INTRODUCTION
OVERVIEW ON CYBERCRIME
1
Global Coalition
ITU-IMPACT’s Global Alliances
2
IMPACT
Introduction
•
The International Multilateral Partnership Against Cyber Threats
(IMPACT) was established in 2008 with a seed fund of $ 13 million from
the Government of Malaysia.
• This fund was utilised
towards setting up the
infrastructure, facilities
and initiating various
services for ITU-IMPACT
partner countries such
as:
• Threat Information
• Collaboration tools
• Awareness
• Capacity building
3
ITU-IMPACT Collaboration
The International Multilateral Partnership Against Cyber Threats (IMPACT) is the cybersecurity
executing arm of the United Nations’ (UN) specialised agency - the International
Telecommunication Union (ITU) – bringing together governments, academia and industry experts to
enhance the global community’s capabilities in dealing with cyber threats.
ITU & IMPACT signs a Memorandum of Understanding in
2008. IMPACT becomes the physical home of ITU’s Global
Cybersecurity Agenda to operationalise cybersecurity
services across 193 countries.
ITU & IMPACT signs a Cooperation Agreement in May
2011. IMPACT becomes the cybersecurity executing arm
of the United Nations’ specialised agency, ITU.
IMPACT now will expand its services to the UN System.
4
Cybersecurity Services Deployed
146 Countries have joined the Coalition
5
ITU-IMPACT
Global Partnership
Industry
International
Organisations
Civil Society
Academia
(200+)
6
ITU-IMPACT
Services
Technical Services
• Network Early Warning
System (NEWS)
• Collaborative Platform for
Experts (ESCAPE)
• IMPACT Government
Security Scorecard (IGSS)
• Computer Incident
Response Team (CIRT)
• Vulnerability and Web
Assessment
Non-technical
• Advisory Services on Policy
and Regulatory Issues to
Partner Countries
• Partner Country
Coordination
• Partner Engagement
(Industry, Academia, Intl.
Organisations)
• Child Online Protection
Capacity Building
• Partner Country
Cybersecurity Assessment
• Training
• Workshops
• Seminars
• High level briefings
• Cyber drills
• Penetration Testing
7
Activities and Milestones
2008 - 2013
CYBERSECURITY
OUR EXPERIENCE
Requests from countries to provide assistance in developing a national level cybersecurity strategy
We started receiving requests for providing assistance in the implementation
Expectations
NCS
CIRT
Resources Required
ALERTS
Initially countries started by requesting us for alerts and early warnings
2009
LEGAL
CNIP
Started responding to requests from countries to provide assistance for cybercrime legal frameworks review.
Requests from countries for assisting them in the protection of their critical infrastructures
2010
2011
2012
2013
9
Global Response Centre (GRC)
NEWS & ESCAPE
a) ITU-IMPACT have deployed cybersecurity services to over 145 partner countries
globally to better prepare countries in dealing with cyber threats through its Network
Early Warning System (NEWS).
b) NEWS provides global threat information through its partners; Symantec, Kaspersky
Lab, Trend Micro, F-Secure, Satorys, SANS Internet Storm Center, Arbor Networks, etc.
c) The ESCAPE (Electronically Secure Application Platform for Experts) platform
enables the GRC to act as a one-stop coordination and response centre for countries in
times of crisis, enabling the swift identification and sharing of available resources.
10
CIRT Readiness Assessment
Computer Incident Response Team
•
Cybersecurity readiness assessment (conducted for over 40 countries):
•
The main objective is to study and evaluate the partner country CIRT's structure and
capability to ensure that cybersecurity incidents, intrusion attempts, and
emergencies are appropriately managed to levels consistent with industry standards
and good business practices
•
ITU-IMPACT reports on key issues and analysis,
implementation plan for national CIRT.
recommending a phased
Activities planned for:
• Conducting CIRT assessment from the
following regions:
•
•
•
•
•
•
•
Africa
Arab
South America
Asia Pacific
Eastern Europe
Caribbean
At least 10 country assessments in 2014.
11
CIRT Deployment
Computer Incident Response Team
•
To assist countries to setup national CIRTs to proactively manage cyber incidents and
responding to cyber threats.
•
ITU-IMPACT has deployed 5 national CIRTs during 2012-2013
• Montenegro
• Zambia
• Kenya
• Burkina Faso
• Uganda
Ongoing Implementations:
•
•
•
•
•
Tanzania
Ivory Coast
Barbados
Jamaica
Burundi
12
Training & Skills Development
a) Trained more than 1600 cybersecurity professionals and practitioners globally.
b) ITU-IMPACT has deployed over 350 scholarships to 80 partner countries globally to
create more cybersecurity professionals
c) IMPACT as the Cybersecurity Centre of Excellence for ITU has conducted various training
and workshops for ITU Member States on topics such as Securing Networks, Mobile
Security, Cloud Forensics.
Participants from the countries mentioned above have attended
capacity building programs conducted by ITU-IMPACT
324 350
227
2013
2012
2011
1 12
100
2010
Somali
Sri Lanka
Sudan
Sweden
Tanzania
Togolese
Turkey
Uganda
United Arab Emirates
USA
Vietnam
Yemen
Zambia
2009
Iran
Iraq
Lao
Laos
Malaysia
Mauritius
Mongolia
Montenegro
Nepal
Oman
Pakistan
Palestine
Qatar
Rwanda
Samoa
Saudi Arabia
Singapore
2008
Afghanistan
Andorra
Bangladesh
Bulgaria
Brunei Darussalam
Burkina Faso
Cambodia
Cameroon
Chile
China
Croatia
Cyprus
Egypt
Ethiopia
Fiji
India
Indonesia
Number of scholarships that were deployed
by ITU-IMPACT to its partner countries
13
Cyber Drill
ITU-IMPACT Regional Forums on Cybersecurity
•
Designed to maintain and strengthen international cooperation between partner
countries and ensure a continued collective efforts against cyber threats and exercises
designed to enhance communication and incident response capabilities.
•
The cyber drill simulation runs through a scenario with each participating country
divided into two roles, representing a player and an observer.
•
Over 57 countries have participated in the Cyber drills conducted by ITU-IMPACT.
Cyber drills conducted:
• Dec 2011 – Asia Region
• July 2012 – Arab Region
• Oct 2012 – Europe & CIS Region
• Aug 2013 – Americas Region
Planned Cyber drills
•
Arab Region 4th quarter 2013
•
Asia-Pacific Region 4th quarter 2013
14
Child Online Protection
COP
a) ITU-IMPACT has been identified as the implementer for the ITU COP
framework
b) ITU-IMPACT has also focused on the development of tools, policies,
procedures and materials specific to COP
Moving forward - COP National Strategy Framework:
a) ITU-IMPACT will conduct the next COP National Strategy Framework
Workshop in Oman in October 2013.
b) Eastern Europe
c) Arab
d) Americas
15
Collaboration with Kaspersky
Cybercrime Investigation
•
In July 2011, Kaspersky Lab began deep research/analysis of Xpaj samples from infected
customer and multiple reports from all around the world started to arrive.
•
Kaspersky Lab worked with ITU-IMPACT to investigate this malware in over half a dozen Eastern
European countries and to trace the criminals behind it.
•
Kaspersky Lab handled the technical side of investigation while ITU-IMPACT assisted at the
organisational part and coordination with law enforcement and other relevant stakeholders.
•
Though the investigation was not able to capture the criminal, we were able to shut down the
main C&C servers, subsequently crippling the criminal’s activities.
16
Collaboration with Kaspersky
Flame and Gauss Malware
•
ITU-IMPACT initiated malware investigations in 2012 with Kaspersky Labs.
•
Kaspersky Labs detected the Flame & Gauss malware.
•
In both the cases above, Kaspersky responded swiftly to develop the removal tool.
•
ITU-IMPACT immediately made the tool available to all its 144 partner countries globally and this
collaboration and effort has helped nations mitigate these attacks that could have potentially
cause major disruption any economic losses to these nations.
17
Collaboration with INTERPOL
Memorandum of Understanding
IMPACT and INTERPOL have signed a Memorandum of Understanding (MoU) to exchange information,
expertise as well as to enhance both organisations’ knowledge base in the field of cybersecurity.
The MoU will see collaboration in the following areas:
• To promote capacity building in the area of cybersecurity.
• To share and exchange information on digital forensics, malware and information relevant to
cybersecurity.
• To assist in cybercrime investigation.
Secretary General of INTERPOL, Ronald Noble with IMPACT’s
Chairman, Datuk Mohd Noor Amin
Witnessed by Noburu Nakatani,
Executive Director, INTERPOL and
Dr Hamadoun Touré, Secretary General of ITU
18
IMPACT – Over the Years
146
0
No of Partner Countries
2008
2013
From very humble beginnings ITU‐IMPACT today has become the largest UN backed Cybersecurity Coalition in the world.
Today we serve the Cybersecurity needs of nearly 2/3rd of the ITU member states
We have achieved much but we realise that there is much more that needs to be done
19
Thank you
www.facebook.com/impactalliance
IMPACT
Jalan IMPACT
63000 Cyberjaya
Malaysia
T +60 (3) 8313 2020
F +60 (3) 8319 2020
E contactus@impact-alliance.org
impact-alliance.org
© Copyright 2013 IMPACT. All Rights Reserved.