2 posts categorized "Mongolia" Feed

Mar 29, 2016

Experience in MNSEC 2015, Ulaanbaatar

Hello all, my name is Shinichi Horata working at Watch and Warning Group. It’s my first time posting here.

It’s already been quite a while ago, but last year I went to Mongolia for the first time in my life. The purpose was to attend MNSEC 2015 (Conference website: Mongolian only), a Mongolian local cyber security conference hosted by MNCERT/CC (Organisation website: Mongolian only) on 29-30 September 2015, where I delivered a talk.

Event Overview

MNSEC is the largest cyber security conference in Mongolia, which has been held annually since 2013. JPCERT/CC has been invited to this event since the first time (See the blog entry from 2014 here). The event attracted about 200 locals who are engaged in cyber security from the Mongolian Government, private entities, ISPs, banks, universities and so on. A wide range of discussions took place including the relations between big data and security, malware involved in online banking and sophisticated cyber attacks. The program was as follows:

29 Sep - Presentations:

  1. “Big data and its security” (Bat-Ulzii B, Director of IT Department of Ulaanbaatar)
  2. “Weak point, threats and violations of E-Bank” (Jung Hyong Chul, Beyond Security)
  3. “FreeBSD Content filter” (Ganbold Ts, Director of MSTRIDE LLC and Head of Mongolian Unix group)
  4. “Current Cyber Threats in Japan” (Shinichi Horata, JPCERT/CC)
  5. Kharuul Zangi 2015 (CTF competition)

30 Sep - Presentations:

  1. “Understanding Exploit Analysis” (Shinichi Horata, JPCERT/CC)
  2. “Information security in cyber environment” (Altangerel. B, Communications Regulatory Commission of Mongolia)
  3. “APT attack” (Otgonpurev M, Cyber security expert)
  4. “Cyber threat and decreasing it” (Andrew Chen, Channel manager of Checkpoint LLC)
  5. “Child security in cyber environment” (Altangerel B, Communications Regulatory Commission of Mongolia)
  6. “DDoS attack” (Enkhsaikhan P, Cyber security researcher)
  7. “About Mongolian cyber emergency response team” (Batjargal B, MNCERT/CC)

MNCERT/CC gave me an opportunity to deliver two presentations entitled “Current Cyber Threats in Japan” and “Understanding Exploit Analysis”.

In the first presentation, I provided an overview of JPCERT/CC activities, especially focusing on our efforts in incident response and early warning. Furthermore, I introduced the current situation of cyber incidents observed in Japan, mainly case studies of illegal money transfer involving banking Trojan, and cases of sophisticated cyber attacks.

The second presentation discussed some of the know-how required for providing early warning information, and software vulnerabilities in Use After Free (CWE-416), taking Adobe Flash Player’s vulnerability (CVE-2015-5119, etc.) as an example. In Mongolia, they are currently focusing on implementing efforts to enhance industrial development and human resource development in cyber security, so it was a good opportunity for us to exchange information and views regarding these topics.


(Photo of me at the event)

Remarks on the Event

I felt that the key throughout the event was also “human resource development”. On 29 September, there was a CTF competition entitled “Kharuul Zangi 2015”, and there were also some programs running in parallel that gave practical lectures. Aside from the CTF, some exercises were also given to the participants so that everyone could make the most of the event. I saw a lot of youngsters among a wide range of participants. I felt that the participants and the venue were filled with enthusiasm – probably because the conference is a new and young project, and organisers as well as attendees had great motivation.

MNCERT/CC, who has been hosting the conference, says that they consider the discussion on local cyber security among the persons in charge and researchers as a key component of the event. This made me wonder – what about Japan? Is there as much momentum in Japanese cyber security conferences, involving young students and those working at the front line? The event provided me a good opportunity to look back on my own experience too. Actions for cyber security discussions in Mongolia has just started – we look forward to seeing MNCERT/CC’s and Mongolian local CSIRTs’ even stronger involvement in enhancing the industry and its human resources.

Thank you for reading.

- Shinichi Horata

(Translated by Yukako Uchida)

Oct 06, 2014

JPCERT/CC attends MNSEC-2014 in Ulaanbaatar

Sain baina uu? This is “hello” in Mongolian language. It’s Yuka again from Global Coordination Division. Today, I would like to share our experience in a conference and training in Mongolia which we participated in early September.


Mongolia is one of our neighbouring countries in Asia region, and there are direct flights between Tokyo-Narita and Ulaanbaatar a couple of times a week. Their network environment has been developing rapidly, and its Internet penetration rate is estimated to be 16.40% in 2012 according to International Telecommunication Union (ITU)[i]. We were informed that bank phishing has been one of the continuous cyber threats in Mongolia. To take initiative on Cybersecurity issues in the country, a National CSIRT, MNCERT/CC has been just established lately.


On 5th and 6th September, my colleague Osamu and I were invited to Ulaanbaatar, Mongolia to attend “MNSEC-2014” (Conference Website: Mongolian language only), a local information security conference and training as a speaker/trainer.


During the information security conference on 5th, we were given a 2-hour slot to deliver a talk about the following topics.


<Organisational updates: Yuka>

-Latest cybersecurity trends in Japan

-JPCERT/CC organisation overview

-CSIRT collaboration within Japan (Nippon CSIRT Association)

-Global collaboration framework as APCERT


<Technical updates: Osamu>

- Recent incident trends in Japan

- JPCERT/CC’s recent projects: Protecting critical infrastructure, IT inoculation, Open DNS Resolver Check Site



Yuka at the talk


It was the second time for JPCERT/CC to participate this event in Mongolia, following the one last year (by Osamu and Sparky). There were more than 140 people attending the conference, mainly those who are engaged in cybersecurity in government sector and public companies including banks and energy. After our presentation, we received some positive feedback from some of the attendees. We could see that they were very much motivated to learn from what is happening in Japan and that cybersecurity has been drawing much attention in Mongolia.


The next day, Osamu, as a main instructor, conducted a hands-on training on network forensics using Wireshark. About 40 participants gathered from both private/public sectors. The trainees were well-skilled, and we could see some active discussions.



Osamu at the training


JPCERT/CC is happy to be given such opportunities outside of Japan to share our activities and technical knowledge with CSIRT colleagues and other cybersecurity experts.


One of the things I loved during the trip is their traditional dumplings called “buuz”, which is filled with mutton or beef. We also had an opportunity to try some “horse milk” at one of local farmer’s place. Unlike cow milk that we drink every day, this was incredibly sour, but it seems to be a very special drink for many Mongolian people. Indeed that was a very Mongolian local experience.


Bayarlalaa! (Thank you in Mongolian)


- Yukako Uchida

[i] Source: “Percentage of Individuals using the Internet 2000 – 2012” http://www.itu.int/en/ITU-D/Statistics/Documents/statistics/2013/Individuals_Internet_2000-2012.xls