1 / 20

TWCERT/CC

TWCERT/CC. Anti-Phishing status report. TWCERT/CC Objectives. Establish Joint Defense to Strengthen Information Security Infrastructure Improve Network Security to Protect Users’Rights Strengthen Security Notification Mechanism to Improve Process Efficiency

vlouis
Download Presentation

TWCERT/CC

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. TWCERT/CC Anti-Phishing status report

  2. TWCERT/CC Objectives • Establish Joint Defense to Strengthen Information Security Infrastructure • Improve Network Security to Protect Users’Rights • Strengthen Security Notification Mechanism to Improve Process Efficiency • Establish Resource and Information Sharing Platform to Accumulate Technical Capacity

  3. 3-phase of TWCERT/CC Establishment Alliance Alliance Security Alliance Services Training Meeting 1998-2005 Preparation phase – funded by TWNIC 2010-2012 Operation phase – operated by TWNIC 2005-2009 Implementation phase - partially supported by TWNIC 2009 JPCERT/CC MOU 1998/9 establish 2010/1 TWNIC host TWCERT/CC Transform Version scan for DNS, Mail and Web server DNS setup validation system Anti-Phishing Notification Window Cyber Clean Center E-learning system 2001/10 Join FIRST 2002 Join APCERT 2003 Seoul-Melbourne Anti-Spam Agreement Training \ Anti-Phishing Cyber Clean Center NBEN security center plan and setup NICI Intrusion Detection system for research network TA-CERT NCC-CERT Working Group Security Alliance Project Training Course Certification program Working group meeting every week Advisory Committee meeting twice a year Annual General meeting once a year Training 2001 TWNCERT 80 Security education every year Security workshop each quarter Security Alliance 2010/10 Taiwan Security Alliance 2010/10 TA-CERT Launch 2011/3 NCC-CERT Launch 2011 EC-CERT 3

  4. TWCERT/CC Structure Anti-Phishing Notification Window WG Leader Support Team International Affairs Leader Project Manager Cyber Clean Center WG Leader Director Advisory Committee Chairman Consultant Nai-Wen Hsu Anthony Lee Geng-Da Tsai Supported by TWNIC Shian-Shyong Tseng Ai-Chin Lu Nian-Shing Chen Tien-Lai Teng Full-time Staff Full-time Staff Full-time Staff Ian Chiang Abel Yang, Haway Liang Tsz-Heng Kuo Volunteers from Volunteers from RDEC NCHC National SYS University Computer Center, MOE ICST Chunghwa Telecom RDEC NCHC National SYS University Computer Center, MOE ICST Chunghwa Telecom

  5. Relationship between TWCERT/CC and other CERTs FIRST APCERT CSIRT community Oversea CSIRT Other CERTs Other organization International TWCERT/CC Domestic International cooperation CERTs coordination Information sharing Research Education NCC CERT MCERT TANet CERT TWNCERT GSN CERT EC-CERT

  6. Taiwan Security Alliance Government organizations TWNCERT MOTC Advise ISPs NCC-CERT Coordination TWCERT/CC Committee Academic TA-CERT IASP TWIA Administrative support TWNIC

  7. TWCERT/CC Anti-Phishing status report

  8. Objectives • Reduce/prevent financial losses from phishing attacks • Speedup the anti-phishing process and reduce the uptime of Taiwan phishing sites within 24 hours • Predict the phishing behavior and stop it in advance

  9. Participant • Ministry of Transportation and Communications • National Communications Commission/NCCCERT • Research Development Evaluation Commission/TWNCERT/Information & Communication Security Technology Center • Ministry of Education/TANet CERT/Nation Sun Yat-sen University • Taiwan Internet Association • ISPs • TWCERT/CC

  10. Phishing sites in Taiwan Source:APWG Global Phishing Survey: Trends and Domain Name Use

  11. APNOW mechanism 7 Technicaladvice 8 4 ISP/Members Notice & Takedown Phishing Site 1 Collection APNOWplatform 3 2 6 5 Publicauthority 10 hours Report dispatch Notice & Takedown Phishing Site 6 hours 8 hours Check whether phishing site existence Public authority shutdown phishing site Return to informer 10 hours 14 hours Phishing site alive less than 24 hours

  12. Statistics • There are 388instances since 2010Q4 • Phishing sites average uptime is 22.5 hours

  13. Uptime statistics by ISP

  14. Statistics percentage by ISP

  15. APNOW Statistics

  16. Notice & Takedown principles

  17. Instance analysis

  18. Collected phishing sites by country

  19. THANKS

More Related