Cyber Security Issues in South Korea and CSIRTs Cooperation September 17, 2014 Eunju Pak

Slides:



Advertisements
Similar presentations
1 ASEAN Regional Forum Meeting 28 – 30 April 2010 Bandar Seri Begawan, Brunei CERT-Ins Initiative on International Information Security Dr A S Kamble Director.
Advertisements

How to protect yourself, your computer, and others on the internet
IMPROVING THE INTERNATIONAL COMPARABILITY OF STATISTICS PRODUCED BY CSIRTs Developing Cybersecurity Risk Indicators panel 26 th Annual FIRST Conference.
Cyber X-Force-SMS alert system for threats.
IDENTITY THEFT ARE YOU SAFE?. HOW DOES THIS HAPPEN TO ME? Internet “Security “ When using a public computer, never access any vital accounts like banking.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?
Incident Response Case in Cyber-Fraud -Case of Republic of Korea-
Sensitive Data Accessibility Financial Management College of Education Michigan State University.
EDDS Error Handling QP & Reliability Team. 2 EDDS Error Handling 1. In case of ‘Error code: -1’ (refer below captured error message ) EDDS system need.
Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer
Incident Response Updated 03/20/2015
Norman SecureSurf Protect your users when surfing the Internet.
Capacity Development Workshop on Public Information Management System and Policy in Korea on cyber attacks Jeong Min, Lee KISA.
SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
JPCERT/CC May Fixed-Point Auto Data Collecting System Getting more accurate Scan and Prove data to provide more accurate network traffic analysis.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.
Commercial eSecurity Training and Awareness. Common Online Threats Most electronic fraud falls into one of three categories:  PHISHING – Fraudulent s.
APCERT : APNIC Meeting 2014’ International Collaboration for Regional Cybersecurity Risk Reduction - APCERT Collaboration with Stakeholders Yurie Ito Chair,
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
Copyright © 2008 APCERT APCERT Activity Updates Asia Pacific Computer Emergency Response Team Jia-Chyi Wu Deputy Director, TWNCERT On behalf of APCERT.
Phishing and Intrusion Prevention Tod Beardsley, TippingPoint (a division of 3Com), 02/15/06 – IMP-201.
Cyber Crimes.
Social Media Attacks By Laura Jung. How the Attacks Start Popularity of these sites with millions of users makes them perfect places for cyber attacks.
Security Awareness ITS SECURITY TRAINING. Why am I here ? Isn’t security an IT problem ?  Technology can address only a small fraction of security risks.
IT security By Tilly Gerlack.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
TTA activity for countering BOTNET attack and tracing cyber attacks 14 July, 2008 Heung-youl Youm TTA, Korea DOCUMENT #:GSC13-GTSC6-07 FOR:Presentation.
Final Introduction ---- Web Security, DDoS, others
Fostering worldwide interoperabilityGeneva, July 2009 How to counter web-based attacks on the Internet in Korea Heung Youl YOUM Chairman of Korea.
Copyright © 2010 APCERT Graham Ingram AusCERT SC member of APCERT AP* Retreat, Gold Coast 23 rd August 2010.
Region 5 Portal Registration Guide 1 Portal Registration: A Quick Start Guide 12/31/08 Aum Sri Sai Ram Sathya Sai Baba Centers of North Central Region.
Cyber-security policy to encourage CSIRTs activities Yasuhiro KITAURA Ministry of Economy, Trade and Industry, JAPAN.
Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.
How we work as a national CERT in China ZHOU Yonglin CNCERT/CC, China 2 Addressing security challenges on a global scaleGeneva, 6-7 December 2010.
Social Engineering © 2014 Project Lead The Way, Inc.Computer Science and Software Engineering.
CERT cooperation with ISP’s on Cybersecurity C ă t ă lin P ă trașcu CERT-RO 29 October 2015 RONOG 2 Meeting1.
Cyber Safety Mohammad Abbas Alamdar Teacher of ICT STS Ajman – Boys School.
Family Connection Collaborative Webs A Tool for Creating and Managing Web sites.
Computer Crime: Identity Theft, Misuse of Personal Information, and How to Protect Yourself (Tawny Walsh, Irina Lohina, Renair Jackson, Jahmele Betterson,
About Us AVG is a global security software maker protecting 98 million active users in 170 countries from the ever-growing incidence of Web threats, viruses,
PHISHING PRESENTED BY: ARQAM PASHA. AGENDA What is Phishing? Phishing Statistics Phishing Techniques Recent Examples Damages Caused by Phishing How to.
The Practices of CERT -- Building National Computer Network Emergency Response Capability Mingqi CHEN CNCERT/CC APCERT APAN Bangkok.
Information Systems Design and Development Security Risks Computing Science.
ONLINE SECURITY Tips 1 Online Security Online Security Tips.
Safe Computing Practices. What is behind a cyber attack? 1.
Zeus Virus By: Chris Foley. Overview  What is Zeus  What Zeus Did  The FBI investigation  The virus for phones  Removal and detection  Conclusion.
Remove [Browser Hijackers] For more information regarding [Browser Hijackers] Please Visit:
Mobile device security Practical advice on how to keep your mobile device and the data on it safe.
Outline of this module By the end of this module, you will be able to: Understand the benefits that internet banking provides; Name the different dangers.
2014 From Phish to Phraud Kat Seymour October 10, 2014 #GHC
Unit 1 Understanding computer systems: How legal, ethical, safety and security issues affect how computers should be used OCR Cambridge Nationals in ICT.
KASPERSKY INTERNET SECURITY FOR ANDROID. YOUR MOBILE DEVICES NEED PROTECTION More online communications and transaction are happening on tablets and phones.
Trend Micro Consumer 2010 Easy. Fast. Smart.
Personal spaces.
Information Security.
ISYM 540 Current Topics in Information System Management
Data Compromises: A Tax Practitioners “Nightmare”
Report Phishing Forward phishing s to
Some Common Terms The Internet is a network of computers spanning the globe. It is also called the World Wide Web. World Wide Web It is a collection of.
Norton Antivirus Technical Support Number Norton toll free number
APCERT Activities Asia Pacific Computer Emergency Response Team
A Trojan is a computer program that contains the malicious code and it misleads users and user's computer. It aims to designed to perform something is.
“CYBER SPACE” - THE UNDERGROUND ECONOMY
Risk of the Internet At Home
Information Security Session October 24, 2005
Cyber Security Incident Response Playbooks
Report Phishing Forward phishing s to
Presentation transcript:

Cyber Security Issues in South Korea and CSIRTs Cooperation September 17, 2014 Eunju Pak

AGENDA 01 LATEST NEWS 02 PHARMING 03 SMS PHISHING 04 CONCLUSION

01 Latest News

01. Latest News A GROUP OF CYBER FRAUD CRIMINALS WAS ARRESTED Unfair Profits 1 Billion KRW Victims’ financial information stolen Money withdrawn money from their bank accounts Cased by Phishing site, Pharming site and SMS Phishing 4

02 Pharming Case

02. Pharming Case Types of Malwares in South Korea Constant increase in the number of Phishing/Pharming Sites in South Korea 6

02. Pharming Case Pharming Incident? Infection Web defacement 7

02. Pharming Case Pharming Incident? Falsification hosts.ics falsified 8

02. Pharming Case Pharming Incident? Information Leak Victims’ bank account information leaked 9

02. Pharming Case JPCERT/CC’s ASSISTANCE NEEDED! Japanese IPs misused by Korean Pharming cases SOS to JPCERT/CC What JPCERT/CC is Doing: Analyzing malwares Monitoring servers distributing hosts.ics Discussing with relevant ISP (i.e Blocking sites) 10

03 SMS Phishing Case

03. SMS Phishing Case The more smartphone users are, the more SMS Phishing damages increase 2012Y 2013Y FH. 2014Y 569M 5,733M 330M Source : NPA Unit : KRW Damaged Amount of SMS Phishing in South Korea 12

03. SMS Phishing Case Text Message Received SMS Phishing Incident? Promotion Coupon(for free) Link to the URL Add bookmark Copy the text Downloading Do you want to install? 13

03. SMS Phishing Case ① Check Normal Banking Apps Malicious Application Installed SMS Phishing Incident? 14

03. SMS Phishing Case ② Download the Additional Malicious Application Malicious Application Installed SMS Phishing Incident? 15

03. SMS Phishing Case ③ Require Financial Information Malicious Application Installed SMS Phishing Incident? 16

SMS Phishing Case Malicious Application Installed SMS Phishing Incident? ④ Send away PKI folder, financial Information to specific address

SMS Phishing Case What KrCERT/CC is Doing: Providing CNCERT/CC with addresses, related evidences, samples Requesting takedown of related addresses What CNCERT/CC is Doing: Analyzing and Verifying malware samples Coordinating with relevant service provider to takedown the misused addresses Chinese Famous Portal addresses are misused for Korean SMS Phishing incidents CNCERT/CC’s ASSISTANCE NEEDED! 18

Cooperation Web Browser Notification to Infected PC Users : Received infected IP list from trusted organization and partners Web browser notification to infected PC users Respond CVE (Adobe Flash Player) : Received malware distributing URLs, suspicious URLs Request for proper actions to the distributing URLs Support technical measures, extract & analyze logs Web browser notification to infected PC users What KrCERT/CC is doing for Global Collaboration: WAIT!!! Remove malware from your PC 19

04 Conclusion

Conclusion Actions Required Each CSIRT has different capacities, rules,… Each CSIRT team’s circumstances to be explored Seek Ways to collaborate to Support Incident Handling Develop Information Sharing Protocol 21

04. Conclusion Asia Pacific Computer Emergency Response Team Forum of CSIRTs/CERTs in Asia Pacific region since 2003 To help create a SAFE, CLEAN and RELIABLE cyber space in the Asia Pacific region through global collaboration APCERT will maintain a trusted contact network of computer security experts in Asia Pacific region to improve the region’s awareness competency in relation to computer security incidents

감사합니다 THANK YOU

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.