! Partnerships, Sub-regional Cooperation and National Inter-Agency Coordination OU Phannarith Head of CamCERT & Permanent Member of Cybercrime Law Working Group Ministry of Posts & Telecommunications (MPTC) ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill International Telecommunication Union 9-11 | Lao Plaza | Vientiane | Lao PDR Agenda ! ! Case Study and Challenges Conclusion ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill International Telecommunication Union 9-11 | Lao Plaza | Vientiane | Lao PDR Case 1 – ID Theft (Email) Lesson Learn Local contact Focal Point Human Relation Reporting Channel ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill International Telecommunication Union 9-11 | Lao Plaza | Vientiane | Lao PDR Case 1 – ID Theft (Email) Anatomy of Cooperation Report CamCERT Victim Account has been suspended in 12 hours Company (US) Foreign CERT same country Foreign Company ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill International Telecommunication Union 9-11 | Lao Plaza | Vientiane | Lao PDR Case 2 – Media (Web) Attack Lesson Learn Know -How Reporting Channel Cooperation Playi ng Private Sector Popular Cambodi a’s News ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill Legal Issue International Telecommunication Union 9-11 | Lao Plaza | Vientiane | Lao PDR Case 2 – Media (Web) Attack Anatomy of Cooperation CamCERT Technical Victim Free Proxy Service Com Law Enforcement Log evidence ISPs ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill International Telecommunication Union 9-11 | Lao Plaza | Vientiane | Lao PDR Case 3 – Anonymous Cambodia #OpCambodia by Anonymous Philippine The First Political motivated attack to Cambodia Government & Private Sector Websites What is the Motivation? Note Happy with the result of ASEAN Meeting without issue any statement in its history International ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill Telecommunication Union 9-11 | Lao Plaza | Vientiane | Lao PDR Case - #OpCambodia Joint Circular Combating Telecom Fraud including ISPs & Tele Oper. Report Confirm National Police MPTC Challenges • • Philippine Police • Evidence Collections Report/ Advisory CamCERT Victim Websites ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill • • • • • Not ready in preparation (ASEAN Meeting Website) Good cooperation between CamCERT & Police The victims do not aware that they attacked because of political motivated The administrators do not know how to secure their website in coding (go & come) Using Old CMS version Hosting outside Cambodia What is Log File? International Philippine do not have Telecommunication National CERT TeamUnion 9-11 | Lao Plaza | Vientiane | Lao PDR Case 4 – Operation TPB2 #OpTPB2 (Gottfrid Arrest in Cambodia) ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill International Telecommunication Union 9-11 | Lao Plaza | Vientiane | Lao PDR Case - #OpTPB2 Government of Sweden Challenges Notified Government of Cambodia Arrested Result Hacker Declare #OpTPB2 Against Cambodia Gov’t and Private Sector Websites. Attack Victim Websites Advisory CamCERT Report • • • • • • • • National Police ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill Cambodia is part of International Community Cambodia is vulnerable in the absent of law and expertises Poor coding practice What is Log File? Noting seriously leak No Agreement with Sweden Cambodia used Immigration Law (with the Red Notice from Interpol) to deport him out of Cambodia Information sharing between CamCERT & NationalInternational Police Telecommunication Union 9-11 | Lao Plaza | Vientiane | Lao PDR Inter-Agency In Cambodia Agency Relevant in CyberCrime Issue Council of Ministers National ICT Development Authority CamCERT InfoSec • • • • • • Gov’t Security Policy and Standard Incident Management Info. Security Cener (ISC) Law & Regulation Awareness & Outreach Local/Int’l Framework CyberCrime Law • • • • Working on Drafting Cybercrime Law Many senior Governments officials and advisor Local & International Cooperation Awareness Samdech Hun Sen Prime Minister - Chairman H.E. SOK An, Deputy Prime Minister in Charge of Council of Ministers Deputy Chairman H.E. Chun Vat Secretary General MPTC (ISP, Telco Policy) Min. Information (Media, TV, Newspaper) Min. Defense (National Security) National Police (Cybercrime Investigate) Relevant Ministry / Supporting ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill International Min. Justice Telecommunication (Judicial System) Union 9-11 | Lao Plaza | Vientiane | Lao PDR Conclusion Building communities, working together & knowledge sharing is the key to success Mr. OU Phannarith Head of CamCERT Permanent Member of Cybercrime Law Working Group National ICT Development Authority OfNice of The Council of Ministers Email: phannarith-­‐ou[at]nida.gov.kh ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill International Telecommunication Union 9-11 | Lao Plaza | Vientiane | Lao PDR