Partnerships, Sub-regional Cooperation and National Inter-Agency Coordination OU Phannarith

advertisement
!
Partnerships, Sub-regional Cooperation
and National Inter-Agency Coordination
OU Phannarith
Head of CamCERT & Permanent Member of Cybercrime Law
Working Group
Ministry of Posts & Telecommunications (MPTC)
ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill
International
Telecommunication
Union
9-11 | Lao Plaza | Vientiane | Lao PDR
Agenda
!
!
Case Study and Challenges
Conclusion
ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill
International
Telecommunication
Union
9-11 | Lao Plaza | Vientiane | Lao PDR
Case 1 – ID Theft (Email)
Lesson Learn Local contact Focal Point Human Relation Reporting Channel ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill
International
Telecommunication
Union
9-11 | Lao Plaza | Vientiane | Lao PDR
Case 1 – ID Theft (Email)
Anatomy of Cooperation Report CamCERT Victim Account has been suspended in 12 hours Company (US) Foreign CERT same country Foreign Company ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill
International
Telecommunication
Union
9-11 | Lao Plaza | Vientiane | Lao PDR
Case 2 – Media (Web) Attack
Lesson Learn Know
-How
Reporting Channel Cooperation Playi
ng
Private Sector Popular
Cambodi
a’s News
ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill
Legal Issue International
Telecommunication
Union
9-11 | Lao Plaza | Vientiane | Lao PDR
Case 2 – Media (Web) Attack
Anatomy of Cooperation CamCERT Technical Victim Free Proxy Service Com Law Enforcement Log evidence ISPs ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill
International
Telecommunication
Union
9-11 | Lao Plaza | Vientiane | Lao PDR
Case 3 – Anonymous Cambodia
#OpCambodia by Anonymous Philippine
The First Political
motivated attack to
Cambodia Government &
Private Sector Websites
What is the Motivation?
Note Happy with the
result of ASEAN Meeting
without issue any
statement in its history
International
ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill
Telecommunication
Union
9-11 | Lao Plaza | Vientiane | Lao PDR
Case - #OpCambodia
Joint Circular Combating Telecom
Fraud including ISPs & Tele Oper.
Report
Confirm
National Police
MPTC
Challenges
•
•
Philippine
Police
•
Evidence Collections
Report/
Advisory
CamCERT
Victim Websites
ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill
•
•
•
•
•
Not ready in preparation
(ASEAN Meeting Website)
Good cooperation between
CamCERT & Police
The victims do not aware
that they attacked because
of political motivated
The administrators do not
know how to secure their
website in coding (go &
come)
Using Old CMS version
Hosting outside Cambodia
What is Log File?
International
Philippine do not have
Telecommunication
National
CERT TeamUnion
9-11 | Lao Plaza | Vientiane | Lao PDR
Case 4 – Operation TPB2
#OpTPB2 (Gottfrid Arrest in Cambodia)
ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill
International
Telecommunication
Union
9-11 | Lao Plaza | Vientiane | Lao PDR
Case - #OpTPB2
Government of Sweden
Challenges
Notified
Government of Cambodia
Arrested
Result
Hacker Declare
#OpTPB2 Against
Cambodia Gov’t
and Private Sector
Websites.
Attack
Victim Websites
Advisory
CamCERT
Report
•
•
•
•
•
•
•
•
National Police
ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill
Cambodia is part of
International Community
Cambodia is vulnerable in
the absent of law and
expertises
Poor coding practice
What is Log File?
Noting seriously leak
No Agreement with Sweden
Cambodia used Immigration
Law (with the Red Notice
from Interpol) to deport him
out of Cambodia
Information sharing between
CamCERT & NationalInternational
Police
Telecommunication
Union
9-11 | Lao Plaza | Vientiane | Lao PDR
Inter-Agency In Cambodia
Agency Relevant in CyberCrime Issue
Council of Ministers
National ICT Development Authority
CamCERT InfoSec
•
•
•
•
•
•
Gov’t Security Policy
and Standard
Incident Management
Info. Security Cener
(ISC)
Law & Regulation
Awareness & Outreach
Local/Int’l Framework
CyberCrime Law
•
•
•
•
Working on Drafting
Cybercrime Law
Many senior
Governments
officials and advisor
Local & International
Cooperation
Awareness
Samdech Hun Sen
Prime Minister - Chairman
H.E. SOK An, Deputy
Prime Minister in Charge
of Council of Ministers
Deputy Chairman
H.E. Chun Vat
Secretary General
MPTC (ISP, Telco Policy)
Min. Information (Media,
TV, Newspaper)
Min. Defense (National
Security)
National Police
(Cybercrime Investigate)
Relevant Ministry / Supporting
ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill
International
Min. Justice
Telecommunication
(Judicial System)
Union
9-11 | Lao Plaza | Vientiane | Lao PDR
Conclusion
Building communities, working together & knowledge sharing is the key to success Mr. OU Phannarith Head of CamCERT Permanent Member of Cybercrime Law Working Group National ICT Development Authority OfNice of The Council of Ministers Email: phannarith-­‐ou[at]nida.gov.kh ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill
International
Telecommunication
Union
9-11 | Lao Plaza | Vientiane | Lao PDR
Download