MINISTRY FOR INFORMATION SOCIETY AND TELECOMMINUCATIONS CIRT - Computer Incident Response Team GOVERNMENT OF MONTENEGRO MINISTRY FOR INFORMATION SOCIETY.

Slides:

Advertisements

Similar presentations

Its a new digital world with new digital dangers….

Advertisements

STRENGTHENING COOPERATION ON CYBER SECURITY WITHIN THE ASEAN REGION

Philippine Cybercrime Efforts

International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.

Jennifer Perry. We help victims of e-crime and other online incidents – Web based service – Providing practical, plain language advice – No-nonsense advice.

Tanzania Communications Regulatory Authority - TCRA Response to Cyber incidences in Tanzania: Where are we? Presented at Cyber Security Mini Conference.

ENISA Cyber Security Strategies Workshop November 27, 2014 Brussels

UNCLASSIFIED Cybercrime: The Australian Experience Australian Cybercrime Online Reporting Network (ACORN) Conference Assistant Commissioner Tim Morris.

© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.

Economic and Social Impact of Digital Security Eng. Qusai AlShatti Deputy Director for Information Technology.

Seyyed Ali Araghchi COP Expert Child Online Protection in Iran Activities and Suggestions.

Mid-term forensic challenges of E-crime mag.oec. Sasa Aksentijevic,univ.spec.oec. court expert in information and telecommunication technology.

Eneken Tikk // EST. Importance of Legal Framework  Law takes the principle of territoriality as point of departure;  Cyber security tools and targets.

Page 1 Presented Insp. Amos Sylvester Trinidad and Tobago Police Service.

STATE OF CYBER SECURITY IN JAMAICA Hon. Julian Robinson Chairman Joint Select Committee on the Cybercrimes Act January 24, 2013.

DHS, National Cyber Security Division Overview

SECR 5140-FL Critical Infrastructure Protection Dr. Barry S. Hess Spring 2 Semester Week 3: 1 April 2006.

(Geneva, Switzerland, September 2014)

NIS Directive and NIS Platform

National CIRT - Montenegro “Regional Development Forum” Bucharest, April 2015 Ministry for Information Society and Telecommunications.

Geneva, Switzerland, September 2014 Overview of Kenya’s Cybersecurity Framework Michael K. Katundu Director, Information Technology Communications.

James Ennis, Department of State, USA ITU-D Question 22/1 Rapporteur.

Preparedness for cybersecurity threats domestic aspects of cyber security Jaan Priisalu.

IT security seminar Copenhagen, April 4th 2002 M. Jean-Michel HUBERT Chairman of the French Regulation Authority IRG Chairman.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Legal Framework on Information Security Ministry of Trade, Tourism and Telecommunication Nebojša Vasiljević.

IT Security Policy in Japan 23 September 2002 Office of IT Security Policy Ministry of Economy, Trade and Industry JAPAN.

Giandonato CAGGIANO ENISA MANAGEMENT BOARD REPRESENTATIVE LEGAL ADVISER ON EUROPEAN AFFAIRS OF THE MINISTRY OF COMMUNICATIONS U. OF ROMA TRE LAW FACULTY.

1 Group-IB: Digital investigations and forensic Ilya Sachkov Group-IB

BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.

Network Security Resources from the Department of Homeland Security National Cyber Security Division.

Cybersecurity and the Department of Justice Vincent A. Citro, Assistant United States Attorney July 9-10, 2014 Unclassified – For Public Use.

A Step Into The Computer Underground 1 “By Understanding The Enemy We Are Better Prepared To Defend Ourselves”

Caribbean Telecommunications Union. 6th Caribbean Internet Forum (CIF), Port of Spain, October Caribbean Telecommunications Union The Internet: Governance.

1 UNODC and CYBERCRIME December Cybersecurity   Constitutes the protection against all forms of cyber incidents by strengthening the safety.

Cybersecurity Governance in Ethiopia

2 ictQATAR “ Information and Communication Technology (ICT) improves how we live and work in countless ways.”  The Ministry of Information Communication.

2011 East African Internet Governance Forum (EA – IGF) Rwanda Cyber briefing: Positive steps and challenges Didier Nkurikiyimfura IT Security Division.

Use of information technology in the educational system in Bulgaria State policy of implementing security and safety measures of pupils in network.

Cyber-security policy to encourage CSIRTs activities Yasuhiro KITAURA Ministry of Economy, Trade and Industry, JAPAN.

International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.

The information contained in this document is confidential, for internal use only, and may not be distributed outside Ministry of Transport and Communications.

Hurdles in implementation of cyber security in India.

Training on “Albanian and Italian experience in investigation and prosecution of Cybercrime” General Prosecutor Office, Tirana 10 June 2014 VQA Ivano GABRIELLI.

EU activities against cyber crime Radomír Janský Unit - Fight against Organised Crime Directorate-General Justice, Freedom and Security (DG JLS) European.

IT Security in Nepal: Issues and challenges Rajan R. Pant ITSERT-NP.

Sofia, 09 June Sofia, 09 June 2010 MINISTRY OF TRANSPORT, INFORMATION TECHNOLOGY AND COMMUNICATIONS Executive Agency “Electronic Communication Networks.

Whats it all about?.  C omputer crime refers to any crime that involves a computer and a network. The computer may have been used in the commission of.

EU Cybersecurity Strategy and Proposal for Directive on network and information security (NIS) {JOIN(2013) 1 final} {COM(2013) 48 final} Digital Enlightenment.

The Commonwealth Cybercrime Initiative David Tait, Cybercrime Policy Analyst.

Cyber Crime in China: Current Situation and Countermeasures He Xing Cyber Crime Investigation Division Ministry of Public Security, China.

CYBER SECURITY Ministry of Trade, Tourism and Telecommunication Nebojsa Vasiljevic

Information and Network security: Lithuania Tomas Lamanauskas Deputy Director Communications Regulatory Authority (RRT) Republic of Lithuania; ENISA Liaison.

M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 10 – Information society and media.

EUROPEAN SECURITY POLICY A SNAPSHOT ON SURVEILLANCE AND PRIVACY DESSI WORKSHOP, CPH 24 JUNE 2014 Birgitte Kofod Olsen, Chair Danish Council for Digital.

Australia Cybercrime Capacity Building Conference April 2010 Brunei Darussalam Ms Marcella Hawkes Director, Cyber Security Policy Australian Government.

Cyber Security and Georgia. New Challenges

National Workshop on Cyber Crimes and Cyber Laws

Cybersecurity in the ECOWAS region

WHAT IS BEHIND GEORGIA’S RAPID CYBERSECURITY DEVELOPMENT

Cybersecurity in Belarus a general overview of support areas

8 Building Blocks of National Cyber Strategies

By: Tekeste Berhan Habtu Chief Executive Officer Venue: African Union

AFRICAN UNION- 23RD-27TH July 2018 PRESENTER: Mr. Nawa J.T Samatebele

Trust and Security Unit

Cyber Security Ecosystem of Georgia. Experience and Challenges

Activities and Suggestions

Introduction to Digital Forensics

SECURITY IN THE DIGITAL AGE

Presentation transcript:

MINISTRY FOR INFORMATION SOCIETY AND TELECOMMINUCATIONS CIRT - Computer Incident Response Team GOVERNMENT OF MONTENEGRO MINISTRY FOR INFORMATION SOCIETY AND TELECOMMINUCATIONS Doc.Dr ADIS BALOTA, dipl.ing.el DEPUTY MINISTER AND MANAGER OF CIRT TEAM

 Protection of the critical national infrastructure  Rapid growth of the cyber attack, criminal and terrorism  Inefficient international corporation and legislation  Constant progress in complexity of cyber attack  Generally insufficient level of development of cyber security awareness and cyber security culture

Computer Crime Directed against networks Directed against computers Spam Frauds Offensive Content Harassmen t Cyber wars Cyber terrorism Others  Cyber Crime or E-crime, or HTC includes criminal activities in which computers and other IT equipment and computer networks are subjects, tools, objects or scene of a crime

 Nigerian letter, fake massages  Fake web sites  Fishing – gathering of confidential information's  Farming – redirection to fake web addresses  Scams – coping of credit cards  Piracy  Distribution of pornographic materials

New types of computer crime that have developed in the last 10 years:  Computer trespass (USA)  Cyber bullying  Cyber defamation  Economic and industrial espionage by means of computer technology  Murder on Internet  Internet harassment  Encouragement to a suicide by Internet  Internet wars (1st Internet war: East Timor-Indonesia; Web War One: Estonia 2007  2008 South Ossetia-Russia Internet war, 2010 China Telekom, 2010 Stuxnet worm)  Online predators  Organized crime  White-collar criminal  Virtualization

 55 % of personal PC is infected with spyware  7% of companies are using the latest version of service pack of the Operating System  25 % computers are zombies  33 % companies allows Instant Messaging  52 % companies the network is the last line of defense  14 % users are reading spam and 4 % are buying the advertised products (!)  21 % of span is pornography  20 % of users in Great Britain are buying spam products

 110 billion € loss for  556 million victims in More than the entire population of EU.  1,5 million victims every second  66 % of online adults have been the victim of cybercrime in their lifetime THEFT OR LOSS REPAIRS FRAUD

 Information Security Law of Montenegro  Administrative Agreement between Government  of Montenegro and ITU  Readiness Assessment Report  “National CIRT Project” Documentation  User Requirement Specification  CIRT Policies  Detailed study on Government Agencies roles against cyber criminal  Cooperation Protocols

Member of project “establishment the national CIRT.ME:  Government of Montenegro – Ministry for Information Society and Telecommunications  ITU – International Telecommunication Union  IMPACT –International Multirate Partnership against cyber threats  The prerequisite for establishment of the National CIRT of Montenegro was the administrative agreement signed between the Government of Montenegro and the ITU on 29 th of July 2011 th.

 Prevention, treatment and elimination of consequences of computer security incidents on the Internet and other information systems security risks:  Security alerts and warnings  User education, raising security awareness in the field of information security  State agencies,  The state administration,  Local authorities,  Legal persons with public authorities,  Other private or legal persons who have access to or handle data

National CIRTs can Drive & Promote National Cybersecurity Strategies / Policies Cyber Forensics Services National Public Key Infrastructure (PKI) / Digital Signature Governance / Legislations Critical Information Infrastructure Protection Cybersecurity Awareness Training & Education Cybersecurity Research International Cooperation Security Assurance

Two representatives attended “Developing and Implementing a CIRT Team” in Malaysia. IMPACT experts held Incident Response training in Montenegro for 12 representatives from different Government Agencies Cybersecurity trainings in Japan EC-Council (CEH) vouchers for CIRT members Regional Forum on Cyber security for Europe (Bulgaria)

-Implementation stage started in February Publishing of website and RTIR ticketing system, April 2012www.cirt.me

National CIRT MIST Prime Minister ISP Mobile Operators Banks Post office of Montenegro EPCG Other Institutions ANS Ministry of Defense Ministry of Internal Affairs Police Department Ministry of Justice N ational Security Authority Other Departments ITU/IMPACT ENISA FIRST TRUSTED INTRODUCER NATIONAL CERT/CIRT TEAMS

National CIRT has started the process of establishing local CIRT teams in Montenegro. National CIRT will develop special relations with key Government Institutions recognized in the cyber security field:  Ministry of Defense,  Ministry of Internal Affairs,  Ministry of Justice,  National Security Agency  Directorate for the Protection of Classified Information  etc

In order for the CIRT to fulfill it’s duties, it’s very important to develop and maintain good relations with the Private sector. Key Institutions:  ISP,  Mobile Operators,  Banking Sector,  Electric Power Industry,  Montenegro Post office  Other institutions

Some of the key international organizations which are relevant in the cyber security field: ITU IMPACT ENISA TRUSTED Introducer FIRST CERT/CIRT Networks

 Full membership in FIRST since February godine  Regional Corporation: Slovenian SI-CERT i Croatian Carnet CERT  Terena, Trusted Introduces, CIRT.ME listed  The advantages of membership in international organizations: - Assistance in resolving incidents - Training - Possibilities to use forensics capabilities - Direct communications with CERT/CIRT teams around the world - Access to security information database

 Attacks on web sites  Financial/bank frauds  Internet frauds  Theft of identity on the social networks  Sexual harassment in the cyber space  Farming – Banks from MN and India  Compromised IP addres from.me domain  Child pornography

Future activities:  Establishment of the National Council for Cyber Security  Constant upgrade of conditions for efficient CIRT functions  - Legislation  - Training  - Tools  - Secure the financial needs  Local and International Corporation  Kaspersky  NAV  Expand the quantity and quality of the service

?