cert-gov-md: cyber security in moldova: challenges and responses
DESCRIPTION
Denis Sapovalov Information Security Manager, S.E. CTSTRANSCRIPT
![Page 1: CERT-GOV-MD: Cyber Security in Moldova: Challenges and Responses](https://reader034.vdocuments.us/reader034/viewer/2022052321/555b084cd8b42ae0418b4d78/html5/thumbnails/1.jpg)
![Page 2: CERT-GOV-MD: Cyber Security in Moldova: Challenges and Responses](https://reader034.vdocuments.us/reader034/viewer/2022052321/555b084cd8b42ae0418b4d78/html5/thumbnails/2.jpg)
CYBER SECURITY IN GOVERNMENT:
COOPERATIVE TRUST BUILDING
MEASURES
Center for Special Telecommunications S.E.
Cyber Security Center CERT-GOV-MD
CHISINĂU,
OCTOBER 3rd 2013
DENIS SAPOVALOV
![Page 3: CERT-GOV-MD: Cyber Security in Moldova: Challenges and Responses](https://reader034.vdocuments.us/reader034/viewer/2022052321/555b084cd8b42ae0418b4d78/html5/thumbnails/3.jpg)
WHO WE ARE?
Cyber Security Center CERT-GOV-MD Governmental Computer
Emergency Response Team Republic of Moldova.
The CERT-GOV-MD was created by the Government Decision nr.
746 of 18.08.2010 and primarily deal with incidents that happen in
informational and telecommunication system of public
administration authorities (AS25319 and AS39279).
![Page 4: CERT-GOV-MD: Cyber Security in Moldova: Challenges and Responses](https://reader034.vdocuments.us/reader034/viewer/2022052321/555b084cd8b42ae0418b4d78/html5/thumbnails/4.jpg)
OUR MISSION
Provide a single point of contact:
Assist the constituency and citizens in preventing and handling
computer security incidents
Coordinate response to large-scale incidents
Share data and knowledge
![Page 5: CERT-GOV-MD: Cyber Security in Moldova: Challenges and Responses](https://reader034.vdocuments.us/reader034/viewer/2022052321/555b084cd8b42ae0418b4d78/html5/thumbnails/5.jpg)
HOW CERT WORKS?
www.md
![Page 6: CERT-GOV-MD: Cyber Security in Moldova: Challenges and Responses](https://reader034.vdocuments.us/reader034/viewer/2022052321/555b084cd8b42ae0418b4d78/html5/thumbnails/6.jpg)
QUESTIONNAIRE: AWARENESS
0 5 10 15 20 25 30 35 40 45
Yes
No
Don't know
Credeți că organizația dumneavoastră poate
fi ținta unui atac cibernetic în următoarele 6
luni? (%)
![Page 7: CERT-GOV-MD: Cyber Security in Moldova: Challenges and Responses](https://reader034.vdocuments.us/reader034/viewer/2022052321/555b084cd8b42ae0418b4d78/html5/thumbnails/7.jpg)
QUESTIONNAIRE: WHO TO CALL?
Always
60%
Frequent
30%
Rare
10%
În cazul în care organizația dumneavoastră ar fi
ținta unui atac cibernetic, cât de probabil este să
solicitați suportul CERT-GOV-MD? (%)
Always Frequent Rare
![Page 8: CERT-GOV-MD: Cyber Security in Moldova: Challenges and Responses](https://reader034.vdocuments.us/reader034/viewer/2022052321/555b084cd8b42ae0418b4d78/html5/thumbnails/8.jpg)
CHALLENGES
Lack of national cyber security strategy and legal framework in cyber crime;
No legal enforcement of reporting to coordination contact point exists;
Lack of systematic approach at national level;
Lack of mandatory cyber security baseline system (ISMS) and institutionalized procedures addressing risk management methodology in public authorities;
Weak (none) awareness on cyber security importance, risks, protection methods, risk minimization etc. of the entire variety of target segments in the society.
![Page 9: CERT-GOV-MD: Cyber Security in Moldova: Challenges and Responses](https://reader034.vdocuments.us/reader034/viewer/2022052321/555b084cd8b42ae0418b4d78/html5/thumbnails/9.jpg)
ATTACKS
Brute Force Attack (Using Password List)
Website Defacement
DDoS Attacks
Phishing
Targeted Email Attack
![Page 10: CERT-GOV-MD: Cyber Security in Moldova: Challenges and Responses](https://reader034.vdocuments.us/reader034/viewer/2022052321/555b084cd8b42ae0418b4d78/html5/thumbnails/10.jpg)
SOLUTIONS
Alerts & Warnings (Security Advisories)
Guides & Best Practices
Incident Handling
Major Incidents
Monitoring
Network
Email Protection
IPS/IDS – eServices Protection
Risk Mitigation
TOP 3 Attack type on eServices:
Exploits:
MS-SQL: Slammer-Sapphire Worm (25)
SipVicious Brute Force SIP Tool (1569)
HTTP: Acunetix Security Scanner (220)
Reconnaissance :
FPSE: author.dll/exe Access (4)
IP: Short Time To Live (15443)
TCP: Port Scan (90678)
Vulnerabilities:
HTTP: IIS Extended Unicode Directory Traversal (86)
iSCSI: Linux Kernel iSCSI Buffer Overflow Vulnerability (48)
DNS: Suspicious Localhost PTR Record Response (132)
![Page 11: CERT-GOV-MD: Cyber Security in Moldova: Challenges and Responses](https://reader034.vdocuments.us/reader034/viewer/2022052321/555b084cd8b42ae0418b4d78/html5/thumbnails/11.jpg)
CHANGES FOR YOU!
![Page 12: CERT-GOV-MD: Cyber Security in Moldova: Challenges and Responses](https://reader034.vdocuments.us/reader034/viewer/2022052321/555b084cd8b42ae0418b4d78/html5/thumbnails/12.jpg)
LOCAL & INTERNATIONAL COOPERATION
Cooperation with NATO
Cooperation with other CERTS
Cooperation with security companies
CERT-GOV-MD Listed in Trusted Introducer Database in 2013
CTS became LIR in 2013
Cooperation with Law Enforcement Agencies
Cooperation with SIS
Cooperation with MTIC
Cooperation with ISPs
![Page 13: CERT-GOV-MD: Cyber Security in Moldova: Challenges and Responses](https://reader034.vdocuments.us/reader034/viewer/2022052321/555b084cd8b42ae0418b4d78/html5/thumbnails/13.jpg)
REPORTING
INCIDENTS
MATTERS!
You may not be the one affected
Other’s solution may work for you as well
Your solution may work for others
CERT-GOV-MD acts as focal point
Make it possible!
![Page 14: CERT-GOV-MD: Cyber Security in Moldova: Challenges and Responses](https://reader034.vdocuments.us/reader034/viewer/2022052321/555b084cd8b42ae0418b4d78/html5/thumbnails/14.jpg)
THANK YOU!
Questions?