NATIONAL CIRT OF MONTENEGRO
MINISTRY FOR INFORMATION SOCIETY AND TELECOMMINUCATIONS
CIRT - Computer Incident Response Team
GOVERNMENT OF MONTENEGROMINISTRY FOR INFORMATION SOCIETY AND TELECOMMINUCATIONS
Doc.Dr ADIS BALOTA, dipl.ing.el
DEPUTY MINISTER AND MANAGER OF CIRT TEAM
CYBER SECURITY CHALLENGES OF THE 21ST CENTURY
Protection of the critical national infrastructure Rapid growth of the cyber attack, criminal and terrorism Inefficient international corporation and legislation Constant progress in complexity of cyber attack Generally insufficient level of development of cyber
security awareness and cyber security culture
CYBER CRIME
Computer Crime
Directed
against network
sDirected against
computers
Spam
Frauds
Offensive
ContentHarassme
nt
Cyber wars
Cyber terroris
m
Others
Cyber Crime or E-crime, or HTC includes criminal activities in which computers and other IT equipment and computer networks are subjects, tools, objects or scene of a crime
EXAMPLES OF CYBER CRIME Nigerian letter, fake massages Fake web sites Fishing – gathering of confidential
information's Farming – redirection to fake web addresses Scams – coping of credit cards Piracy Distribution of pornographic materials
NEW TYPES OF COMPUTER CRIME
New types of computer crime that have developed in the last 10 years:
Computer trespass (USA) Cyber bullying Cyber defamation Economic and industrial espionage by means of computer technology Murder on Internet Internet harassment Encouragement to a suicide by Internet Internet wars (1st Internet war: East Timor-Indonesia; Web War One:
Estonia 2007 2008 South Ossetia-Russia Internet war, 2010 China Telekom, 2010 Stuxnet worm) Online predators Organized crime White-collar criminal Virtualization
STATISTICS 55 % of personal PC is infected with spyware 7% of companies are using the latest version of
service pack of the Operating System 25 % computers are zombies 33 % companies allows Instant Messaging 52 % companies the network is the last line of defense 14 % users are reading spam and 4 % are buying the
advertised products (!) 21 % of span is pornography 20 % of users in Great Britain are buying spam
products
SYMANTEC REPORT ON CYBERCRIME FOR 2012.
42%
17%
26%
15%
OTHER
110 billion € loss for 2012.
556 million victims in 2012. More than the entire population of EU.
1,5 million victims every second
66 % of online adults have been the victim of cybercrime in their lifetimeTHEFT OR LOSS
REPAIRS
FRAUD
Legal Framework
Training & Education
Hardware/Software
Cooperation
LEGAL FRAMEWORK Information Security Law of Montenegro Administrative Agreement between Government of Montenegro and ITU Readiness Assessment Report “National CIRT Project” Documentation User Requirement Specification CIRT Policies Detailed study on Government Agencies roles against cyber criminal Cooperation Protocols
ESTABLISHMENT OF CIRT.ME• Member of project “establishment the national CIRT.ME:
Government of Montenegro – Ministry for Information Society
and Telecommunications
ITU – International Telecommunication Union
IMPACT –International Multirate Partnership against cyber threats The prerequisite for establishment of the National CIRT of
Montenegro was the administrative agreement signed between the Government of Montenegro and the ITU on 29th of July 2011th .
SERVICES OF CIRT.ME Prevention, treatment and elimination of consequences of
computer security incidents on the Internet and other information systems security risks:
Security alerts and warnings User education, raising security awareness in the field of
information security
CIRT CONSTITUENCY State agencies, The state administration, Local authorities, Legal persons with public authorities, Other private or legal persons who have access to
or handle data
ROLES AND RESPONSIBILITIES
National CIRTs can
Drive & Promote
National Cybersecurit
y Strategies /
Policies Cyber Forensics Services
National Public Key
Infrastructure (PKI) / Digital
Signature
Governance /
Legislations
Critical Information Infrastructure Protection
Cybersecurity Awareness Training & Education
Cybersecurity Research
International Cooperation
Security Assurance
TRAINING AND EDUCATION • Two representatives attended “Developing and Implementing a
CIRT Team” in Malaysia.
• IMPACT experts held Incident Response training in Montenegro for 12 representatives from different Government Agencies
• Cybersecurity trainings in Japan
• EC-Council (CEH) vouchers for CIRT members
• Regional Forum on Cyber security for Europe (Bulgaria)
- Implementation stage started in February 2012
- Publishing of www.cirt.me website and RTIR ticketing system, April 2012
IMPLEMENTATION
THE POSITION OF NATIONAL CIRT
National CIRT
MIST
Prime Ministe
rISP
Mobile Operat
ors
Banks
Post office of
Montenegro
EPCG
Other Instituti
ons
ANS
Ministry of Defense
Ministry of Internal AffairsPolice
Department
Ministry of Justice
National Security AuthorityOther
Departments
ITU/IMPACT ENISA FIRST
TRUSTED INTRODUC
ER
NATIONAL CERT/CIRT
TEAMS
National CIRT has started the process of establishing local CIRT teams in Montenegro.
National CIRT will develop special relations with key Government Institutions recognized in the cyber security field:
Ministry of Defense,
Ministry of Internal Affairs,
Ministry of Justice,
National Security Agency
Directorate for the Protection of Classified Information
etc
COOPERATION WITH GOVERNMENT AGENCIES
COOPERATION WITH PRIVATE SECTORIn order for the CIRT to fulfill it’s duties, it’s very important to develop and maintain good relations with the Private sector.
Key Institutions:
ISP,
Mobile Operators,
Banking Sector,
Electric Power Industry,
Montenegro Post office
Other institutions
INTERNATIONAL COOPERATION
Some of the key international organizations which are relevant in the cyber security field:
• ITU• IMPACT• ENISA• TRUSTED Introducer• FIRST• CERT/CIRT Networks
INTERNATIONAL CORPORATION CONT.
Full membership in FIRST since February 2013. godine
Regional Corporation: Slovenian SI-CERT i Croatian Carnet CERT
Terena, Trusted Introduces, CIRT.ME listed
The advantages of membership in international organizations:- Assistance in resolving incidents- Training- Possibilities to use forensics capabilities- Direct communications with CERT/CIRT teams around the world- Access to security information database
EXAMPLES FROM THE FIELD – CIRT.ME
Attacks on web sites Financial/bank frauds Internet frauds Theft of identity on the social networks Sexual harassment in the cyber space Farming – Banks from MN and India Compromised IP addres from .me domain Child pornography
CONCLUSIONFuture activities:
Establishment of the National Council for Cyber Security
Constant upgrade of conditions for efficient CIRT functions
- Legislation- Training- Tools - Secure the financial needs
Local and International Corporation Kaspersky NAV
Expand the quantity and quality of the service
?