partnerships, sub-regional cooperation and …...partnerships, sub-regional cooperation and national...
TRANSCRIPT
International Telecommunication Union
Partnerships, Sub-regional Cooperation and National Inter-Agency Coordination
OU Phannarith Head of CamCERT & Permanent Member of Cybercrime Law
Working Group Ministry of Posts & Telecommunications (MPTC)
ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill 9-11 | Lao Plaza | Vientiane | Lao PDR
!
International Telecommunication Union
ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill 9-11 | Lao Plaza | Vientiane | Lao PDR
Agenda
! Case Study and Challenges ! Conclusion
International Telecommunication Union
ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill 9-11 | Lao Plaza | Vientiane | Lao PDR
Case 1 – ID Theft (Email)
Lesson Learn
Local contact
Focal Point
Human Relation
Reporting Channel
International Telecommunication Union
ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill 9-11 | Lao Plaza | Vientiane | Lao PDR
Case 1 – ID Theft (Email)
Anatomy of Cooperation
CamCERT
Foreign CERT
Foreign Company
Company (US)
Report
Victim Account has been suspended in 12 hours
same country
International Telecommunication Union
ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill 9-11 | Lao Plaza | Vientiane | Lao PDR
Case 2 – Media (Web) Attack
Lesson Learn
Reporting Channel
Cooperation
Private Sector
Legal Issue Popular Cambodia’s News
Playing
Know-How
International Telecommunication Union
ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill 9-11 | Lao Plaza | Vientiane | Lao PDR
Case 2 – Media (Web) Attack
Anatomy of Cooperation
CamCERT
Law Enforcement
Free Proxy Service Com Victim
Technical
ISPs Log evidence
International Telecommunication Union
ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill 9-11 | Lao Plaza | Vientiane | Lao PDR
Case 3 – Anonymous Cambodia
#OpCambodia by Anonymous Philippine
The First Political motivated attack to Cambodia Government & Private Sector Websites
Note Happy with the result of ASEAN Meeting without issue any statement in its history
What is the Motivation?
International Telecommunication Union
ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill 9-11 | Lao Plaza | Vientiane | Lao PDR
Joint Circular Combating Telecom Fraud including ISPs & Tele Oper.
Case - #OpCambodia
National Police MPTC
CamCERT
Repo
rt
Con
firm
Victim Websites
Repo
rt/
Adv
isor
y
Evid
ence
Col
lect
ions
Philippine
Police
• Not ready in preparation
(ASEAN Meeting Website) • Good cooperation between
CamCERT & Police • The victims do not aware
that they attacked because of political motivated
• The administrators do not know how to secure their website in coding (go & come)
• Using Old CMS version • Hosting outside Cambodia • What is Log File? • Philippine do not have
National CERT Team
Challenges
International Telecommunication Union
ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill 9-11 | Lao Plaza | Vientiane | Lao PDR
Case 4 – Operation TPB2
#OpTPB2 (Gottfrid Arrest in Cambodia)
International Telecommunication Union
ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill 9-11 | Lao Plaza | Vientiane | Lao PDR
Government of Sweden
Case - #OpTPB2
Government of Cambodia
Arrested
Report
Notified
Advisory
Hacker Declare #OpTPB2 Against Cambodia Gov’t and Private Sector Websites.
CamCERT
Victim Websites
National Police
Attack
Resu
lt • Cambodia is part of
International Community • Cambodia is vulnerable in
the absent of law and expertises
• Poor coding practice • What is Log File? • Noting seriously leak • No Agreement with Sweden • Cambodia used Immigration
Law (with the Red Notice from Interpol) to deport him out of Cambodia
• Information sharing between CamCERT & National Police
Challenges
International Telecommunication Union
ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill 9-11 | Lao Plaza | Vientiane | Lao PDR
Inter-Agency In Cambodia
Agency Relevant in CyberCrime Issue
Council of Ministers
National ICT Development Authority
• Gov’t Security Policy and Standard
• Incident Management • Info. Security Cener
(ISC) • Law & Regulation • Awareness & Outreach • Local/Int’l Framework
CamCERT InfoSec
• Working on Drafting Cybercrime Law
• Many senior Governments officials and advisor
• Local & International Cooperation
• Awareness
CyberCrime Law
Samdech Hun Sen Prime Minister - Chairman
H.E. SOK An, Deputy Prime Minister in Charge
of Council of Ministers Deputy Chairman
H.E. Chun Vat Secretary General
MPTC (ISP, Telco Policy)
Min. Information (Media, TV, Newspaper)
Min. Defense (National Security)
National Police (Cybercrime Investigate)
Min. Justice (Judicial System)
Relevant Ministry / Supporting
International Telecommunication Union
ITU-IMPACT Regional CyberSecurity - Forum and CyberDrill 9-11 | Lao Plaza | Vientiane | Lao PDR
Conclusion
Building communities, working together & knowledge sharing is
the key to success
Mr. OU Phannarith Head of CamCERT Permanent Member of Cybercrime Law Working Group National ICT Development Authority OfNice of The Council of Ministers Email: phannarith-‐ou[at]nida.gov.kh