Kazuaki Omori, Ministry of Internal Affairs and Communications
Transcript of Kazuaki Omori, Ministry of Internal Affairs and Communications
Cybersecurity Policy and Projects by Ministry of Internal Affairs and
Communications (MIC)
November 2nd, 2016
Kazuaki OMORI
Director, ICT Security Office, Ministry of Internal Affairs and Communication
Copyright (c) 2016 Ministry of Internal affairs and communications (MIC). All Rights Reserved.
Overview of ICT usage in Japan (1) 1
According to Communications Usage Trend Survey 2015, 83% of the Japanese population uses the Internet.
Rerefence: MIC (2016), « Communications Usage Trend Survey 2015 (in Japanese)» <http://www.soumu.go.jp/johotsusintokei/statistics/data/160722_1.pdf>
Copyright (c) 2016 Ministry of Internal affairs and communications (MIC). All Rights Reserved.
Figure 1-1: Transitions in the number of Internet users and their percentage of the general population (individuals)
End of 2014
End of 2015
End of 2011
End of 2012
End of 2009
End of 2010
End of 2007
End of 2008
End of 2005
End of 2006
End of 2003
End of 2004
End of 2001
End of 2002
End of 2000
2 Overview of ICT usage in Japan (2)
Matters of concern with Internet usage and problems with ICT networks;- ・ Households: personal information leakage (80.4%) and Virus infections (77.9%) ・ Enterprises : virus infections (47.8%), difficulty of developing security measures (44.2%)
and personnel shortages(44.0%).
Copyright (c) 2016 Ministry of Internal affairs and communications (MIC). All Rights Reserved.
Personal Information will be disclosed or exposed externally without permission
Unsure how far security measures should be taken
Computer virus infections
Receiving Spam
Trustworthiness of authentication technology
Others
Matters of Concern with Internet usage at households
Trustworthiness of electronic payments
False billing and other types of internet fraud
One’s own understanding of internet usage
Violations of intellectual property rights
Amount of illegal and harmful information
Internet addiction
Conflict with communication partners
End of 2015
Source: MIC’s White paper Information and Communications in Japan (2016)
Problems with Internet and Internet LAN usage at enterprises
Concern about virus infections
Difficult to develop security measures
Operational & management personnel shortages
Operational & management cost increases
Low security awareness among employees
Difficult to recover from failures, outages, etc.
Difficult to quantity benefit
High Communication charges
Difficult to obtain benefits
Low communication speeds
Concern about trustworthiness of electronic payment
Concern about protection of copyrights and intellectual property
Concern about trustworthiness of authentication technology
Others
No specific problems
End of 2014
End of 2015
*Multiple answers accepted
3 Increase in Cybersecurity Threats
Copyright (c) 2016 Ministry of Internal affairs and communications (MIC). All Rights Reserved.
Information and communications technology, including the Internet, is Japan’s growth potential as well as a foundation of socioeconomic activities. In recent years, the threat of information security has been become more and more malicious and sophisticated and causing serious damage.
Jun 2015 Infection by malware of a terminal used by an employee of the Japan Pension Service raised concerns that information of pension members had been leaked (targeted attack)
Oct 2015 Reported a phising site pretends a Financial Services Agency’s warning website for security on domestic internet banking. There were possibilities the info. such as an account number, password, two-factor-authentication and etc. to be stolen through the phising site. (Phising)
Nov 2015 Cyberattack on the official website of TOCOG and the site was out of service for about 12 hours. (DDoS Attack)
June 2016 Infection by malware of a terminal used by an employee of the i.JTB raised the possibility to leak the personal information including passport number. (targeted attack)
Examples of damages caused by recent cyber attacks
1. Malware: Abbreviation for Malicious software. Collective term for harmful software similar to computer viruses.
2. DDoS attack: DDoS stands for Distributed Denial of Service. An attack where a large volume of data is sent all at once to a specified address from a large number of terminals, rendering the server of the addressee inoperable.
3. Targeted attack: An attack launched at a targeted individual or organization aimed at stealing confidential information, etc.
4. “Watering hole” attack: An attack where the attacker lies in wait at a website frequently visited by the targeted organization. The malware infects only the targeted organization and steals its personal information, etc.
5. List-type attack: An attack where the attacker attempts to log in to online services using as a list IDs and passwords of other users obtained illegally.
6. Ransomware: A malware limit user’s system or files by such as encrypting. User will be charged for remove the limit or decrypt .
7. Adware: A software to earn by showing advertisement, which usually installed with software freeware. It will automatically add the advertisement when an user use a browser.
Crime for pleasure Exhibitionistic, showing off, harassing behavior, etc.
White collar crime & organized crime
Purpose is money; planned, pernicious
2000 2005 2010 2015
Infection via a network
Infection via websites Infection via email sent to specific targeted addresses
メールによる感染 Infection from randomly sent email
Damages from targeted attacks,3
“watering hole” attacks,4
fraudulent cash transfers, and list attacks5
DDoS attack2 damages Unauthorized access damages
Increase in malware1 infection, unauthorized access and DDoS attacks
Conspicuous attacks The attack is immediately detected, and measures can be put in place
Inconspicuous attacks Time lapses before discovery of the attack takes, increasing and prolonging damages
Ransomware※6
Malicious Adware※7
Drive-by downloads
The purposes of attacks are changing and the dangers are grow
ing
Increasingly sophisticated attack methods
4
Overview of Organization Chart with the New Cybersecurity Basic Act
Copyright (c) 2015 Ministry of Internal affairs and communications (MIC). All Rights Reserved.
4
Governmental bodies (Ministries)
Individuals Private Entities
• Critical Infrastructures
Other relevant Ministries
FSA (Financial Industry) MIC (Local Gov, Telecom) MHLW (Medical, Water) METI (Electricity, Gas, Chemistry, Credit Card, Petroleum) MLIT (Aviation, Railway, Logistics)
Others MEXT(Cybersecurity education) etc.
Cabinet Prime Minister
IT Strategic Headquarters
Cybersecurity Strategic Headquarters *Launched on Jan 9th 2015 by Basic Act
Director General Chief Cabinet Secretary
Vice Director General Minister in charge of CyberSecurity
Members Chair at National Public Safety Commission Minister of MIC Minister of MOFA Minister of METI Minister of MOD Olympics Minister Experts (Private entities including Universities)
Ministers participate
Close cooperation
5 Member Ministries of CSS HQ
Close cooperation
National Center of Incident Readiness and Strategy for Cybersecurity (NISC)*Renamed on Jan 9th 2015
by Basic Act
Secretariat
GSOC (Government Security Operation Coordination team )
Cooperation
National Security Council (NSC)
NPA (Cyber Crime)
MIC (Communication & Network policy)
MOFA (Diplomatic policy)
METI (Information policy)
MOD (National Security)
Critical Infrastructures
Cooperation
Overview of Cybersecurity Relevant Ministries 5
5 FSA (Finance), MIC (ICT, Local Government), MHLW (Medical care, Water), MLIT (Aviation, Railway, Logistics), METI (Power, Gas, Credit card, Petroleum, Chemical)
Other Ministries and agencies having jurisdiction over critical infrastructure
NISC National center of
Incident readiness and Strategy for Cybersecurity
NICT (National Institute of Information and Communications Technology) ICT-ISAC Japan
Promoting cyber attack prevention and detection, and reducing virus infection, from the viewpoint of protecting the telecommunication network through collaboration with ISPs
MOD (Ministry of Defense)
◆ Strengthening international cooperation
◆ Strengthening capacity and preparations of the Self-Defense Forces in cyber space ◆ Cyber defense Corps (approx. 100
members) was installed
NPA (National Police
Agency)
◆ Promoting crackdown on cyber crime, cyber attack, etc.
ICT Security Office
Information and Communications Division
Bureau of operational policy, responding cyber attack and cyber planning office
IPA (Information-technology Promotion Agency) JPCERT/CC (Japan Computer Emergency Response Team Coordination Center)
METI (Ministry of
Economy, Trade and Industry)
◆ Promoting security measures of control systems such as electricity, gas and software/hardware
Cybersecurity Division
Promoting R&D for network defense of Self-Defense forces Technology Research Division
Copyright (c) 2016 Ministry of Internal Affairs and Communications (MIC). All Rights Reserved.
MOFA (Ministry of
Foreign Affairs)
MIC Ministry of
Internal Affairs &Communicatio
ns
Overview of MIC’s Cybersecurity Measures
INDVIDUALS
http://www.active.go.jp/
✓ Increased the number of participants
✓ Expanded critical infra. Sectors
✓ Add new scenario for exercise
INDIVIDUALS ACTIVE PROJECT
(Advanced Cyber Threats response InitiatiVE)
ORGANIZATIONS CYDER PROJECT
(CYber Defense Exercise with Recurrence)
Looking ahead to holding a safe and secure Tokyo Olympic and Paralympic Games in 2020, MIC promotes multiple cybersecurity projects.
6
Copyright (c) 2016 Ministry of Internal affairs and communications (MIC). All Rights Reserved.
○ Conducting the following projects from perspectives such as defense of network infrastructures and enhancement of ICT security for users.
Network Security on IoT Device
IoT Security Guideline was published in July
IoT SOCIETY
z
NETWORK INFRASTRUCTURES
R&D by NICT R&D of the world’s most advanced cyber
security technology using Large-scale observation network
“NICTER” “DAEDALUS”
CYBER DEFENSE EXERCISE WITH RECURRENCE
CYDER
Copyright (c) 2016 Ministry of Internal affairs and communications (MIC). All Rights Reserved.
CYDER (CYber Defense Exercise with Recurrence) Project 8
Copyright (c) 2016 Ministry of Internal Affairs and Communications (MIC). All Rights Reserved.
System configuration Large-scale virtual LAN environment
(StarBED by NICT)
DNS
Mail Web
AP
DB
File Client Device
JGN(Japan Gigabit Network)-X by NICT
Tokyo Virtual hacker
Ishikawa Pref.
Enable participants to master a series of actions to minimize damages in case of a cyber attack
Practices to be carried out on virtual networks with 150 units of high-performance servers
Prepare up-to-date exercise scenarios based on the actual attack cases
Features
Activities in 2015 and 2016
Approximately 200 stakeholders from 80 organizations (government, critical infrastructures) took part in the exercises
From FY2016, NICT, a governmental research institute, became an operating body to further improve quality and stability of practices
In 2016, 1500 participants from 500 organizations including local governments will attend CYDER at 11 locations
Pseudo attack with malware on the virtual network
National 318 (CYBER) EKIDEN 9
Sponsored by the National Information Security Center (NISC) of the Cabinet Secretariat and the Ministry of Internal Affairs and Communication (MIC), the National 318 (Cyber) Ekiden (anti cyber-attack training for government ministry and agency staff) was held on March 18th, 2016 as a cyber security month event to enhance capability in government organizations to thwart cyber attacks
Participants engaged in practical exercises in a series of procedures aimed at responding to incidents of specific and other targeted-attacks including the infection of terminals by malware, fraudulent external communications, and document theft. The environment and scenarios of the exercises were based on results of MIC’s previous CYDER (Cyber Defense Exercise with Recurrence) event.
Civil servants of 13 ministries including major ministries responsible for infrastructures participated in FY2015.
Overview
At the venue of the event Award ceremony
Cybersecurity Awareness Month National 318 EKIDEN FY2015
Scene during the exercises
Commemorative photo with recipients Poster NISC’s Website
Copyright (c) 2016 Ministry of Internal affairs and communications (MIC). All Rights Reserved.
Cyber Security Capacity Building for 2020 Tokyo Olympic and Paralympic Games
MIC will organize a cyber security capacity building program for 2020 Tokyo Olympic and Paralympic Games. The
objective of the program is to train operators who will be in charge for security protection during the Games. The
training will take a red team-blue team style on a cyber range named “Cyber Colosseum” that simulates massive
and complicated cyber attacks expected during the Games.
Activities
Summary
■ The Cyber Range, “Cyber
Colosseum” will simulate
Games’ related systems
such as official websites,
administration systems and
other connected information
infrastructure systems.
■ Red team-blue team type of
exercises will be held for
operators of the systems
above during the Games and
the range will produce
massive/complex cyber
attacks for the exercises.
Red Team-Blue Team Exercise
The program aims to enhance collaboration among interested parties for the Games
10
Image
ADVANCED CYBER THREATS RESPONSE INITIATIVE
ACTIVE
Copyright (c) 2016 Ministry of Internal affairs and communications (MIC). All Rights Reserved.
ACIVE Project 12
Copyright (c) 2016 Ministry of Internal affairs and communications (MIC). All Rights Reserved.
ACTIVE (Advanced Cyber Threats response InitiatiVE)” is a project of providing comprehensive countermeasures against malware by collaborating with ISPs, anti virus vendors, and so on.
ACTIVE is intended to send a warning to Internet users to prevent malware infection, and remove malware, and encourages users to take autonomous protection measures against malware infection.
These initiatives lead to decrease the number of malware infection in Japan to create the world's highest information security environment.
Reference : ACTIVE Website <http://www.active.go.jp/en/>
ACIVE Project
Aiming at preventing malware infections and damages, ACTIVE alerts internet users who don’t recognize malware infections and, in case of malware infections, blocks communications between malware infected terminals and C&C servers.
(1)Listing and updating information on C&C servers and providing it to ISP
(2) Blocking communications between malware infected terminals and C&C servers
(3) Alerting users of malware-infected terminals
(ii)Approach for preventing malware damage
(2)Alerting (user)
(3)Alerting (web-site administrator)
(1)Listing and updating information on malignancy websites and providing it to ISP
(2)Alerting users when they are accessing malignancy websites
(3)Alerting administrator of malignancy websites
Alert! This website is malicious. Would you really like to access?
Yes No
(i)Approach for preventing malware infection
(1)Gathering information on malignancy website
Copyright (c) 2016 Ministry of Internal affairs and communications (MIC). All Rights Reserved.
13
ISP
Users of malware-infected terminals
C&C servers
(3)Alerting (user)
(2)Blocking communications
(1) Updating and providing information on C&C servers (*) to ISP (*) Servers which command and control malware-infected terminals
Alerting Internet Banking Users’ Attention to Malware (VAWTRAK) Infection 14
Due to the increase in fraudulent cash transfers through internet banking, the National Police Agency has implemented tactics to eradicate malware (VAWTRACK) aimed mainly at internet banking in Japan.
Cooperating in these tactics, the Ministry of Internal Affairs and Communications liaised with Telecom-ISAC Japan to provide alerts to users infected with this malware through the Advanced Cyber Threats Response Initiative (ACTIVE) through, a national initiative based on public and private collaboration.
っxx
(1)Capture of information from infected PC
Infected terminal
Malware (VAWTRAK)
Metropolitan Police Department
Telecom-ISAC Japan Ministry of Internal Affairs
and Communications
cooperation
ISP business participating in ACTIVE
Information on infected terminals is provided
to each ISP
(2) Provision of information about infected terminals
Attacker
Urges users of infected terminals to eliminate the said malware
Alert!
(3)
(4)
Fraudulent payments
Attack
* Approximately 82,000 terminals affected worldwide Of these, about 44,000 were in Japan
Provides information about infected terminals to participating ISP operators making use of ACTIVE, and ISP operators provide alerts to terminal users ・・・
Copyright (c) 2016 Ministry of Internal affairs and communications (MIC). All Rights Reserved.
Using ACTIVE for International Malware Extermination Strategy 15
“Game Over Zeus,” malware for making fraudulent cash transfers via internet banking, has spread throughout the world. In Japan alone, it was found that approximately 200,000 terminals were infected by this malware. In light of these developments, an offensive led by the Federal Investigation Bureau (FBI) of the United States and Europol, the EU law enforcement agency, was launched in June 2014 to eradicate GOZ.
Using ACTIVE to alert domestic users infected with GOZ .
US CERT
Japan United States
FBI GOZ
Infected terminals (Japan)
JPCERT
ISP
Alerts to users
IP address information of infected terminals
Captures information from infected terminals
Copyright (c) 2016 Ministry of Internal affairs and communications (MIC). All Rights Reserved.
Establishment of ICT-ISAC
ICT-ISAC
(Formerly) Telecom-ISAC
ISPs
ICT Vendors
System Integrators
DDoS Attacks
Website Defacement
bots
Targeted Attacks
Vulnerability information on IoT
systems
Each CEPTOR
JPCERT/CC
FS-ISAC
・・・
Security Vendors
“Telecom-ISAC (Information Sharing and Analysis Center)” was launched in 2002 to collect and analyze cyber attack incident data among telecommunication and ISP industries.
In order to expand information sharing across industries such as broadcasting and ICT, Telecom-ISAC was reorganized as “ICT-ISAC Japan” in March, 2016.
Broadcasters
Foreign Partners
NCC/Com-ISAC (US)
IT-ISAC (US)
eco (Germany)
・・・
Domestic Partners
Copyright (c) 2016 Ministry of Internal Affairs and Communications (MIC). All Rights Reserved.
16
ICT-ISAC Japan’s Activities
1) Working Groups (WGs) activities to share and analyze (discuss) ICT industry’s issues about Cybersecurity
MIC R&D of Cyber-Attack Prediction and Rapid Response Technology Through International Partnership, etc.
NISC CEOPTAR Council
3) Collaboration and cooperation with security institutions in Japan and overseas with partnerships (Ministry of Internal Affairs and Communications (MIC), National center of Incident readiness and Strategy for Cybersecurity (NISC), CEPTOAR Council , JPCERT/CC, IPA et al.)
4) Works for MIC’s (governmental) projects against cyber attacks *) ACTIVE has launched since Nov. 2013, PRACTICE since Apr. 2011
2) Holding workshops, cyber-attack exercise and seminars, etc.
5) Others (propagation and advancement of security technologies, and contribution to the educational activities)
17
Copyright (c) 2016 Ministry of Internal affairs and communications (MIC). All Rights Reserved.
Reference: ICT-ISAC (2016), “Cyber Attack Defense Exercise-WG(CAE-WG)”
IOT SECURITY PROJECT
IoT Society
Copyright (c) 2016 Ministry of Internal affairs and communications (MIC). All Rights Reserved.
What is the percentage of observed cyber attacks to IoT?
Cyber Attacks observed by NICTER in 2015
1 4
of observed
Others
To IoT Devcies (Web Camera, Routers,etc.)
To PCs
To remote logins To Websites
To DNS servers
cyber attacks
to IoT
19
IoT Acceleration Consortium 20
The IoT Acceleration Consortium is a private-led IoT body since October 2015 to promote IoT/BD/AI. Giving recommendations for the development and utilization of technologies along with the solution of polity issues.
IoT Security WG
Consideration of network connection guidelines for IoT equipment
Advanced model business promotion WG
(IoT propulsion lab)
Development, demonstration, and standardization of network and other IoT-related technologies
Technical development WG (Smart IoT Acceleration Forum)
Creation of advanced model business and environmental improvements, including regulatory reform
General Assembly Steering Committee
Chair Vice Chair
Ministry of Internal Affairs and Communications, Ministry of Economy, Trade and Industry, and relevant agencies
Cooperation Cooperation
Jun Murai, Dean and Professor of the Faculty of Environment and Information Studies
Hiroo Unoura President and Chief Executive Officer, Nippon Telegraph and Telephone Corporation
Hiroaki Nakanishi Hitachi, Ltd., Chairman & CEO
Chair
Vice Chair
Data distribution promotion WG
Development, demonstration, and standardization of network and other IoT-related technologies.
Steering Committee members (Chairman + 14 members) Chair, Jun Murai, Dean and Professor of the Faculty of Environment and Information Studies
Copyright (c) 2016 Ministry of Internal affairs and communications (MIC). All Rights Reserved.
The objective of the Guideline is to show required basic security protections for IoT based on “Security by Design Principle” and to lead IoT stakeholders to take proactive actions in industries with consideration of specific natures of IoT. It also aims to create an environment where users can utilize IoT devices, systems, and services securely.
The objective of the Guidelines is not to clarify all the legal responsibility of the stakeholders when they are involved in a cyber security incident but to promote their awareness of necessity of IoT security protections and to lead them to share necessary information among the stakeholders. The objective of the Guideline is to expect the stakeholders to consider
appropriate security protections based on what they must protect and risks they face, rather than to require the stakeholders to take a single standardized security protection.
IoT Acceleration Consortium, Ministry of Internal Affairs and Communications, and Ministry of Economy, Trade and Industry published the IoT Security Guideline on 5th July in 2016. The guideline has the following objective.
IoT Security Guideline in Japan and the Objective 21
Phases Guidelines Main points
Policies Establish basic policies based on the nature of IoT
• Commit to IoT security by management teams • Prepare for internal fraud or human error
Analysis Recognize security risks of IoT
• Identify what should be protected • Assume risks resulting from connections
Design Consider a design to
protect what should be protected
• Consider a design that does not cause any trouble to connected counterparts
• Evaluate and verify a design to ensure safety and security
Implementation and
connection
Consider Protections on Network Side
• Connect IoT devices to the network properly based on the function and purpose
• Keep initial settings in mind
Operation and
maintenance
Maintain a safe and secure state and transmit
and share information
• Maintain a safe and secure state after shipping and releasing • Grasp all IoT risks after shipping and releasing, and advise all stakeholders of what to be observed
• Recognize each stakeholder's roles in IoT systems and services • Evaluate vulnerable devices and give appropriate cautions
Rules for General Public
•Refrain from purchasing and using devices or services for which those call centers or support services are not available
•Pay attention to initial settings •Turn off the power of devices if they are no longer in use •Delete all data when disposing of devices
This guideline specifies rules for providers of IoT devices, systems and services on each step of their required operations (policies, analysis, design, implementation, connection, operation and maintenance)
Overview of IoT Security Guideline 22
PROMOTIONS AND SO ON
Others
Please visit <http://www.nisc.go.jp/active/kihon/cyber-security-senryaku_2015.html>
Copyright (c) 2016 Ministry of Internal affairs and communications (MIC). All Rights Reserved.
Promoting Utilization of Safe Cipher 24
Copyright (c) 2016 Ministry of Internal affairs and communications (MIC). All Rights Reserved.
◇ CRYPTREC Overview ■ Members
• Composed of experts on cryptography technology.
■ Activities • Publish “CRYPTREC Cipher List”* • Conducting the monitoring and evaluation of the safety of encryption technology.
• The Ministry of Internal Affairs and Communications (MIC) and the Ministry of Economy, Trade and Industry (METI) jointly implemented a Cryptography Research and Evaluation Committee (CRYPTREC) project for purposes of ensuring safety and reliability of e-government etc.
• CRYPTREC reformed “the e-Government Recommended Ciphers List (released on February 20, 2003)” as “the list of ciphers that should be referred to in the procurement for the e-Government system (CRYPTREC Ciphers List)” on March 1, 2013.
◇ Development of CRYPTREC Ciphers List • With consideration of the sophistication of
encryption and attack techniques as well as the development of new cryptography, the list was revised in 2013 for the first time in ten years.
• The revision was made from various viewpoints, including ease of procurement, promotion of domestic encryption codes and the safety point of view.
* “CRYPTREC Ciphers List” consists of “e-Government Recommended Ciphers List”, “Candidate Recommended Ciphers List” and “Monitored Ciphers List”.
* The following rule is specified for the algorithms of encryption and electronic signatures at each government ministry and agency: Those specified in “e-Government Recommended Ciphers List” shall be used if they are available.
CRYPTREC Ciphers List CRYPTREC Ciphers List
Recommendations on how to use are published.
List guide Deleted from the List.
Recommended Ciphers List
• Technology that has been safety-evaluated
Operational monitoring cipher list
• Technology that allows only temporary use for the maintenance of compatibility.
e-Government Recommended Ciphers List
• Technology that has been safety-evaluated
• Technology with utilized results confirmed in the market (commercialized technology)
At any time
Losing safety assurance
With track records on commercialization and utilization
Utilized by each ministry
Those not commercialized
At any time
Losing safety assurance
Educational Campaign of Safe Use of Wireless LAN (Wi-Fi)
Implementing an educational campaign related to the safe use of Wi-Fi for wireless LAN off-road promotion from the mobile phone networks from the perspective of the effective utilization of radio waves.
Specifically, creating an educational manual on the safe use of Wi-Fi and announcing the same at MIC’s website (information security website for the public) while implementing seminars targeting general users, local governments, and others.
http://www.soumu.go.jp/main_sosiki/ joho_tsusin/security/wi-fi.html
Educational Manual on the Safe Use of Wi-Fi
Checks the Service Set Identifier (SSID) of the access point to confirm that the user is properly connected to the intended access point.
Makes sure that the access point is compatible with the appropriate encryption method.
Check if the website is SSL (*) protected if the user’s important personal information, including information on the user’s ID, password, and credit card number.
The text explains countermeasures against risks and information security countermeasures with regard to the use of Wi-Fi.
(*) Secure Socket Layer (SSL): A mechanism of transmitting and receiving encrypting data over the Internet.
25
Copyright (c) 2016 Ministry of Internal affairs and communications (MIC). All Rights Reserved.
New Guideline
Thank you for your attention.
Copyright (c) 2016 Ministry of Internal affairs and communications (MIC). All Rights Reserved.