country updates on cyber security - itu: committed to ......–cyber security related training,...

ITU Cyber security Forum and

Cyber Drill9-11 December 2013 ,Lao Plaza Hotel, Vientiane, Lao PDR

Country updates on

Cyber Security ( Lao PDR )

By Khamla SounnalatDeputy head of LaoCERTMinistry of Posts and TelecommunicationEmail: [email protected]: www.laoCERT.gov.la

Contents

1. Background

2. Government policy

3. ITU recommendation

4. LaoCERT’s Full Operation plan

5. LaoCERT’s Services

6. Challenges

Copyright © 2013 LaoCERT All Rights Reserved 1

1. Background

Internet Providers in Laos


Name Wire Wireless

Lao Telecom Co (LTC) ADSL 3.5G (HSDPA)

Enterprise Telecom Lao (ETL) ADSL 3.5G (HSDPA)

Star Telecom Lao (Unitel) ADSL 3.5G (HSDPA)

VimpelCom Lao (Beeline) No 3.5G (HSDPA), WiMAX

Planet Online No WiMAX

Sky Telecom FTTH ( under planning )

http://www.laotel.com/http://www.etllao.com.la/http://www.unitel.com.la/http://www.beeline.la/ (http://www.tigolao.com)http://www.laopdr.com/http://www.laosky.com/

Internet subscribers


Type 2009 2010 2011 2012 2013

ADSL 13,200 15,600 18,800 25,000 40,000

FTTH 311 305 204 189 506

Leasedline

- 53 70 88 96

3.5G(HSDPA)

- - > 10,000 > 20,000 >50,000

There internet penetration in Laos is about 5% of population

Internet Services in Lao PDR

• PSTN and Mobile Statistics


Like other developing countries, the mobile penetration is growing rapidly.Mobile phone penetration is about 78% of Lao population

Laos' population was estimated at about 6,48 million in July 2011

93,786 95,867 97,768 99,413 135,676 150,362 157,000 140,921

1,230,030 1,450,100

2,022,133

3,366,760

4,139,056

5,480,851 5,678,000

4,606,720

-

1,000,000

2,000,000

3,000,000

4,000,000

5,000,000

6,000,000

2006 2007 2008 2009 2010 2011 2012 2013

PSTN Mobile

Lao PDR has experienced similar kinds of cyber-attacks affecting other countries in the region and other parts of the world. These include:

• Malicious software• DDoS attacks, port scanning, huge spamming attacks, phishing

scams, web defacement, web server hacking and email account hacking

• Attack against E-government website • Attack against DNS server • Attack against bank website• Attack against mail server of NOUL• Internal threat when using USB (memory stick)

7

Cyber Threats Affecting in Laos

Cyber Threats Cont’d

• DDos Attact Counts Distribution statistics


■ ■

■ ■

■ ■

■ TCP Fragment

Flood

ACK Flood UDP Flood

■ UDP Fragment

Flood

■ SYN Flood

SIP Flood SYN-ACK

Flood

■ HTTPS Flood ■ UDP Fragment

Abnormal

FIN/RST Flood DNS Reply

Flood

■ DNS Request

Flood

■ HTTP Flood

Attack Counts DistributionAttack Type Attack Count Percentage

1 DNS Request Flood 229 40.9%

2HTTP Flood 100 17.9%

3FIN/RST Flood 85 15.2%

4DNS Reply Flood 34 6.1%

5HTTPS Flood 34 6.1%

6UDP Fragment Abnormal 22 3.9%

7SIP Flood 21 3.8%

8SYN-ACK Flood 21 3.8%

9UDP Fragment Flood 5 0.9%

10SYN Flood 4 0.7%

11 ACK Flood 2 0.4%

12UDP Flood 2 0.4%

13

TCP Fragment Flood 1 -0.1%

Web defacement


Web Phishing


2.Government Policy

Government Policy

• Cyber Security is new issue for Lao PDR while Promoting

Information and Communication Technology (ICT) as an engine for

Social and Economic development, while avoiding negative impact,

• Establish legislations for governing and managing the development

and usage of ICT such as Cyber Crime and etc,

• Forward priority is capacity building to improve technical knowledge

• Established Lao Computer Emergency Response Team (LaoCERT)

under Ministry of Posts and Telecommunications as the contact point

to handle the incidents and issues of Computer and Internet security.


LaoCERT’s structure

• Ministry of Posts and Telecommunications


Min

istr

y o

f P

ost

s an

d

Tele

com

mu

nic

atio

ns

Department of communication SecurityDepartment of Information Technology

Department of Telecommunication

Department of Post

Department of Planning and cooperation

Department of Finance

Department of Inspection

Administrative office

Institute of Post and TelecommunicationInformation Technology Research Center

Lao National Internet Center Lao Computer Emergency Response Team (LaoCERT)

E-government Center

(Local) Department of Posts and Telecommunication

LaoCERT’s Structure


Lao Computer Emergency Response Team (LaoCERT)

Legislation and Standard Unit

Internal and External

Cooperation UnitTechnical Unit

Research and Development

Unit

Administrative Unit

• LaoCERT was established on February, 2012 by degree 220/MPT

• Now, LaoCERT is under Lao National Internet Center and used the facilities

of LANIC.

3. ITU Recommendation

ITU Recommendations to established LaoCERT


ITU-IMPACT Recommendations


ITU-IMPACT Recommendations


• LaoCERT Plan divide to 4 Phases

Phase 2 Reactive

Phase 3 Proactive

Phase 1Capacity Building

Phase 4 Security quality

Management

LaoCERT Capacity Building

Network Security Training Activities in LaoCERT, Vientiane, LaoPDR FY.2012-13


LaoCERT Capacity Cont’d

ITU delegates visited LaoCERT and Plan to held Cyber Drill for ASEAN in Laos, December, 2013


LaoCERT Capacity Cont’d

JPCERT/ThaiCERT organized training course on Network Forensic for LaoCERT staffs 1-3

Oct 2013, Vientiane, Laos.


4.LaoCERT Full Operation Plan

LaoCERT’s Target

• LaoCERT Plan to full operation in next year (2014)


Stage 1 Education

Stage 2 PlanningStage 3

ImplementationStage 4

OperationStage 5

Collaboration

After, successful action plan 24

months ( within 2014 ) LaoCERT

will be a national CERT of Laos and

under the Ministry of Post and

Telecommunications.

LaoCERT’s road map

5.LaoCERT’s Services

LaoCERT web page

www.laoCERT.gov.la

27

for Internal:

- Central Coordination,

- Incident Handling,

- Security Advisories,

- Alert warning,

-Awareness arising

for External:

-Collaboration and coordination with international

CIRT, such as ITU-IMPACT, JPCERT;

VNCERT; CamCERT; ThaiCERT; etc.

- Joint international CIRT organization such

and APCERT, FIRST etc.

LaoCERT Mission

LaoCERT’s Services


Reactive Services Proactive Services Security Quality management services

• Incident handling• Vulnerability handling

• Alert and advisory• Anti DDos Attack System

( Technology watching )

• Information securityawareness building

• Information security Capacity building for government’s IT staffs

( Education )

( Incident Handling )

6.Challenges of LaoCERT

Challenges of LaoCERT

• Capacity Building

– Not enough cyber security workforce and certified professionals

– Cyber security related training, conference and education program

• Implementation based on ITU Recommendation

– Knowledge and skills to Implement secure Network infrastructure

– Incident handling system (IR)

• LaoCERT’s Plan for full Operation Next year 2014

– Law enforcement capacity to fight cybercrime



Thank you very much

Q & A

country updates on cyber security - itu: committed to ......–cyber security related training,...

Documents