• Home

  • Technology

  • Bangladesh Cyber Incident Trends 2013 & bdCERT Update
15
Bangladesh Cyber Incident Trends 2013 & bdCERT Update Fakrul Alam * fakrul [at] bdcert [dot] org * http://www.bdcert.org * SANOG XXIV | 01-09 August, 2014 | Delhi, India Bangladesh Computer Emergency Response Team

Bangladesh Cyber Incident Trends 2013 & bdCERT Update

Tags:

Embed Size (px)

Citation preview

Page 1: Bangladesh Cyber Incident Trends 2013 & bdCERT Update

Bangladesh Cyber Incident Trends 2013

&

bdCERT Update

Fakrul Alam

* fakrul [at] bdcert [dot] org * http://www.bdcert.org *

SANOG XXIV | 01-09 August, 2014 | Delhi, India

Bangladesh Computer Emergency Response Team

http://www.bdcert.org
Page 2: Bangladesh Cyber Incident Trends 2013 & bdCERT Update

bdCERT Overview

Page 3: Bangladesh Cyber Incident Trends 2013 & bdCERT Update

bdCERT

January 2007 July 2007 November 2007 December 2008

January 2009

Formed Operation

Page 4: Bangladesh Cyber Incident Trends 2013 & bdCERT Update

bdCERT : Mission Statement

Always Trusted Contact, Increase Computer and Network Security for

Bangladesh Internet and Intranet Users, Knowledge Sharing with other

CERTs & Related Organization.

Page 5: Bangladesh Cyber Incident Trends 2013 & bdCERT Update

bdCERT : Function

• Point of contact for reporting local problems.

• Share information and lessons learned from other CERTs, response

teams, organizations and sites.

• Incident tracing & response.

• Organize training, research and development.

Page 6: Bangladesh Cyber Incident Trends 2013 & bdCERT Update

bdCERT : Activities

• Incident Handling

• Email

• SMS

• FAX

• Web Form

http://www.bdcert.org/v2/incident-report/

http://www.bdcert.org/v2/incident-report/
Page 7: Bangladesh Cyber Incident Trends 2013 & bdCERT Update

bdCERT : Activities

• “Internet Traffic Monitoring Data Visualization Project” with JPCERT/CC (Japan Computer

Emergency Response Team / Coordination Center) named “TSUBAME”.

• Collaboration with Team Cymru.

• Participate in APCERT, OIC-CERT Cyber Security Drill

• bdCERT actively participated in drafting the first National Cyber Security Strategy endorsed by

Access to Information (a2i), PMO. The strategy was drafted by a special committee under the

supervision of Controller of Certificate Authorities, Ministry of IC

• Participate in 2013 APISC Security Training Course (TRANSITS-I)

• MoU with CNCERT for “CNCERT International Co-Operation Partner”

Page 8: Bangladesh Cyber Incident Trends 2013 & bdCERT Update

bdCERT : ASN Portal

Page 9: Bangladesh Cyber Incident Trends 2013 & bdCERT Update

bdCETR : Future Plan

• Introduce New services.

• Consulting & Awareness Programs.

• New collaborations.

• Security Workshop for Government and Academics.

• FIRST Membership

Page 10: Bangladesh Cyber Incident Trends 2013 & bdCERT Update

Bangladesh Cyber Incident

Trends 2013

Page 11: Bangladesh Cyber Incident Trends 2013 & bdCERT Update

Bangladesh Cyber Security Incidents

0

50000

100000

150000

200000bots

bruteforce

ddosreport

malwareurl

openresolvers

phishing

proxy

routers

scanners

spam

Data received from censor maintained by bdCERT

Page 12: Bangladesh Cyber Incident Trends 2013 & bdCERT Update

Bangladesh Cyber Security Incidents

• Hacktivism takes center stage.

• Phishing / Site Defacements are more common.

• Government sites (.gov.bd domain) are mainly targeted; mostly run on

outdated Joomla engine/plugins.

• DDoS attack are increasing. Mostly target online banking web portal.

• Increase of Facebook incident reporting.

Page 13: Bangladesh Cyber Incident Trends 2013 & bdCERT Update

Phishing Attack

Page 14: Bangladesh Cyber Incident Trends 2013 & bdCERT Update

Site Defacement

Page 15: Bangladesh Cyber Incident Trends 2013 & bdCERT Update

Thank You

https://twitter.com/[email protected]://www.bdcert.org


Incident & Serious Incident Management Policy

Incident & Serious Incident Management Policy

Documents
ALL-HAZARDS INCIDENT MANAGEMENT TEAM - US · PDF file · 2013-03-28WHAT IS AN ALL-HAZARDS INCIDENT MANAGEMENT TEAM? ... IMT Incident IMT Incident ... Slide 1-24 INCIDENT COMMANDER

ALL-HAZARDS INCIDENT MANAGEMENT TEAM - US · PDF file · 2013-03-28WHAT IS AN ALL-HAZARDS INCIDENT MANAGEMENT TEAM? ... IMT Incident IMT Incident ... Slide 1-24 INCIDENT COMMANDER

Documents
FINAL REPORT BOEING 777 300ER AIRCRAFT SERIOUS … · BOEING 777 300ER AIRCRAFT SERIOUS INCIDENT INVESTIGATION IN BANGLADESH AIRCRAFT ACCIDENT INVESTIGATION GROUP OF BANGLADESH (AAIG-BD)

FINAL REPORT BOEING 777 300ER AIRCRAFT SERIOUS … · BOEING 777 300ER AIRCRAFT SERIOUS INCIDENT INVESTIGATION IN BANGLADESH AIRCRAFT ACCIDENT INVESTIGATION GROUP OF BANGLADESH (AAIG-BD)

Documents
Branding bangladesh : Tourism in bangladesh

Branding bangladesh : Tourism in bangladesh

Economy & Finance
Country Presentation Bangladesh - UNESCAP Hossain - Bangladesh... · Country Presentation. Bangladesh. Bangladesh At a Glance. 2 Official Name : People’s Republic of Bangladesh

Country Presentation Bangladesh - UNESCAP Hossain - Bangladesh... · Country Presentation. Bangladesh. Bangladesh At a Glance. 2 Official Name : People’s Republic of Bangladesh

Documents
Bangladesh Cyber Incident Trends 2012 & bdCERT Update

Bangladesh Cyber Incident Trends 2012 & bdCERT Update

Technology
National Incident Management System (NIMS) Incident ... Incident Management... · The National Incident Management System (NIMS) Incident Command System (ICS) Forms Booklet, FEMA

National Incident Management System (NIMS) Incident ... Incident Management... · The National Incident Management System (NIMS) Incident Command System (ICS) Forms Booklet, FEMA

Documents
An Action Framework of Incident Command System for Bangladesh Armed Forces in Emergency Response

An Action Framework of Incident Command System for Bangladesh Armed Forces in Emergency Response

Documents
INCIDENT REPLACEMENT Incident Business Meeting May, 2013

INCIDENT REPLACEMENT Incident Business Meeting May, 2013

Documents
Incident Response Incident Response Process Forensics

Incident Response Incident Response Process Forensics

Documents
Incident Command System Incident Command System

Incident Command System Incident Command System

Documents
Incident Response Plan - Spearstonespearstone.com/resources/Breach_Response_Plan_by_AICPA.pdf · 4 Table of Contents Incident Response Plan 6 Incident Response Team 6 Incident Response

Incident Response Plan - Spearstonespearstone.com/resources/Breach_Response_Plan_by_AICPA.pdf · 4 Table of Contents Incident Response Plan 6 Incident Response Team 6 Incident Response

Documents
Bangladesh Results and Notice – All Bangladesh Results ......I A ray Of tight entering air to glass of refractive index— is partly reflected and partly refracted. If the incident

Bangladesh Results and Notice – All Bangladesh Results ......I A ray Of tight entering air to glass of refractive index— is partly reflected and partly refracted. If the incident

Documents
NATIONAL INTERAGENCY FIRE CENTER. NATIONAL INTERAGENCY INCIDENT COMMUNICATIONS DIVISION INCIDENT SUPPORT INCIDENT SUPPORT NATIONAL INCIDENT RADIO SUPPORT

NATIONAL INTERAGENCY FIRE CENTER. NATIONAL INTERAGENCY INCIDENT COMMUNICATIONS DIVISION INCIDENT SUPPORT INCIDENT SUPPORT NATIONAL INCIDENT RADIO SUPPORT

Documents
How to Response Against Web Security Incident...Agenda Incident Response Life Cycle Recap Incident Response Web Hacking PlayBook Incident Response Step for Web Hacking Security Incident

How to Response Against Web Security Incident...Agenda Incident Response Life Cycle Recap Incident Response Web Hacking PlayBook Incident Response Step for Web Hacking Security Incident

Documents
INCIDENT REPORT Runway Excursion Incident Boeing …cfapp.icao.int/fsix/sr/reports/04004450_final_report.pdf · INCIDENT REPORT Runway Excursion Incident Boeing 777-200 Registration

INCIDENT REPORT Runway Excursion Incident Boeing …cfapp.icao.int/fsix/sr/reports/04004450_final_report.pdf · INCIDENT REPORT Runway Excursion Incident Boeing 777-200 Registration

Documents
Data Breach IncIDent response plan toolkIt · Incident Response Team 3 Incident Response Contact Sheet 4 Suspecting or Detecting an Incident 5 Incident Response Discovery Form 6 Incident

Data Breach IncIDent response plan toolkIt · Incident Response Team 3 Incident Response Contact Sheet 4 Suspecting or Detecting an Incident 5 Incident Response Discovery Form 6 Incident

Documents
€¦ · Cat - 1st Incident Dog - 1st Incident Dog - 2nd Incident Dog - 3rd Incident Redemption No Current License Cat - 1st Incident Dog - 1st Incident Dog - 2nd Incident Dog - 3rd

€¦ · Cat - 1st Incident Dog - 1st Incident Dog - 2nd Incident Dog - 3rd Incident Redemption No Current License Cat - 1st Incident Dog - 1st Incident Dog - 2nd Incident Dog - 3rd

Documents
Directorate General of Bangladesh National Leprosy ......National Leprosy Elimination Programme (NLEP), Bangladesh LEPRA-Bangladesh, Damien Foundation-Bangladesh WHO, Bangladesh &

Directorate General of Bangladesh National Leprosy ......National Leprosy Elimination Programme (NLEP), Bangladesh LEPRA-Bangladesh, Damien Foundation-Bangladesh WHO, Bangladesh &

Documents
Flooding in Bangladesh Where is Bangladesh? Why does Bangladesh flood?

Flooding in Bangladesh Where is Bangladesh? Why does Bangladesh flood?

Documents
RSA Incident Response: Emerging Threat Profile€¦ · RSA Incident Response incident response RSA Incident Response: Emerging Threat Profile . Shell_Crew . January 2014

RSA Incident Response: Emerging Threat Profile€¦ · RSA Incident Response incident response RSA Incident Response: Emerging Threat Profile . Shell_Crew . January 2014

Documents
National Incident Management System (NIMS) Incident

National Incident Management System (NIMS) Incident

Documents
NATIONAL INCIDENT MANAGEMENT SYSTEM INCIDENT COMMAND

NATIONAL INCIDENT MANAGEMENT SYSTEM INCIDENT COMMAND

Documents
Incident Command and Incident Management Overview … · Incident Command and Incident Management ... National Incident Management System Command and ... Resource Management 8

Incident Command and Incident Management Overview … · Incident Command and Incident Management ... National Incident Management System Command and ... Resource Management 8

Documents
FOREWORD FINAL REPORT Investigation on Serious Incident of HS 748 … · 2018. 1. 16. · 1.3 Aircraft Model HS748-2A 1.4 Aircraft Nationality Bangladesh 1.5 Aircraft Registration

FOREWORD FINAL REPORT Investigation on Serious Incident of HS 748 … · 2018. 1. 16. · 1.3 Aircraft Model HS748-2A 1.4 Aircraft Nationality Bangladesh 1.5 Aircraft Registration

Documents
EWP INCIDENT INVESTIGATION DOCUMENT EWP Incident

EWP INCIDENT INVESTIGATION DOCUMENT EWP Incident

Documents
The National CSIRT-CY€¦ · •Incident Management. • Incident Handling and Incident Mitigation. • Major Incident Handling. •Forensic Analysis. •Mitigation steps for quick

The National CSIRT-CY€¦ · •Incident Management. • Incident Handling and Incident Mitigation. • Major Incident Handling. •Forensic Analysis. •Mitigation steps for quick

Documents
Incident Review Protocol Incident Review Form · Incident Review Protocol Incident Review Form . ... and date of incident (Example: ... is sent to supervisor within 1 business day

Incident Review Protocol Incident Review Form · Incident Review Protocol Incident Review Form . ... and date of incident (Example: ... is sent to supervisor within 1 business day

Documents
Incident Totals Incident Type Response per District

Incident Totals Incident Type Response per District

Documents
Bangladesh Building Systems Limited || Bangladesh

Bangladesh Building Systems Limited || Bangladesh

Documents