Superintendencia de Telecomunicaciones de Ecuador
EcuCERT
FIRST/TF-CSIRT Technical Colloquium
Zurich 2014
Ecuador
LANGUAGE: SPANISHPOPULATION: AROUND 16’ ITS POSTITION IS 66 IN THE WORLDSIMILAR TO NETHERLANDS 65 IN THE WORLD
AREA: 256,370 KM2 , IT`S POSITION IS AROUND 80 IN THE WORLD SIMILAR TO UNITED KINGDOM SIMILAR TO NEW ZELAND
1 2 34
Galápagos - Islands
Coast – Pacific Ocean
Los Andes – Highlands
Amazon – Rain Forest
Cities - Quito
Cities - Guayaquil
Cities - Cuenca
People of Ecuador
FAIR PLAY
Superintendencia de Telecomunicaciones
EcuCERT’s Team
TelecommunicationStatistics:2’ million fixed lines,
6 operators15’2 million mobile users,
3 operators10´4 millions internet users,
234 ISPDomains:general use .ec - clubsuizo.ecGovernment use .gob.ec - supertel.gob.ecCommercial use .com.ec - casadelsuizo.com.ec
Ecuador
INDIVIDUAL EFFORTS
• National Coordination
• Constituency, mission, services,
• Establishing Policies
• Appropriated Workplace
• Incident handling
• Training
• Membership to FIRST
In which areas we are working?
• CYBER SECURITY COMMITTEE
• NATIONAL CYBER SECURITY PLAN
• PERSONAL DATA PROTECTION LAW
• TELECOMMUNICATIONS AND CYBER SECURITY LAW
COORDINATION
• Our constituency will be at the
beginning:
– The telecommunication sector
– The government
• But in the future we will
increase to all the citizens
CONSTITUENCY
• Installing the ECUCERT's data center
• Buying the better tools of hardware and software
• Equipping the forensic laboratory
• Improving the network infrastructure
• Improving the physical and logical security
APPROPRIATED WORKPLACE
• We are using RTIR
– How to recive an incident
– Incident handling process
– Reports
INCIDENT HANDLING
RECIVED TRAINING
• Our personal has been trained in courses that areaimed to potential CSIRT knowledge, to gain agood grounding in the main aspects of working inan incident handling and response team:– EC-Council: 1) Incident Handler, 2) Ethical Hacking, 3)
Certified Security Analysis.– TERENA: Transits 1– LACNIC: Proyecto Amparo– ITU – IMPACT: Workshops, Ciberdrills.– USCERT-ICSCERT: Industrial Control Systems
Cybersecurity– USTTI: Cybersecurity and ICT Policy– and a large number of local trainings
IP-PBX FRAUD 232 registred cases Companies and Institutions (Grupo de abogados, Servicios
petroleros, IESS, Cancillería, Uniandes, Banco del Austro,Cabired, Motransa, Servidinámica, LG, Uniplex, Telecuatro, entreotros)
Economic damage (over 5´ USD) Atypical destinations(Guinea, Ghana, Austria, Gambia, Iridium,
Cuba)
CSIRT Nacional
Ecucert - SupertelJanuary 2012 – December 2013
Registered cyber crimes
CSIRT Nacional
Ecucert - SupertelJanuary 2013 – December 2013
“Defacement” 943 registered cases
Government and private domains
Attacked domains (Registro Civil, Bomberos, Registro de la Propiedad, Puerto de Esmeraldas, Movistar, Armada, Universidad Israel, CCI, ESPOL, Yamaha, aesoft, entre otros).
Registered cyber crimes
41,23%
37,21%
9,67%
4,75%4,32%
1,80%
0,40%
0,37% 0,25%
Defacements
.com.ec
.gob.ec / .gov.ec
.ec
.edu.ec
.org.ec
.mil.ec
.fin.ec
.net.ec
.med.ec
Registered cyber crimes
Top Related