ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings...

32
ROLE OF CERT-GOV-MD and cooperation at national level Natalia SPINU, Chief, CERT-GOV-MD, S.E. CTS

Transcript of ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings...

Page 1: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

ROLE OF CERT-GOV-MDand cooperation at national level

NataliaSPINU,

Chief,CERT-GOV-MD,S.E.CTS

Page 2: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

1. Introduction2. CERT-GOV-

MD: organization and operational capacities

3. CYBERSECURITY INCIDENTS: CHALLENGES, CURRENT SITUATION AND PAST ATTACKS

4. Future: Cybersecurity in moldova

5. CONCLUSIONS

AGENDA

Page 3: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

Thereareonlytwotypesofcompanies:Thosethathave beenhacked,andthosethatwillbe.RobertMueller,FBIDirector,2012

Page 4: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

Introduction

Page 5: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

CYBERTHREATSAREINTERCONNECTEDCYBERTHREATS2017

PETYA/NONPETYA/GOLDENEYE(JUNE2017)

WANNACRY(MAY2017)

SHADOWBROKERSLEAK

(APRIL2017)

Page 6: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

SHADOWBROKERSLEAK

August2016§ Shadowbrokersgroupclaimedto

obtainNSAspytools.

April2017§ Themostsignificantleakofspy

exploits donebythegroup.

April’sleakledtothemostseriousconsequences.

Page 7: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

WANNACRY

§ OnMay12astrainofransomwarecalledWannaCryspreadaroundtheworld.

§ TheransomwareusedleakedbyShadowsBrokersexploittoattackthetargets.

Page 8: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

PETYA/NONPETYA/GOLDENEYE

§ AmonthorsoafterWannaCry,anotherwaveofransomwareinfectionsthatpartiallyleveragedShadowBrokersWindowsexploitshittargetsworldwide

Page 9: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

§ Growingspacewithrapidexpansion

– Acrossallsectors:individuals,commerce,governments

– Growingpervasivenessineverythingwedo

§ Manythreats

§ CyberSecurityisanunclearconcept

– Considerableuncertainty,broadscope,andever-changingdimensions

– Cybersecuritydefinitionsvarywidelyandlacktrueconformity

WHYTHISMATTERSTOYOU

§ Cyberisachaoticandungovernedenvironment– Increasingtensionbetween

governments,individuals,privateenterprises,commence.

– Whatiscyberdefense?§ Earlystagesofcyberexpansion

– Technologicaladvancement– Fastandintensecompetition– Anuncertainfutureofthe

cyberdomain,theinternetandmore

Page 10: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

When…

• IntheCyberworld,securitywasanafterthought• TheCyberworldlacksasinglecentralcyberarchitect• TheCyberworldisasystemofinsecuresystems• TheCyberworldisnotstaticbutconstantlyevolving• Innovationisconstant,andhighlyunpredictable

THECYBERSECURITYCHALLENGE…

Page 11: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

CERT-GOV-MDORGANISATIONANDOPERATIONALCAPACITIES

Page 12: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

WHOWEARE?

SUBORDINATIONHIERARCHY FACTS

2010 EstablishedbyGovernmentdecision№nr.746of18.08.2010

2013 ImplementedISO27001

2014 CERT-GOV-MDbecameaccreditedbyTrustedIntroducer

2016 FIRSTmembership

Securitydepartment

Government

Clients

StateChancellery

S.E.CenterofSpecialTelecommunications

CyberSecurityCenterCERT-GOV-MD

PublicAuthorities

Privatesector

Page 13: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

§ Serve as a trusted point of contact§ Develop an infrastructure for coordinating response§ Develop a capability to support incident reporting§ Conduct incident, vulnerability & artifact analysis§ Participate in cyber watch functions§ Help organizations to develop their own incident management capabilities§ Provide language translation services§ Make security best practices & guidance available§ Provide awareness, education & trainings

Benefits of CERT-GOV-MD

Page 14: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

THREATSCYBERSECURITY

Page 15: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

THREATSThreatsinCyberspaceINFORMATION & ABUSE• Targetedgovernment

controlandinfluenceofcitizens

• Propaganda

• Consciouslycommunicatingfalseinformation

• Stateespionage

• Databreach

• Identitytheft

• Hackers

• Internetcrimes,encouragingsedition

• Terrorism

Page 16: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

THREATSThreatsareBecomingMoreComplex

Cloudstorage

Mobiledatastorage

Supplychainisn’ttransparent

Tabletcomputer

Newtypesofviruseseveryday

Increasinglymorecomplexsoftwareprograms

Severalupdatesdaily

THREATS ARE

BECOMING MORE

COMPLEX

Page 17: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

THREATS

DATA IN SECURE BUSINESS SYSTEMS§ Mainframesystems§ Internetworking§ Emergenceofopensystems

INTERNET ACCESS AND HIGHLY CONNECTED SYSTEMS§ Onlineaccesstocitizendata§ Advancesin

internetworking§ Citizenselfservice

ACCESS ANYWHERE & ANYTIME§ Integratedonlineeligibility

systems§ Bigdata§ Cloud§ Mobile

DATA EVERYWHERE; USER EXPERIENCE DRIVEN§ Wearabletechnology§ Internetofthings§ Smartdevices§ Drones§ Artificialintelligence§ Mobilepayment§ Etc.Low

BUSINESS IMPACT:§ Citizentrust

§ Costtoprotect

§ Legal/regulatory

§ Criticalinfrastructure

Now2000s 2010-20141990s

HighCyberterrorismInsecurecodes

Cybercrime

Identitytheft

HackersDatabreach

Networkattacks

Malware

Criticalinfrastructureattacks

Foreignstatesponsoredcyberespionage

Cyberwarfare

Page 18: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

CYBERSECURITY INCIDENTSCHALLENGES,CURRENTSITUATIONANDPASTATTACKS

Page 19: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

CYBERINCIDENTSINGOVERMENTALSECTOR

0%

10%

20%

30%

40%

50%

60%

70%

SPAM Networkattacks

Informationgathering

Botnets Intrusionattempts

INCIDENTSBYCATEGORY(2016)

2013

2014

2015

2016

60% 80% 100% 120%

NUMBEROFINCIDENTS

5636172

6570938

6285590

6644949

Page 20: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

THREATS3882529unsolicitedemailsblockedasof2016

SPAM

Seemslegitimateandaresenttoanemail

account

Containsoftendangerouslinks(todownload)orinvoicesforallegedonlineorders

Manyemailaccountshavespamfiltering

Canalsobesentonsocialnetworksorapps

Page 21: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

THREATS57575malwareblockedasof2016

ATTACKER VICTIMTROJANS & WORMS

Variousnewformsofmalwareappearontheinterneteveryday.

Nestundetectedincomputersystemsorcreepinduringdownloads

ARESENTVIAINFECTEDEMAILS

Cantransfersensitivedatasuchaspasswords,bankinginformation,personaldata

hacker

Page 22: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

ATTACKER BOTNETS CONTROLERS

INFECTED TARGET

CanattacksallITsystems

Cansendinfectedanddangerous(spam)emails

Networksconsistingofseveralcomputers

Cansendinfectedanddangerous(spam)emails

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

hACKER

hACKER

THREATS3678Botnetsinfectionsdetected

Page 23: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

BOTNETS CONTROLERS

TARGETINFECTED

Blockinternetservices

Arealsousedasadistractionwhilemalicioussoftwareis

beinginstalled

ATTACKER

ItpurposeistoInterruptwebserverswhichthencausesamassofdatapacketstobesenttotheserver

Networksconsistingofseveralcomputers

hACKER

hACKER

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

INFECTED

THREATS124575DistributedDenial-of-service(DOS)attacksstopped

Page 24: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

CAPACITYBUILDINGCyberSecurityTrainingsandWorkshops

Jointeducationalactivities

Page 25: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

INFORMATIONSECURITYAWARENESSCERT-GOV-MD’sawarenessactivities

Page 26: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

POWEROFPARTNERS

Workingtogethertoensurehighlevelofcybersecurity

Page 27: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

FUTURECYBERSECURITYINMOLDOVA

Page 28: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

SECURITYContinuousStepsofaSecurityManagementProcess

Technicalmeasures

Validation andimprovement

Riskanalysis

Policies,organizational measures

3

4

1

2Security Manageme

ntProcess

Page 29: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

FUTURENewResearchProgramoftheGovernmentwithFourFocusAreas

Newencryptioncapabilitiesandsecuritymeasures

Securitymeasuresandsolutionsfornetworked

systems

Protectionofcriticalinfrastructuresand

networkedindustrialplants

Morecontrolovercitizens’personaldataonthe

Internet

PRIVACY & DATA

PROTECTION

APPLICATIONS

SECURE INFORMAT

ION & COMMUNICATIONS TECHNOLOGY (ICT) SYSTEMS

NEW HIGH-TECH

INFORMATION

TECHNOLOGIES

FOR MORE SAFETY

Page 30: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

CONCLUSIONS

Page 31: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

CONCLUSION

Cyber security is a global problem that has to be addressed globally by all governments jointly;

No government can fight cybercrime or secure its cyberspace in isolation;

International cooperation is essential to securing cyberspace;

It is not a technology problem that can be ‘solved’; it is a risk to be managed by a combination of defensive technology.

Page 32: ROLE OF CERT-GOV-MD and cooperation at national … · § Provide awareness, education & trainings Benefits of CERT-GOV-MD. THREATS CYBERSECURITY. THREATS ... § Mainframe systems

THANKYOU!

NataliaSPINU

[email protected]

[email protected]


CERT 100 CERT 101 - Plaques and SuchCERT 100 CERT 101 CERT 105 CERT 102 CERT 103 CERT 104. CERT 106 CERT 111 CERT 108 CERT 109 CERT 107 CERT 110. CERT 114 CERT 112 CERT 113 CERT 115

CERT 100 CERT 101 - Plaques and SuchCERT 100 CERT 101 CERT 105 CERT 102 CERT 103 CERT 104. CERT 106 CERT 111 CERT 108 CERT 109 CERT 107 CERT 110. CERT 114 CERT 112 CERT 113 CERT 115

CARB Document: ......CERT STD SFTP @ 4000 miles SFTP @ * miles CO [g/mi] com osite CERT STD CO sc03 CERT 0.09 STD 0.14 CERT 1.7 STD 8.0 CERT 0.04 STD 0.20 CERT 2.4 STD 2.7 CERT STD

CARB Document: ......CERT STD SFTP @ 4000 miles SFTP @ * miles CO [g/mi] com osite CERT STD CO sc03 CERT 0.09 STD 0.14 CERT 1.7 STD 8.0 CERT 0.04 STD 0.20 CERT 2.4 STD 2.7 CERT STD

CERT-GOV-GE Regional Cooperation, Activities & Services Regional Cooperation-CERT.pdf · CERT-GOV-GE Honeypots •Emulation Of Popular Vulnerable Software •Using Open Source Honeypot

CERT-GOV-GE Regional Cooperation, Activities & Services Regional Cooperation-CERT.pdf · CERT-GOV-GE Honeypots •Emulation Of Popular Vulnerable Software •Using Open Source Honeypot

To cert or not to cert

To cert or not to cert

TAMIL NADU - appolosupport.com · Flood mitigation scheme in Araniyar, Kosathalaiyar, Cooum, Adyar ... Computer Emergency Response Team (CERT-In) to ward off external cyber threats

TAMIL NADU - appolosupport.com · Flood mitigation scheme in Araniyar, Kosathalaiyar, Cooum, Adyar ... Computer Emergency Response Team (CERT-In) to ward off external cyber threats

Tech Name Employer Name Cert Num Cert Date Cert Expires · Western Alliance for Quality Transportation Construction WAQTC Page 1 Tech Name Employer Name Cert Num Cert Date Cert Expires

Tech Name Employer Name Cert Num Cert Date Cert Expires · Western Alliance for Quality Transportation Construction WAQTC Page 1 Tech Name Employer Name Cert Num Cert Date Cert Expires

CERT Firefighter Rehab Participant Manual · stress on firefighters. The purpose of firefighter rehab. The CERT’s role in firefighter rehab. • Physiological Threats to Firefighters.

CERT Firefighter Rehab Participant Manual · stress on firefighters. The purpose of firefighter rehab. The CERT’s role in firefighter rehab. • Physiological Threats to Firefighters.

CERT Organization CERT Basic Training Unit 6. CERT Basic Training Unit 6: CERT Organization 6-1 ●Describe the CERT structure ●Identify how CERTs interrelate.

CERT Organization CERT Basic Training Unit 6. CERT Basic Training Unit 6: CERT Organization 6-1 ●Describe the CERT structure ●Identify how CERTs interrelate.

100109 Gov Team State Gov 50m

100109 Gov Team State Gov 50m

INTECO-CERT team update - FIRST · Samples FastFlux Open Resolver Threats URLs bots. 7 Services 0day vulnerabilities reports General software SCADA software Incident handling Proactive

INTECO-CERT team update - FIRST · Samples FastFlux Open Resolver Threats URLs bots. 7 Services 0day vulnerabilities reports General software SCADA software Incident handling Proactive

CERT Unit 2: CERT Organization

CERT Unit 2: CERT Organization

Community EmergencyCommunity Emergency Response Teams ... · • Provide a better understanding of theProvide a better understanding of the CERT program ... the threats of terrorism

Community EmergencyCommunity Emergency Response Teams ... · • Provide a better understanding of theProvide a better understanding of the CERT program ... the threats of terrorism

Oregon Building Codes Divison 2017 BCD Code Change cycle · First name Last name OIC cert # EI cert # CAE cert # SEI cert # SSI cert # Completed date PI cert # CAP cert # SPI cert

Oregon Building Codes Divison 2017 BCD Code Change cycle · First name Last name OIC cert # EI cert # CAE cert # SEI cert # SSI cert # Completed date PI cert # CAP cert # SPI cert

Gov state and local gov 50m

Gov state and local gov 50m

Insider Threats in the SDLC - Carnegie Mellon University · 7 Evolution of CERT Insider Threat Research Insider threat case studies • U.S. Department Of Defense Personnel Security

Insider Threats in the SDLC - Carnegie Mellon University · 7 Evolution of CERT Insider Threat Research Insider threat case studies • U.S. Department Of Defense Personnel Security

ICS-CERT Year in Review 2016 · 2019-03-27 · year, ICS-CERT continues unceasingly to combat the ever-increasing threats to the CI that provides the important services Americans

ICS-CERT Year in Review 2016 · 2019-03-27 · year, ICS-CERT continues unceasingly to combat the ever-increasing threats to the CI that provides the important services Americans

CA Key 1 Created OCSP Cert 1 Client Cert 1 Client Cert 2 OCSP Cert 2 CA Key 2 Created CA Key 1 Expiration OCSP Cert 3 Client Cert.

CA Key 1 Created OCSP Cert 1 Client Cert 1 Client Cert 2 OCSP Cert 2 CA Key 2 Created CA Key 1 Expiration OCSP Cert 3 Client Cert.

GENDER CATEGORIES CERT. NO. Gold Medal CERT. NO. Silver ...€¦ · GENDER CATEGORIES CERT. NO. Gold Medal CERT. NO. Silver Medal CERT. NO. BRONZE CERT. NO. MEDAL Boys 5 yrs Beginner

GENDER CATEGORIES CERT. NO. Gold Medal CERT. NO. Silver ...€¦ · GENDER CATEGORIES CERT. NO. Gold Medal CERT. NO. Silver Medal CERT. NO. BRONZE CERT. NO. MEDAL Boys 5 yrs Beginner

Cyber Security Threats Landscape - Cert-In

Cyber Security Threats Landscape - Cert-In

COLERAIN POLICE DEPARTMENT - E-Gov Link POLICE DEPARTMENT SWOT (Strength, Weaknesses, Opportunities and Threats) Analysis DANIEL MELOY, CLEE Chief of Police

COLERAIN POLICE DEPARTMENT - E-Gov Link POLICE DEPARTMENT SWOT (Strength, Weaknesses, Opportunities and Threats) Analysis DANIEL MELOY, CLEE Chief of Police