Network Security in Vietnam and VNCERT. Network Security in Vietnam and VNCERT



Similar documents
Network Security and the Small Business

region16.net Acceptable Use Policy ( AUP )

Detailed Description about course module wise:

What are Viruses, Trojans, Worms & Spyware:

Countermeasures against Bots

Cyber Security and Critical Information Infrastructure

Computer Viruses: How to Avoid Infection

Real-time Network Monitoring and Security Platform for Securing Next-Generation Network. Assoc. Prof. Dr. Sureswaran Ramadass

Online Security Awareness - UAE Exchange - Foreign Exchange Send Money UAE Exchange

Computer Security Maintenance Information and Self-Check Activities

Review report of cybercrime-cybersecurity in Vietnam

Information Security Threat Trends

HACKING RELOADED. Hacken IS simple! Christian H. Gresser

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

Defensible Strategy To. Cyber Incident Response

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1

Countermeasures against Spyware

Topic 1 Lesson 1: Importance of network security

Cybercrime in Canadian Criminal Law

Cyber Security Solutions for Small Businesses Comparison Report: A Sampling of Cyber Security Solutions Designed for the Small Business Community

Fast overview about the CERT-TCC. Helmi Rais CERT-TCC Team Manager

Common Cyber Threats. Common cyber threats include:

Managing Security Risks in Modern IT Networks

Top tips for improved network security

Anthony Minnaar Dept of Criminology & Security Science School of Criminal Justice College of Law University of South Africa

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

Promoting Network Security (A Service Provider Perspective)

Appendix A. 1 Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Achieving Truly Secure Cloud Communications. How to navigate evolving security threats

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

7 Critical Facts Every Business Owner Must Know About Protecting Their Computer Network From Downtime, Data Loss, Viruses, Hackers and Disasters

Cyber Security Threats and Countermeasures

Cyber Security & Role of CERT-In. Dr. Gulshan Rai Director General, CERT-IN Govt. of India grai@mit.gov.in

1. For each of the 25 questions, multiply each question response risk value (1-5) by the number of times it was chosen by the survey takers.

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT

Network Incident Report

EC Council Certified Ethical Hacker V8

Current Threat Scenario and Recent Attack Trends

CYBER SECURITY. II. SCANDALOUS HACKINGS To show the seriousness of hacking we have included some very scandalous hacking incidences.

OCT Training & Technology Solutions Training@qc.cuny.edu (718)

Cyber Security Solutions:

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

References NYS Office of Cyber Security and Critical Infrastructure Coordination Best Practices and Assessment Tools for the Household

Cyber Security Awareness

ANTIVIRUS BEST PRACTICES

Certified Ethical Hacker Exam Version Comparison. Version Comparison

Cyber security Country Experience: Establishment of Information Security Projects.

5 DEADLY MISTAKES THAT BUSINESS OWNERS MAKE WITH THEIR COMPUTER NETWORKS AND HOW TO PROTECT YOUR BUSINESS

2012 Endpoint Security Best Practices Survey

Cyber Security Beginners Guide to Firewalls A Non-Technical Guide

DDoS Attacks Can Take Down Your Online Services

Country Case Study on Incident Management Capabilities CERT-TCC, Tunisia

Denial of Service (DoS) Technical Primer

Introduction: 1. Daily 360 Website Scanning for Malware

Indian Computer Emergency Response Team (CERT-In) Annual Report (2010)

3 Marketing Security Risks. How to combat the threats to the security of your Marketing Database

Cyber Security Awareness

Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning

CHAPTER 10: COMPUTER SECURITY AND RISKS

Cyber Security. An Executive Imperative for Business Owners. 77 Westport Plaza, St. Louis, MO p f

What legal aspects are needed to address specific ICT related issues?

The Ministry of Information & Communication Technology MICT

Guidelines for Website Security and Security Counter Measures for e-e Governance Project

INFORMATION SECURITY FOR YOUR AGENCY

Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望

9. Information Assurance and Security, Protecting Information Resources. Janeela Maraj. Tutorial 9 21/11/2014 INFO 1500

Stopping zombies, botnets and other - and web-borne threats

COB 302 Management Information System (Lesson 8)

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

Internet Security Protecting Your Business. Hayden Johnston & Rik Perry WYSCOM

[CEH]: Ethical Hacking and Countermeasures

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Don t Fall Victim to Cybercrime:

Hacking Database for Owning your Data

How Your Current IT Security System Might Be Leaving You Exposed TAKEAWAYS CHALLENGES WHITE PAPER

Client Security Risk Assessment Questionnaire

Bendigo and Adelaide Bank Ltd Security Incident Response Procedure

Cyber Security. Maintaining Your Identity on the Net

Identifying Cyber Risks and How they Impact Your Business

The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED

ABB s approach concerning IS Security for Automation Systems

Commercial in confidence TELSTRA WHOLESALE ACCEPTABLE USE POLICY. Commercial-in-Confidence. Issue Number 1.5, 20 November 2012

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

The Key to Secure Online Financial Transactions

PEER-TO-PEER NETWORK

Transcription:

Network Security in Vietnam and VNCERT 1. Information Security Problems 2. Legal and Law 3. Plan for establishing VNCERT 4. Cooperation Network Security in Vietnam and VNCERT Information Security Problems: Some recent hacking methods most used in Vietnam Virus 1

Information Security Problems Recent hacking methods most used in Vietnam DoS and DDoS: : occur often. Spam mail and fishing: is very popular, but is not Intrusions: SQL injection and exploit Web server vulnerability are used widely and bring serious harmful.. Hacking Windows server without patch packages is all the rage. Hijacking: is also very popular. Viruses, Trojan, spyware,, backdoor: the hot problems that we have to fight against. Information Security Problems Hacker: - 1999, one big ISP in Vietnam was attacked, service was denied for one week. But attackings like that is rarely. Almost these attackings are only changing private wesite s contents. - 2005, there are many Government Website were attacked by Turkish hackers 2

Information Security Problems Viruses: - 25/11/1997, 25/11/1998, data in thousands PCs in Vietnam had been deleted by Date Virus. - 26/4/1999, 26/4/2000, Chernobyl virus, which is warned broadly before, but they had destroyed data of thousands PCs. - Melissa virus in 1999, LoveLetter virus in 2000, Code Red virus in 2001 and Nimda virus flood and jammed our Internet - 6/5/2002 W32.KlezE.Worm virus destroyed data of thousands PC... - 2003 BugBear, Frethem, Lirva virus spead widely as immediately as the world. Information Security Problems Virus: - 95 percent of PCs in Vietnam had been infected by viruses or Spyware - Damages go up to 390 thousand VND (30USD( 30USD) ) for each PC per year 100% 90% 80% 70% 100% 95% 90% 85% 80% 94% Banking & Finance 89% Percentage of PC infected by viruses in the last 12 months 97% 99% 90% 94% 94% Services Commerce Health Education Others Percentage of PC infected by Spyware in the last 12 months 92% 89% 86% 81% 86% 60% 50% Banking & Finance Services Commerce Health Education Others 3

Information Security Problems Viruses: 17% Number of PCs infected by virus in a virus-attack in companies/organizations 21% 1-4 5-9 10-30 Over 30 36% 26% Time lost recovering 6% 37% 3% 54% Few hours Few days 1 week More than 1 week Percentage of companies/organizations must stop working after a virusattack 59% Stop working 41% Working 1. Civil Code 2. Decree No. 55 Legal and Law 4

Legal and Law Civil Code: - Demand the infringer or request a court to order the infringer to cease the infringing act or issue a public apology or retraction; - Make a retraction him/herself in the mass media; or - Demand the infringer or request a court to order the infringer to compensate for material damage and mental suffering. Legal and Law Decree No. 55 - Using the password, encryption code or personal information of another person to access and use internet services illegally; - Using soft ware tools to access and use internet services illegally; - Breach of regulations on the safety and security of internet information in the provision of internet services; - Using the internet with the intention of threatening, harassing, and defaming the hornor and human dignity of another person; 5

Decree No. 55 (cont.) Legal and Law - Stealing a password, encryption code, or private information of any organization or individual and popularizing it use among others; - Breach of regulations on computer operations, exploitation and use, causing chaos, or blocking or deforming or destroying the data on the internet; and - Creating and deliberately disseminating or spreading virus programs on the internet. Plan for establishing VNCERT What exists? - Network managers: : by themselves - International Vendors: : Checkpoint, Cisco, ISS, Symantec, Norton s Security, Trendmicro and many others. - Local companies: Misoft co. with firewall software Distributed Fast Firewall System, some other companies give a security service. - Research Institutes: : ITT, MOD, MOP, Hanoi University of Technologies CSIRT BKAV with a software Bach Khoa Anti-Virus (BKAV), etc. Act separately, discretely and unable to response to system incidents in large scale, in the same time tre hacker trope is growing fast. 6

Plan for establishing VNCERT Proposal is implementing: - April June: To build CERT s project. - July August: To collect opinion from other Ministries. - September: To submit CERT project to Vietnam government and receive her approval. - End September to establish VNCERT. Plan for establishing VNCERT VNCERT Mission - To coordinate all actions, awareness, resource for combating Network and IS attacks of all kind. - To promote establishing a connective group of local CSIRTs,, their practical issues and training - To help lawgiver and policymaker to understand about cyber security better. - To cooperate comprehensively with international organizations and main CERTs of all economics. In cooperation we see the key to the success. 7

Cooperation What difficulties a developing country comes up with? Legal problems: Many things to be corrected added or replaced. Financial problems: Short government budget, small IT market. We have to set up our Vietnam CERT in high professional level, but with minimum expenses. Technical problems: Need a detail project for implementing all main issues of VNCERT, for training and improving competence and knowledge of the staff. The same situation is in other developing countries. Cooperation How the strong CERT can support to small CERT: Sharing experiences in organization works, sponsoring some projects. Sponsoring training courses, practical training on works. Sharing knowledge: building a special electronic library for CERT's use. Sharing information: Special Website,, Publication, hot line and other activity. 8

THANK YOU FOR YOUR ATTENTION Vu Quoc Khanh MPT Vietnam vqkhanh@mpt.gov.vn 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information