Embed Size (px)
Citation preview
Bangladesh Cyber Incident Trends 2014&
bdCERT Update
A.K.M Shamsuzzaman!!!
* zaman [at] bdcert [dot] org * http://www.bdcert.org *!
bdNOG 3| 18-23 May, 2015 | Dhaka, Bangladesh!
bdCERT Overview!
bdNOG318 – 23 May, 2015Dhaka,Bangladesh
bdCERT
January 2007! July 2007! November 2007! December 2008!
January 2009!
Formed! Operation!
bdNOG318 – 23 May, 2015Dhaka,Bangladesh
bdCERT : Mission Statement
Always Trusted Contact, Increase Computer and Network Security for Bangladesh Internet and Intranet Users, Knowledge Sharing with other CERTs & Related Organization.!
bdNOG318 – 23 May, 2015Dhaka,Bangladesh
bdCERT : Function
• Point of contact for reporting local problems. !
• Share information and lessons learned from other CERTs, response teams, organizations and sites. !
• Incident tracing & response.!
• Organize training, research and development. !
bdNOG318 – 23 May, 2015Dhaka,Bangladesh
bdCERT : Activities
• Incident Handling
• Email!
• FAX!
• Web Form!
http://www.bdcert.org/incident.html!
bdNOG318 – 23 May, 2015Dhaka,Bangladesh
bdCERT : Activities
• “Internet Traffic Monitoring Data Visualization Project” with JPCERT/CC (Japan Computer Emergency Response Team / Coordination Center) named “TSUBAME”. !
• Collaboration with Team Cymru.!
• Participate in APCERT, OIC-CERT Cyber Security Drill!
• bdCERT actively participated in drafting the first National Cyber Security Strategy endorsed by Access to Information (a2i), PMO. The strategy was drafted by a special committee under the supervision of Controller of Certificate Authorities, Ministry of ICT!
• Participate in 2013 APISC Security Training Course !
• MoU with CNCERT for “CNCERT International Co-Operation Partner”!
bdNOG318 – 23 May, 2015Dhaka,Bangladesh
bdCERT : ASN Portal
bdNOG318 – 23 May, 2015Dhaka,Bangladesh
bdCETR : Future Plan
• Introduce New services.!
• Consulting & Awareness Programs.!
• New collaborations.!
• Security Workshop for Government and Academics.!
• FIRST Membership!
Bangladesh Cyber Incident Trends 2014!
bdNOG318 – 23 May, 2015Dhaka,Bangladesh
Bangladesh Cyber Security Incidents 2013 vs 2014
Data received from censor maintained by bdCERT!
0!
50000!
100000!
150000!
200000!
bots! bruteforce!malwareurl!openresolvers! phishing! proxy! scanners!2013! 2014!
bdNOG318 – 23 May, 2015Dhaka,Bangladesh
Bangladesh Cyber Security Incidents
• Hacktivism takes center stage.!
• Phishing / Site Defacements are more common.!
• Government sites (.gov.bd domain) are mainly targeted; mostly run on outdated Joomla engine/plugins.!
• DDoS attack are increasing. Mostly target online banking and online news web portal.!
• Increase of Facebook incident reporting.!
• Increase of spoof SMS.!
bdNOG318 – 23 May, 2015Dhaka,Bangladesh
Phishing Attack
bdNOG318 – 23 May, 2015Dhaka,Bangladesh
Site Defacement
bdNOG318 – 23 May, 2015Dhaka,Bangladesh
bdCERT : Activities In 2015
• February 10-12, 2015 : bdCERT in collaboration with ISPAB; organize a 3 days workshop on “Network Security Management & Cyber Security”!
• Participate Cyber Security Drill on 18th March 2015 Conducted by APCERT!
