Enhancing Cybersecurity Readiness Through International Cooperation

Mohd Noor Amin (mohd.amin@impact-alliance.org)

Chairman, Management Board

31 May 2012

2

Global Attacks

IMPACT’s Global Response Centre’s

Statistics

4

Top 30 Attack Destination Countries

Attack Percentage Scale

High 1.55 –41.52

Med

0.16– 1.49

Low 0.02 – 0.14

Very Low

0 – 0.01

5

Top 30 Attack Source Countries

Attack Percentage Scale

High 1.41 % – 31.30 %

Med

0.29 % – 1.15 %

Low 0.00% – 0.28 %

6

Global Statistics

Statistical Information Sources: Symantec, Kaspersky, McAfee, Sophos, Commtouch, Trendmicro, Websense Securitylabs, Atlas Arbor, ThreatExpert

0.00%

20.00%

40.00%

0

1000000

2000000

3000000

4000000

9/1/2012 9/2/2012 9/3/2012 9/4/2012

Top Spam Relaying countries

Spam Outbreak from January 2012 to April 2012

Top Malware Affected Sectors Worldwide Finance - 45 %

Personal Sites - 3 %

Business - 3 %

Computers & Tech - 7%

Pornography - 2 %

Forums and newsgroups - 3 % Search Engines - 4 %

Shopping - 7%

Business-3%

social networking-6%

Other Categories-14%

HUER/HTML.Malware

HTML/Infected.Webpage.Gen2

ADSPY/AdSpy.Gen2

TR/Downloader.Gen2

TR/Crypt.XPACK.Gen3

Top Malware for April 2012

7

Key Cybersecurity Challenges

Lack of adequate and interoperable national or regional legal frameworks

Lack of secure software and ICT-based applications

Lack of appropriate national and global organizational structures to deal with cyber incidents

Lack of information security professionals and skills within governments; lack of basic awareness among users

Lack of international cooperation between industry experts, law enforcements, regulators, academia & international organizations to address a global challenge

8

Addressing The Challenges • Developing national Computer Incident Response Teams (CIRTs)

• Enhancing public-private partnerships to enhance expertise, knowledge, skills, resources & experience

• Enhancing international cooperation:

– between nations to mitigate cyber attacks

– Regulator, law enforcement & national CIRT/CERTs

• Cyber laws needs to be put in place and harmonised

• Increase capability & capacity building programs

Global Cybersecurity Alliance

ITU-IMPACT

10

ITU–IMPACT Collaboration The International Multilateral Partnership Against Cyber Threats (IMPACT) is the

cybersecurity executing arm of the United Nations’ (UN) specialised agency - the International Telecommunication Union (ITU) - bringing together governments,

academia and industry experts to enhance the global community’s capabilities in dealing with cyber threats.

ITU & IMPACT signs a Memorandum of Understanding in 2008. IMPACT becomes the physical home of ITU’s Global Cybersecurity Agenda to operationalise cybersecurity services across 193 countries.

ITU & IMPACT signs a Cooperation Agreement in May 2011. IMPACT becomes the cybersecurity executing arm of the United Nations’ specialised agency, ITU. IMPACT now will expand its services to the UN System.

11

142 countries have joined the ITU-IMPACT coalition

Cybersecurity Services Deployed

World’s largest cybersecurity alliance of its kind

12

Framework for International Cooperation

ITU’s Global Cybersecurity Agenda (GCA)

ITU’s Global Cybersecurity Agenda (GCA) – UN backed framework to enhance confidence and security in the information society.

Capacity Building

International Cooperation

Organisational Structure

Technical & Procedural Measures

Legal Measures

Global Cybersecurity Agenda

13

Operationalising ITU’s Global Cybersecurity Agenda

14

ITU-IMPACT’s Partners

Industry

International Organisations

Academia (200+) Child Online Protection Alliance

15

Dr Hamadoun Touré – Secretary General, ITU

International Cooperation

“Without international cooperation, the problem cannot be adequately addressed since, more often than not, the criminal is not resident in the same country where the crime takes place”

16

Why International Cooperation?

“Adequate international cooperation is essential.” "Because if something happens in

cyberspace... it's a border crossing issue. We have to have horizontal cooperation globally," he

added.

Estonian Minister for Economic Affairs and Communications, Juhan Parts

International Cooperation

17

ITU-IMPACT

Key Partnership Milestones

• Capacity building

a) Trained over 200 cybersecurity professionals and practitioners in 2010

b) Deployed 250 scholarships to 43 partner countries globally (SANS & EC-Council)

c) Trained 50 law enforcement officers globally on Network Investigation

d) Conducted the world’s first UN-backed Cyber Drill for CLMV (Cambodia, Lao, Myanmar & Vietnam) countries

• CIRT/CERT Implementation

a) Conducted over 30 country readiness assessments

b) Deployed and implemented CIRT for Montenegro

• IMPACT Government Security Scorecard (IGSS)

a) Successfully deployed the pilot IGSS implementation for the Malaysian government

• Child Online Protection (COP)

a) Successfully conducted the first COP National Strategy Framework for Brunei

• Cybercrime Investigation

a) Conducted 3 cybercrime investigations with key partners

18

ITU-IMPACT

Key Initiatives Planned

• New enhanced version of ESCAPE to be rolled out for better and greater information sharing and

collaboration between key stakeholders in cybersecurity

• Cybersecurity readiness to be conducted for the Caribbean & Ivory Coast

• To deploy National CIRTs for Burkina Faso, Zambia, Uganda, Kenya & Tanzania

• Training planned for the following regions:

• Eastern Europe (Host: Turkey)

• Asia Pacific (Host: Lao)

• Africa (Host: Cameron)

• Pacific Island (Host: Fiji)

• Cyber Drill is planned to be held at the following regions (Partners: Kaspersky, F-Secure, Trend Micro &

ABI Research):

• Arab region – July 2012

• African region

• Eastern Europe region

• COP National Strategy Framework – to be deployed in other regions in 2012

19

ITU-IMPACT

Moving Forward

• ITU-IMPACT has created a politically neutral platform for governments,

academia, industry and international organisations to come together on

a single platform

• IMPACT’s Electronically Secured Collaborative Applications Platform for

Experts (ESCAPE) is a community based platform where knowledge,

expertise, experience, ideas can be shared, exchanged and discussed. A

platform where various communities can be created to look into a

myriad of areas from law enforcement, regulators, policy makers,

security experts, judiciary, CERT/CIRTs, specialised groups, etc.

• ITU-IMPACT welcomes governments, industry, academia, security

experts and international organisations to come together to work

towards a common goal of addressing cyber threats globally on this

platform.

20

Dr. Hamadoun Touré

Conclusion

“There are no borders in cyberspace and therefore only a global coalition can tackle this problem. We need a global framework where everyone

commits to not attacking everyone else”

IMPACT

Jalan IMPACT

63000 Cyberjaya

Malaysia

T +60 (3) 8313 2020

F +60 (3) 8319 2020

E contactus@impact-alliance.org

impact-alliance.org © Copyright 2010 IMPACT. All Rights Reserved.

Thank you

www.facebook.com/impactalliance