1

National Cybersecurity preparation to deal with Cyber Attacks

Dr. Chaichana MitrpantAssistant Executive Director,

Electronic Transactions Development Agency (ETDA)

2

Over all Internet usage in Thailand

- Computers 32 %

- Mobile devices

66.4%

- Home use 13.4%

- Commercial use 16.6%

- Social Network (persons) 14,142,620

(facebook)

e-Transaction1) e-Payment 4) e-Certificate

2) e-Trading & service 5) e-Medical record

3) e-Filing and e-Reporting

(e-Commerce = 56%, e-Auction = 44%)

“Analog” to “Digital” Era

“Trust on Cybersecurity”Challenges

3

Potential Attacks

1980: Physical Attack 1990: Network Attack

Physical attack is normally in the past 20-30 years.

Nowadays, it becomes Network attack.

4

Potential Attacks

2000s: Wireless

2000s: Application

In the past 10 years, the threat

is more complicate. The most

common is email phishing,

unauthorized wireless access and

attack via vulnerability of Web

Application.

5

Potential Attacks

2010s: Client-Side

2010s: Social Networking2010s: Client-Side (Malware)

Malware is usually transmitted via

PDF, Mobile Application and Social

Media Software

6

North Korea behind hacking attack in March, claims Seoul

South says computers in North were used for onslaught that wiped hard drives on PCs in

TV stations and disrupted banks

7

Current Situation of ThailandIn 2012, There were 772,938 IP

addresses of all IP numbers 8,559,616

(9%) of computers in Thailand that

compromised and malicious used as the

tools for DDoS attack.

In 2012, There were 534 websites

reported as fraudulent financial. From

January to March 2013, 707 websites

were attacked and change data

(Defacement). An approximately 50%

of this number was from the Institution.

8

Threats Statistics classified by TypeIn 2012, ThaiCERT received 792 incidents

9

Importance of National Cybersecurity

• No center of command• National agenda• Increasing number of security threats

10

Management approach to Cybersecurity

• Prime Minister's statement on 76/2555 on March 19, 2555 was

to establish the committee of the National Cyber security

having Prime Minister is the Chairman. (Assigned Deputy Prime

Minister Chalerm Yubamrung).

• Prime Minister assigned ETDA:

– To be Secretary of the National Cybersecurity in order to

– To Prepare a draft policy framework for National Cybersecurity /

Cybersecurity Master Plan for Thailand.

11

Stakeholders in Cyber Security

- Regulatory work

- Justice work

National

Cyber

Security

Economic

Stability

Military

Stability- National Defense

& Security Council

- Intelligence Work

- Facilities & Retaliation

- Ministry of Defence

& Army.

- National Defense

& Security Council

- Intelligence Work

- Facilities & Retaliation

- Ministry of Defence

& Army.

Social Peace

Strengthening Capacity & Raising Public Awareness

Center of Command

ThaiCERT & Other CERTs

Urgent

Need

12

Thailand Cybersecurity Policy

National Cyberecurity Committee (Prime Minister is Chairman)

(Draft) Thailand

Computer Crime

Act

(Second Edition)Prevention &

suppression.

ISO/IEC

27001:2005Driving Law

Compliance.

Develop

standard

according to

Electronic

Transactions Act

National BCPDevelop plan to

support the

availability of

emergency or

disaster. (Continue

from NESDB)

Security

Professional

StandardEnhance

professional skill /

Increase number

of Expert /

Compensation

Urgent tasks (Prepare and develop framework)

Other Messures

Infrastructure

to encourage.

- Sector-based

CERTs

- NRCA

- Government

Monitoring

- National

Archive

(e-Authen

tication)

Internal

Security

Operations

Command

National Security

Council

Policy/Promotion/ Regulator

คกก. นโยบายรักษา

ความปลอดภัยแห่งชาติ

คกก.คดีพิเศษ

ดูแลการดําเนินคดี

อาญาที่เป็นคดีพิเศษ

คกก.นโยบาย

ตํารวจแห่งชาติ

Royal Thai

Arm Force &

ศูนย์รักษา

ความปลอดภัย

คอมพิวเตอร์

Law Enforcement

Office of

Electronic

Transactions

Commission

Best Practices &

Guidelines - Use of Smart Phone

- Use of Social Network

- Privacy Policy

NBTC

NIA

Critical

Infrastructure

Group

Policy & Defense

13

Authority duties of National Cybersecurity

Committee

1. Develop policy and National CybersecurityModel Scheme

2. Set and develop guideline for measure, plan and cybersecurityprograms

3. Monitor and evaluate measures and plans according to the guideline

4. Provide progress, situation and risk analysis of cyber threats report to the Council of Ministers

5. Appoint subcommittees or working groups to support the operations

6. Coordinate with local and international cybersecurity

7. Other operations as assignment

14

(Draft) National Cybersecurity Policy Framework

PrimaryStrategic

1 Governance and Organizational Structure

2 Cybersecurity Emergency Readiness3 National Critical Information

Infrastructure Readiness

4 Public-Private Partnership5 Capacity & Capability Building

6 Legal Measures7 Research and Development8 International Cooperation

Secondary Strategic

15

2013 Working plan of National Cyberecurity1st Quarter 2nd Quarter 3rd Quarter 4th Quarter

Collaborate with

involved Agencies

Develop plan and

Workflow for

interoperability

when

incidents occurDevelop

Security

Framework

Build Public

Awareness

Incidents Drill

Practice

Setup

CERT as internal unit

for other organization

Capacity Building

National

Assessment

FIRST event

preparation