites • Fishing – gathering of confidential information's • Farming – redirection to fake web addresses • Scams – coping of credit cards • Piracy • Distribution of pornographic materials Examples ofCybercrime
New types of computer crime that have developed in the last 10 years: • Computer trespass (USA) • Cyber bullying • Cyber defamation • Economic and industrial espionage by means of computer technology • Murder on Internet • Internet harassment • Encouragement to a suicide by Internet • Internet wars(1st Internet war: East Timor-Indonesia; Web War One: Estonia 2007 • 2008 South Ossetia-Russia Internet war, 2010 China Telekom, 2010 Stuxnet worm) • Online predators • Organized crime • White-collar criminal • Virtualization NEW TYPES OF COMPUTER CRIME
Statistics • 55 %of personal PC is infected with spyware • 7%of companiesare using the latest version of service pack of the Operating System • 25 %computers are zombies • 33 %companies allows Instant Messaging • 52 %companies the network is the last line of defense • 14 %users are reading spam and 4 % are buying the advertised products (!) • 21 %of span is pornography • 20 %of users in Great Britain are buying spam products
Symantec report on cybercrime for 2012. • 110 billion € loss for 2012. • 556 million victims in 2012. More than the entire population of EU. • 1,5 million victims every second • 66 % of online adultshave been the victim of cybercrime in their lifetime FRAUD REPAIRS THEFT OR LOSS
Legal Framework • Information Security Law of Montenegro • Administrative Agreement between Government • of Montenegro and ITU • Readiness Assessment Report • “National CIRT Project” Documentation • User Requirement Specification • CIRT Policies • Detailed study on Government Agencies roles against cyber criminal • Cooperation Protocols
Establishment of CIRT.ME • Member of project “establishment the national CIRT.ME: • Government of Montenegro – Ministry for Information Society • and Telecommunications • ITU – International Telecommunication Union • IMPACT –International Multirate Partnership • against cyber threats • The prerequisite for establishment of the National CIRT of Montenegro was the administrative agreement signed between the Government of Montenegro and the ITU on 29th of July 2011th .
Services of CIRT.ME • Prevention, treatment and elimination of consequences of computer security incidents on the Internet and other information systems security risks: • Security alerts and warnings • User education, raising security awareness in the field of information security CIRT Constituency • State agencies, • The state administration, • Local authorities, • Legal persons with public authorities, • Other private or legal persons who have access to or handle data
Training and education • Two representatives attended“Developing and Implementing a CIRT Team” in Malaysia. • IMPACT experts held Incident Response training in Montenegro for 12 representatives from different Government Agencies • Cybersecurity trainings in Japan • EC-Council (CEH)vouchers for CIRT members • Regional Forum on Cyber security for • Europe (Bulgaria)
Implementation • Implementation stage started in February 2012 • Publishing of www.cirt.me website and RTIR ticketing system, April 2012
The position of National CIRT ANS ISP Prime Minister Ministry of Defense Mobile Operators MIST Ministry of Internal Affairs Banks Police Department National CIRT Post office of Montenegro Ministry of Justice EPCG National Security Authority Other Institutions Other Departments NATIONAL CERT/CIRT TEAMS TRUSTED INTRODUCER ITU/IMPACT FIRST ENISA
Cooperation with Government Agencies • National CIRT has started the process of establishing local CIRT teams in Montenegro. • National CIRT will develop special relations with key Government Institutions recognized in the cyber security field: • Ministry of Defense, • Ministry of Internal Affairs, • Ministry of Justice, • National Security Agency • Directorate for the Protection of Classified Information • etc
Cooperation with Private Sector • In order for the CIRT to fulfill it’s duties, it’s very important to develop and maintain good relations with the Private sector. • Key Institutions: • ISP, • Mobile Operators, • Banking Sector, • Electric Power Industry, • Montenegro Post office • Other institutions
International Cooperation • Some of the key international organizations which are relevant in the cyber security field: • ITU • IMPACT • ENISA • TRUSTED Introducer • FIRST • CERT/CIRT Networks
International Corporation Cont. • Full membership in FIRST since February 2013. godine • Regional Corporation: Slovenian SI-CERT i Croatian Carnet CERT • Terena, Trusted Introduces, CIRT.ME listed • The advantages of membership in international organizations: • Assistance in resolving incidents • Training • Possibilities to use forensics capabilities • Direct communications with CERT/CIRT teams around theworld • Access to security information database
Attacks on web sites • Financial/bank frauds • Internet frauds • Theft of identity on the social networks • Sexual harassment in the cyber space • Farming – Banks fromMNand India • Compromised IP addresfrom .me domain • Child pornography Examples from the field – cirt.me
Conclusion • Future activities: • Establishment of the National Council for Cyber Security • Constant upgrade of conditions for efficient CIRT functions • -Legislation • -Training • -Tools • -Secure the financial needs • Local and International Corporation • Kaspersky • NAV • Expand the quantity and quality of the service