« September 2015 | Main | November 2015 »

2 posts from October 2015

Oct 21, 2015

The 5th CERT-RO Annual International Conference in Bucharest and Latest Cyber Security Trends in Romania

Hello again, it’s Yuka at the Global Coordination Division.

Following my recent trip to Malaysia to join APCERT Annual General Meeting and Conference 2015, I had my first travel to Europe – and that was to Bucharest, Romania to attend a conference hosted by CERT-RO, the National CSIRT of Romania. They host a conference annually, and this year it was the 5th time for this event, held from 5th - 6th October.

The programme on the first day morning consisted of two panel discussions, with global and Romanian national focus on cyber security. Experts were invited from different stakeholders to exchange ideas on the recent cyber threats, law enforcement and policies, etc. For the afternoon session, the following CSIRTs around the globe including JPCERT/CC, who have partnerships with CERT-RO, delivered a short presentation about their activities.

ALCIRT (Albania)

CERT-EE (Estonia)

CERT.lv (Latvia)

KrCERT/CC (South Korea)

South African Government CSIRT (South Africa)

I myself presented briefly about JPCERT/CC, its organisation overview, the latest incident statistics and some ongoing projects, including TSUBAME and Cyber Green.

Dscf11911

(Photo of me speaking: provided by CERT-RO)

It was interesting to hear each CSIRT’s organisational structure, including which ministry they belong to and different range of authority that each CSIRT has over their local ISPs and users. It was also a great opportunity to build bridges to CSIRTs that are located far away from Japan.

Through the panel sessions in the morning about local trends in cyber security in Romania, and a presentation provided by a CERT-RO colleague in the afternoon, here below are some things that I learned about cyber-related matters in Romania:

  • CERT-RO, established in 2011, is operated under the Ministry of Communications and Information Society.
  • Following the enactment of Romanian Cyber Security Strategy in 2013, the Romanian government (together with CERT-RO) is now preparing cyber security related laws on ISPs’ responsibilities in case of incidents.
  • CERT-RO has been focusing on awareness raising campaigns and trainings in local communities (e.g. incident handling, malware analysis).
  • CERT-RO provides internship programs for students majoring in cyber security related studies.
  • Most common malware observed in Romania are Downadup and Zeus. Statistics show that about 10% of IP addresses located within Romania are infected with conficker.
  • There are many cases where Romanian IP addresses are used for attacks as proxies.

One of the outcomes of the collaboration between JPCERT/CC and CERT-RO is that we have provided our “IT Security Inoculation kit” based on our discussion during our previous year’s visit to Bucharest. This is a tool that JPCERT/CC has developed for awareness-raising purposes against targeted email attacks with malicious attachments and the like. Designed for implementation at organisations such as companies, it has a feature to send emails that attract the recipients’ attention by indicating relevant topics such as internal business communications, latest news topics, questionnaires, etc., and attempts to induce them to open attached files or click on URLs (which actually is harmless!). It gives warning to those who were trapped about the risks that may involve, and at the same time, allows examiners to keep track of who actually opened the attachments/links. This feature enables examiners to analyse the tendency of examinees’ behaviours, and also how their performance improves if tested repeatedly. Since CERT-RO has been working on awareness-raising programs in the local community, they found the tool useful and implemented it in several organisations within Romania. We are happy that CERT-RO liked it – and hope to keep collaborating in this field and others!

We would like to thank CERT-RO colleagues again for their kind hospitality and invitation to the great event.

Thanks for reading and see you soon.

 - Yukako Uchida

Oct 13, 2015

APCERT Annual General Meeting and Conference 2015 in Kuala Lumpur

Hi again, it’s Yuka from Global Coordination Division and also serving as APCERT Secretariat. It’s been a while since I wrote here last time.

My entry this time is about the biggest event of APCERT which we just recently attended, the Annual General Meeting (AGM) and Conference 2015 in Kuala Lumpur, Malaysia on 6-10 September. This event, hosted by CyberSecurity Malaysia (MyCERT), marked the 12th annual conference for APCERT. What made the event special was that it was held concurrently with the AGM & Conference for OIC-CERT (Organisation of the Islamic Cooperation – Computer Emergency Response Team) and also Malaysia’s local cyber security exhibition. This was the first conference for APCERT and OIC-CERT to collaborate together, and members of both organisations had a great opportunity to interact with each other through a series of sessions during the week.

The event was conducted as follows:

6 September

AM: Workshops including Cyber Green

PM: APCERT Closed Session (Working Groups)

7 September

AM: APCERT Steering Committee Meeting

PM: APCERT Annual General Meeting (AGM)

8 September

AM: TSUBAME Workshop

PM: APCERT & OIC-CERT Desktop Exercise

9 September

AM: APCERT Closed Conference

PM: APCERT & OIC-CERT Steering Committee Discussion

10 September

All: APCERT & OIC-CERT Open Conference

For the APCERT AGM on 7 September, 26 Operational Members were present to discuss APCERT business matters and share information on the previous year’s activities of APCERT. As Secretariat, I would like to take this opportunity to thank Microsoft for providing the fellowship for our event, which significantly supported the participation of APCERT members.

JPCERT/CC completed our 4th consecutive term as Chair at this AGM, and CERT Australia was elected for this position. Also, MyCERT was elected as the new Deputy Chair, following KrCERT/CC’s completion of 4-year-term on this position. JPCERT/CC was re-elected as Steering Committee and Secretariat for the next 2-year-term and will keep contributing to the community by providing initiatives and administrative support. Also, we are happy to announce that we have been chosen to host the next APCERT AGM & Conference 2016 in Tokyo. It is also the year for JPCERT/CC’s 20th anniversary since its establishment, and we hope to celebrate such a milestone together with our domestic partners and APCERT members.

A token of appreciation for completing 4 years as Chair was presented from APCERT Steering Committee, and another token for contribution as a Steering Committee member was presented from the conference host (these were surprise gifts!).

JPCERT/CC colleagues with the tokens (Photo by Shikapon)
_dsc1407

JPCERT/CC conducted TSUBAME Workshop and Cyber Green Workshop during the week. This year, TSUBAME workshop focused more on hands-on session rather than lectures, so the participants were more involved and able to familiarise themselves with the system. Our hope is that each member shares what was presented during the session and utilise it for their day-to-day incident handling activities. It was also our pleasure to invite OIC-CERT members to the TSUBAME Workshop for the first time.

For details on the Cyber Green Workshop, which was also a success, our colleague Taki wrote an article which is available on the Cyber Green website:

http://www.cybergreen.net/blog/apcert-oic-cert-annual-conference

Yurie and Taki at the Cyber Green Workshop (Photo by Shikapon)
_dsc1055_2

After all, it was a tense week with full of events – but indeed it was great to see some old and familiar colleagues of APCERT, and some new faces as well. I recall it really was a huge event, involving both APCERT and OIC-CERT. We would like to take this opportunity to thank MyCERT, the host team, for their hospitality and congratulate on the success of the event.

Cheers,

- Yukako Uchida