Upload
yudhistira-nugraha
View
62
Download
0
Tags:
Embed Size (px)
Citation preview
Managing High-Volume Cyber Attacks Through Effective Strategies in Indonesia
Yudhistira Nugraha I Head of Risk Management
Directorate of Information Security
Ministry of Communication and Information Technology of Republic Indonesia
Presentation Outline
Increasing Risk in Indonesia
Cyber Security Ecosystem
Introduction of GSIRT
Discussion
Presentation Outline
4
The government should
immediately create a
National Cyber
Security Policy to
be used as a reference
of all sectors in
addressing cyber
security issue.
Indonesia Security
Incident Response Team
on Internet Infrastructure
(ID-SIRTII) recorded that
approximately one
million cyber attacks are
directed to Indonesia
everyday. The country’s
low security system has
led to high levels of
attack.
Indonesia Faces 1 Million Cyber Attacks Daily
5
• Real incident reported such as phishing, identity theft, data (information
resources) stealing, critical information resources hostages, information
leakage, insider attack (i.e. virus spread)
• Cases: cyber war, fraud, defamation, hoax, gambling, trafficking, child
predator, pornography, prostitution, money laundering & terrorism,
underground economy - UU ITE 11 / 2008
• Malicious code, common vulnerabilities/zero day attack -pirate software
are widely used (not updated), political (for instance ID vs. MY)
• Content blocking policy (Blacklist Policy)
Increasing Risk in Indonesia
6
• Web defacing rally (vandalism) are the most favorite action
• Incident caused by political issues mostly comes from MY for instance
• 1,1 million events (possible attack) daily, mostly CN & US IP’s
• Cyber fraud, phishing, email and SMS fraud, malware, local SPAM
increase last 2 years
• Social network attack, messaging service attack, targeted attack
Recent Risk Report in Indonesia
Presentation Outline
Increasing Risk in Indonesia
Cyber Security Ecosystem
Introduction of GSIRT
Discussion
Presentation Outline
9
NATIONAL
CYBER SECURITY
INSTITUTION
Central and Local
Government
Law
Enforcement
International
CSIRTs/CERTs
National
Security
Communities
The Cyber Security Ecosystem
Other ActsEIT Act(UU ITE No 11/2008)
• Penal Code
• Criminal Procedures
• Pornography
• Data Protection
• Consumers Protection
• Taxation
• etc.
Trustworthiness
Certification
Privacy
E-Transaction
Domain Name
Cyberlaw(Law protection for electronic-base activities from cyber crime and misuse)
Government Regulation, 82/2012(Electronic System Provider and Electronic
Transaction)
Ministerial
CirculationMinisterial
Regulation
Telecommunication Act, No. 36/1999 &
Information and Transaction Electronic Act,
No.11/ 2008
Ele
ctr
on
ic S
ys
tem
Go
ve
rna
nc
e a
nd
Ris
k M
an
ag
em
en
t
Ele
ctr
on
ic
Sig
natu
re
Tru
stw
ort
hin
ess
Cert
ific
ation B
ody
Ele
ctr
on
ic A
ge
nt,
Ce
rtific
atio
n,
Syste
m, T
ransaction
Se
rvic
es P
rovid
er
Sp
am
&
Do
main
Nam
e
Th
rou
gh
De
ve
lop
me
nt o
f
Info
rma
tio
n S
ecu
rity
Aw
are
ne
ss
Monitoring,
Com
plia
nce a
nd
Enfo
rcem
ent
Awareness Program through continuous Human Resource Training
Cyber Security Legal Framework
Presentation Outline
Increasing Risk in Indonesia
Cyber Security Ecosystem
Introduction of GSIRT
Discussion
Presentation Outline
GOV-CSIRT is part of the Directorate of Information Security, Ministry of Communication and Information Technology and
consist of a general manager and 2 teams for monitoring, evaluation and incident response .
Cyber Security Institutions
Mission
Activities
Services
Memberships
Partherships
Point of Contact
Operational Framework
Gov-CSIRT, the aim is: to increase
the level of information security in
government organisations
through collaboration,
sharing of knowledge and dealing with ICT related incidents and large scale emergencies
GO
VC
SIR
T.I
D
is t
he C
om
pu
ter
Secu
rity
In
cid
en
t
Resp
on
se T
eam
fo
r th
e I
nd
on
esia
n
go
vern
men
t.
GovCSIRT.ID(Computer Security Incident Response Team for Indonesia Government)
Mission
Activities
Services
Memberships
Partherships
Point of Contact
Operational Framework
Constantlymonitors the activities and news on the
internet.The knowledge
that is the basis of our service provision is
acquired through this monitoring
and the activities in our networks.
GO
VC
SIR
T.I
D
is t
he C
om
pu
ter
Secu
rity
In
cid
en
t
Resp
on
se T
eam
fo
r th
e I
nd
on
esia
n
go
vern
men
t.
GovCSIRT.ID(Computer Security Incident Response Team for Indonesia Government)
Mission
Activities
Services
Memberships
Partherships
Point of Contact
Operational Framework
Supportinggovernment
organizations in preventing and dealing with ICT
security incidentsThere is an increasing
demand for our expertise. Some examples of our service provision
are: ICT Risk Alert, publications on current issues,
incident response
GO
VC
SIR
T.I
D
is t
he C
om
pu
ter
Secu
rity
In
cid
en
t
Resp
on
se T
eam
fo
r th
e I
nd
on
esia
n
go
vern
men
t.
GovCSIRT.ID(Computer Security Incident Response Team for Indonesia Government)
Mission
Activities
Services
Memberships
Partherships
Point of Contact
Operational Framework
Membership of Gov-CSIRT is open to any government organization with a
100% public assignment (publicly
funded).
Central Government/Agenci
es (161)
Provincial Government (33)
Local Government (497)
GO
VC
SIR
T.I
D
is t
he C
om
pu
ter
Secu
rity
In
cid
en
t
Resp
on
se T
eam
fo
r th
e I
nd
on
esia
n
go
vern
men
t.
GovCSIRT.ID(Computer Security Incident Response Team for Indonesia Government)
Mission
Activities
Services
Memberships
Partherships
Point of Contact
Operational Framework
In the national context, GOV-CSIRTworks together with
National Police, National
Infrastructure , Telecom Operators,
Internet service providers and other incident response
teams in IndonesiaGOV-CSIRT is
continuing to be part of an extensive network of affiliated
organizations, mainly other (GovCERTs).
GO
VC
SIR
T.I
D
is t
he C
om
pu
ter
Secu
rity
In
cid
en
t
Resp
on
se T
eam
fo
r th
e I
nd
on
esia
n
go
vern
men
t.
GovCSIRT.ID(Computer Security Incident Response Team for Indonesia Government)
Mission
Activities
Services
Memberships
Partherships
Point of Contact
Operational Framework
The Gov-CSIRT point of contact arrangements have been established
to provide a framework for sharing information about serious and time
critical computer threats, vulnerabilities
or incidents for the constituency.
At all times, urgent incident related can be shared with Gov-CSIRT
via e‐mail to [email protected]
fo.go.id. Other questions or
information can be sent to
GO
VC
SIR
T.I
D
is t
he C
om
pu
ter
Secu
rity
In
cid
en
t
Resp
on
se T
eam
fo
r th
e I
nd
on
esia
n
go
vern
men
t.
GovCSIRT.ID(Computer Security Incident Response Team for Indonesia Government)
Mission
Activities
Services
Memberships
Partherships
Point of Contact
Operational Framework
An operational framework of our
organisation according to the
RFC standard (RFC2350)
Please refer to http://insting.ko
minfo.go.id/tentang-idgovcert/rfc-
2350/
GO
VC
SIR
T.I
D
is t
he C
om
pu
ter
Secu
rity
In
cid
en
t
Resp
on
se T
eam
fo
r th
e I
nd
on
esia
n
go
vern
men
t.
GovCSIRT.ID(Computer Security Incident Response Team for Indonesia Government)
THANK YOU
Yudhistira Nugraha I Head of Risk ManagementEmail : [email protected]
Ministry of Communication and Information Technology of Republic Indonesia