Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Security Issues in South Korea and CSIRTs Cooperation September 17, 2014 Eunju Pak

Published byChester Norman Modified over 8 years ago

Similar presentations

Presentation on theme: "Cyber Security Issues in South Korea and CSIRTs Cooperation September 17, 2014 Eunju Pak"— Presentation transcript:

1 Cyber Security Issues in South Korea and CSIRTs Cooperation September 17, 2014 Eunju Pak first-team@krcert.or.kr eunjupak@krcert.or.kr beunju@kisa.or.kr

2 AGENDA 01 LATEST NEWS 02 PHARMING 03 SMS PHISHING 04 CONCLUSION

3 01 Latest News

4 01. Latest News 2014-09-17 A GROUP OF CYBER FRAUD CRIMINALS WAS ARRESTED Unfair Profits 1 Billion KRW Victims’ financial information stolen Money withdrawn money from their bank accounts Cased by Phishing site, Pharming site and SMS Phishing 4

5 02 Pharming Case

6 02. Pharming Case 2014-09-17 Types of Malwares in South Korea Constant increase in the number of Phishing/Pharming Sites in South Korea 6

7 02. Pharming Case 2014-09-17 Pharming Incident? Infection Web defacement 7

8 02. Pharming Case 2014-09-17 Pharming Incident? Falsification hosts.ics falsified 8

9 02. Pharming Case 2014-09-17 Pharming Incident? Information Leak Victims’ bank account information leaked 9

10 02. Pharming Case 2014-09-17 JPCERT/CC’s ASSISTANCE NEEDED! Japanese IPs misused by Korean Pharming cases SOS to JPCERT/CC What JPCERT/CC is Doing: Analyzing malwares Monitoring servers distributing hosts.ics Discussing with relevant ISP (i.e Blocking sites) 10

11 03 SMS Phishing Case

12 03. SMS Phishing Case 2014-09-17 The more smartphone users are, the more SMS Phishing damages increase 2012Y 2013Y FH. 2014Y 569M 5,733M 330M Source : NPA Unit : KRW Damaged Amount of SMS Phishing in South Korea 12

13 03. SMS Phishing Case 2014-09-17 Text Message Received SMS Phishing Incident? Promotion Coupon(for free) Link to the URL Add bookmark Copy the text Downloading Do you want to install? 13

14 03. SMS Phishing Case 2014-09-17 ① Check Normal Banking Apps Malicious Application Installed SMS Phishing Incident? 14

15 03. SMS Phishing Case 2014-09-17 ② Download the Additional Malicious Application Malicious Application Installed SMS Phishing Incident? 15

16 03. SMS Phishing Case 2014-09-17 ③ Require Financial Information Malicious Application Installed SMS Phishing Incident? 16

17 17 03. SMS Phishing Case 2014-09-17 Malicious Application Installed SMS Phishing Incident? ④ Send away PKI folder, financial Information to specific email address

18 2014-09-17 03. SMS Phishing Case What KrCERT/CC is Doing: Providing CNCERT/CC with email addresses, related evidences, samples Requesting takedown of related email addresses What CNCERT/CC is Doing: Analyzing and Verifying malware samples Coordinating with relevant service provider to takedown the misused email addresses Chinese Famous Portal E-mail addresses are misused for Korean SMS Phishing incidents CNCERT/CC’s ASSISTANCE NEEDED! 18

19 2014-09-17 04. Cooperation Web Browser Notification to Infected PC Users : Received infected IP list from trusted organization and partners Web browser notification to infected PC users Respond CVE-2014-0515(Adobe Flash Player) : Received malware distributing URLs, suspicious URLs Request for proper actions to the distributing URLs Support technical measures, extract & analyze logs Web browser notification to infected PC users What KrCERT/CC is doing for Global Collaboration: WAIT!!! Remove malware from your PC 19

20 04 Conclusion

21 2014-09-17 04. Conclusion Actions Required Each CSIRT has different capacities, rules,… Each CSIRT team’s circumstances to be explored Seek Ways to collaborate to Support Incident Handling Develop Information Sharing Protocol 21

22 04. Conclusion Asia Pacific Computer Emergency Response Team Forum of CSIRTs/CERTs in Asia Pacific region since 2003 To help create a SAFE, CLEAN and RELIABLE cyber space in the Asia Pacific region through global collaboration APCERT will maintain a trusted contact network of computer security experts in Asia Pacific region to improve the region’s awareness competency in relation to computer security incidents 2014-09-1722

23 감사합니다 THANK YOU

Download ppt "Cyber Security Issues in South Korea and CSIRTs Cooperation September 17, 2014 Eunju Pak"

Similar presentations

1 ASEAN Regional Forum Meeting 28 – 30 April 2010 Bandar Seri Begawan, Brunei CERT-Ins Initiative on International Information Security Dr A S Kamble Director.

1 ASEAN Regional Forum Meeting 28 – 30 April 2010 Bandar Seri Begawan, Brunei CERT-Ins Initiative on International Information Security Dr A S Kamble Director.
How to protect yourself, your computer, and others on the internet

How to protect yourself, your computer, and others on the internet
IMPROVING THE INTERNATIONAL COMPARABILITY OF STATISTICS PRODUCED BY CSIRTs Developing Cybersecurity Risk Indicators panel 26 th Annual FIRST Conference.

IMPROVING THE INTERNATIONAL COMPARABILITY OF STATISTICS PRODUCED BY CSIRTs Developing Cybersecurity Risk Indicators panel 26 th Annual FIRST Conference.
Cyber X-Force-SMS alert system for E-mail threats.

Cyber X-Force-SMS alert system for threats.
IDENTITY THEFT ARE YOU SAFE?. HOW DOES THIS HAPPEN TO ME? Internet “Security “ When using a public computer, never access any vital accounts like banking.

IDENTITY THEFT ARE YOU SAFE?. HOW DOES THIS HAPPEN TO ME? Internet “Security “ When using a public computer, never access any vital accounts like banking.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?

Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?
Incident Response Case in Cyber-Fraud -Case of Republic of Korea-

Incident Response Case in Cyber-Fraud -Case of Republic of Korea-
Sensitive Data Accessibility Financial Management College of Education Michigan State University.

Sensitive Data Accessibility Financial Management College of Education Michigan State University.
EDDS Error Handling QP & Reliability Team. 2 EDDS Error Handling 1. In case of ‘Error code: -1’ (refer below captured error message ) EDDS system need.

EDDS Error Handling QP & Reliability Team. 2 EDDS Error Handling 1. In case of ‘Error code: -1’ (refer below captured error message ) EDDS system need.
Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer

Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer
Incident Response Updated 03/20/2015

Incident Response Updated 03/20/2015
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Capacity Development Workshop on Public Information Management System and Policy in Korea on cyber attacks 2011.11.28 Jeong Min, Lee KISA.

Capacity Development Workshop on Public Information Management System and Policy in Korea on cyber attacks Jeong Min, Lee KISA.
SHASHANK MASHETTY Email security. Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
JPCERT/CC May. 2003. Fixed-Point Auto Data Collecting System Getting more accurate Scan and Prove data to provide more accurate network traffic analysis.

JPCERT/CC May Fixed-Point Auto Data Collecting System Getting more accurate Scan and Prove data to provide more accurate network traffic analysis.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.

Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
First Community Bank www.fcbnm.com Prevx Safe Online Rollout & Best Practice Presentation.

First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.
Commercial eSecurity Training and Awareness. Common Online Threats Most electronic fraud falls into one of three categories:  PHISHING – Fraudulent emails.

Commercial eSecurity Training and Awareness. Common Online Threats Most electronic fraud falls into one of three categories:  PHISHING – Fraudulent s.
APCERT : APNIC Meeting 2014’ International Collaboration for Regional Cybersecurity Risk Reduction - APCERT Collaboration with Stakeholders Yurie Ito Chair,

APCERT : APNIC Meeting 2014’ International Collaboration for Regional Cybersecurity Risk Reduction - APCERT Collaboration with Stakeholders Yurie Ito Chair,

Similar presentations

Ads by Google