To Protect Key Strategic Resources and Critical Information Infrastructures

Timor-Leste national conference on Information and Communication Technology
(TL-ICT), May 4th-5th 2017
National CSIRT :
Todetection
Protect Key Strategic Resources and
Event Correlation for intrusion
Critical Information Infrastructures

system and service log
Afif Zainul Ihsan
Ferry Astika Saputra, S.T., M.Sc.

2110131058
Senior Lecturer of Computer Network Laboratory
Department of Informatics and Computer Engineering

Politeknik Elektronika Negeri Surabaya
Jawa Timur Indonesia 60111
Presentation Outline
Current condition of Indonesia Internet
The Facing Problem
Five Pillars of National CERT/CSIRT
Conclusion
2
The 3rd Timor-Leste National Conference on Information and Communication Technology 2017
Closer look of Indonesia Internet users
132.7 M Internet Users

of 256.2 M population
Penetration rate =51.8%

63.1 M users access from Mobile Phone
71.6 M Facebook(TM) users
81.8 M Google (TM) users
Source : survey by APJII 2016

3
Type of Accessed Content
71.6 M
Social Media 129.2 M / 97.4%
Entertainment 128.4 M / 96.8% Facebook

News 127.9 M / 96.4%
19.9 M
Education 124.4 M / 93.8% Instagram
Commercial 123.5 M / 93.1% 14.5 M
Public Service 121.5 M /91.6%
Youtube
4
Source
The:3survey by APJII
rd Timor-Leste 2016
National Conference on Information and Communication Technology 2017
Type of Accessed Content
Social Media 129.2 M / 97.4%
82.2 M OL
Entertainment 128.4 M / 96.8%
shop
News 127.9 M / 96.4% 45.3 M

Personal
Education 124.4 M / 93.8% Business
Commercial 123.5 M / 93.1% 1.5 M

others
Public Service 121.5 M /91.6%
5
Source The
: survey by APJII
3rd Timor-Leste 2016Conference on Information and Communication Technology 2017
National
Internet Infrastructures
Source : ditjen Penyelenggaraan Pos dan Informatika
It is a big..big..big Challenge for us !!!

6
Our Problems
Digital age -> Cyber attacks
One of the biggest market in the world ->
Great Hack $$$
Too many ISPs, Too many NAP -> complex
monitoring
Internet technology move fast -> Hacking
techniques growing rapidly -> law and
regularity gaps -> low law enforcement
Ten or more problems
7
But
We are not despairing with the current situation
Securing the Nations Cyber Infrastructure

is our first responsibility
Community/Independent Government
ID-CERT/CC ID-SIRTII/CC
8
National Policy
Infrastructure
Services
Research and Development with Universities
and Local Communities
Coordination with other National CSIRT and
International CSIRT
9
National Policy
Infrastructure
Services
International CSIRT
10
National Policy
1. Undang-Undang Nomor 36 tahun 1999 tentang
Telekomunikasi dan Aspek pengamanan
infrastruktur.
2. Peraturan Pemerintah Nomor 52 tahun 2000
tentang Penyelenggaraan Telekomunikasi
Critical Needed of National CSIRT/CC

11
National Policy
1. Peraturan Menteri Komunikasi dan Informatika Nomor
27/PER/M.KOMINFO/9/2006.
Tentang Pengamanan Pemanfaatan Jaringan Telekomunikasi Berbasis
Protokol Internet (IP-Based)
Tentang Pengamanan Pemanfaatan Jaringan Telekomunikasi Berbasis
Protokol Internet.
Perubahan Pertama PM KOMINFO 26/2007
Perubahan Kedua PM KOMINFO 26/2007
Perubahan Ketiga PM KOMINFO 26/2007
12
National Policy
1. Perdirjen Postel Nomor 227/Dirjen/2007
Pedoman Pelaksanaan Rekaman Transaksi
Koneksi (Logfile) dan Tata Cara Pelaporan Bagi
Penyelenggara Jaringan Telekomunikasi Berbasis
Protokol Internet
2. Perdirjen Postel Nomor 225 /Dirjen/2008
Tata Kelola Perangkat Deteksi Indonesia Security
Incident Response Team on Internet
Infrastructure
3. Perdirjen PPI tentang Time Server
13
Government
ID-SIRTII/CC
Vision
Build Indonesia Internet within safe, comfortable and conducive environment
Mission
Enhance Internet growth in Indonesia through security awareness campaign for
technology and information systems, supervise potential security incidents, support law
enforcement, and protecting cyber critical infrastructure.
Strategic Goals
1. Protect the nations cyber information infrastructure
2. Coordinate partnerships across sectors to achieve shared situational awareness
across the global cyber infrastructure
3. Respond to cyber incidents to minimize incidents and support recovery efforts
14
Government
ID-SIRTII/CC
Core Activities
1. Identify, research, and verify suspicious cyber activity;
2. Understand the nature of incidents and vulnerabilities, determine impacts
and set priorities;
3. Share timely and actionable information;
4. Build and maintain strong collaborative partnerships with public, private,
and international partners;
5. Identify, prioritize and escalate cyber incident response activities; and
6. Collaborate with partners to respond to and mitigate significant cyber
incidents.
15
ID-SIRTII Structure
Minister of ICT
Directorate General of
Ditjen Aplikasi Informatika
Inspection Board Advisory Board
Chairman
VC - Operation VC - Socialization VC - Data Center, VC Inter-Agency VC - Research

and Security and Public Affairs Appl & Database Collaborations and Development
Staff Staff Staff Staff Staff
with 40 Staff Employees
CONSTITUENCIES
ISPs
Law
Enforcement
NAPs
IXs
sponsor ID-SIRTII
Government
of Indonesia National
Security International
Communities/ CSIRTs/CERTs
Universities
National Policy
Infrastructure
Services
International CSIRT
18
Infrastructure
19
Infrastructure (update)
20
21
Infrastructure
DNS Monitoring
NTP Server
Connection Log Server
etc.
22
National Policy
Infrastructure
Services
International CSIRT
23
Cyber Security Response System
Create an architecture for responding to
national-level cyber incidents
Threat and Risk Analysis
Resilience, Mitigation, Remediation
Monitoring
Warning/Alert System
Incident Management
Response & Assistance
Cyber Security Awareness
24
Threat and Risk Analysis
Our primary concern is the threat of
organized cyber attacks capable of
causing debilitating disruption to our
Nations critical infrastructures,
economy, or national security
25
Resilience, Mitigation, Remediation
1. Secure the mechanisms of the Internet
a) Improve security and reliability of key protocols:
IP, DNS.
b) Routing: address verification, management.
2. Reduce and remediate software
vulnerabilities
3. Understand infrastructure interdependency
and improve physical security of cyber
systems and telecommunications
26
National Policy
Infrastructure
Services
International CSIRT
27
Conducting Digital Forensics and Malware
Analysis Laboratory
Security Awareness and Training
Program
1. Awareness for public, home/small business,
enterprises, universities, industrial sectors
and government
2. Developing more training & certification
program to combat a perceive workforce
deficiency.
29
Joint Research Between :
30
National Policy
Infrastructure
Services
International CSIRT
31
National Cyber Security Day
National Cyber Security Awareness Day, online
safety campaign
32
Incident Handling Exercises
Conducting National Cyber Incident Exercise
involving all stake holders and Constituencies
33
Regional and International
Coordination
Actively involved in Regional, International Drill
Test (ACID ASEAN, OIC, APISC and APCERT)
Conclusion
The Internet is a part of National Critical
Infrastructure
Government and National Cyber Community are
responsible for Securing National Cyberspace
There are five pillars of National CERT/CSIRT :
National Policy, Infrastructure, Services, Research and
Development with Universities and Local Communities,
Coordination with other National CSIRT and International
CSIRT
Educating and empowering the community
Participating in regional and international Internet
community activities
35
Thank You
Ferry Astika Saputra
Department of Informatics and Computer Engineering
Politeknik Elektronika Negeri Surabaya
Raya ITS Sukolilo Surabaya Indonesia 60111
ferryas@pens.ac.id

To Protect Key Strategic Resources and Critical Information Infrastructures

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

To Protect Key Strategic Resources and Critical Information Infrastructures

Uploaded by

Copyright:

Available Formats

Timor-Leste national conference on Information and Communication Technology

(TL-ICT), May 4th-5th 2017

Critical Information Infrastructures

Afif Zainul Ihsan

Ferry Astika Saputra, S.T., M.Sc.

Senior Lecturer of Computer Network Laboratory

Department of Informatics and Computer Engineering

Current condition of Indonesia Internet

The Facing Problem

Five Pillars of National CERT/CSIRT

132.7 M Internet Users

Penetration rate =51.8%

71.6 M Facebook(TM) users

81.8 M Google (TM) users

Source : survey by APJII 2016

Entertainment 128.4 M / 96.8% Facebook

News 127.9 M / 96.4% 45.3 M

Commercial 123.5 M / 93.1% 1.5 M

Source : ditjen Penyelenggaraan Pos dan Informatika

It is a big..big..big Challenge for us !!!

Securing the Nations Cyber Infrastructure

Critical Needed of National CSIRT/CC

Inspection Board Advisory Board

VC - Operation VC - Socialization VC - Data Center, VC Inter-Agency VC - Research

Staff Staff Staff Staff Staff

with 40 Staff Employees

You might also like