84 Most complaint cases:  Hijacking of social media account FB, Twitter, etc  Hijacking of domain name  Deface  Phishing  Intellectual Property Rights  Malware  Network Incident  Spam  Brute force login Some difficulties in handling complaint:  Email is not valid  Telephone number is not valid  Address is not valid or changed address  Contact is third party which is not valid  Legallaw issues

2.2. Abuse Statistic

It is Incident Monitoring Report IMR, a joint monitoring activity that involve active constituents of ID-CERT by sending email copy of the incident complaint. No. Complaint Category Rating 1 Spam 51,78 2 Intellectual Property Right 24,14 85 3 Spam complaint 6,74 4 Network Incident Deface, DdoS attack, etc 6,61 5 SpoofingPhishing 4,67 6 Malware 4,57 7 Complaint respond 1,49 Spam: 86 Intellectual Property Rights: Spam complaint: 87 Network Incidents: 88 SpoofingPhishing: Malware: 89 Sample Phishing-Malware: Phishing-Malware case in government domain, with motives to target certain site, spread malware, create fake site phishing: 2014-09-26 11:10:21 CEST Upnil: unknown_html http:clg.utxao.bengk.go.id http:ebu.mhatr.bengk.go.id http:xjs.mhatr.bengkgo.id http:loadp.bengk.go.id Complaint respond: Potential Loss and Current Loss of Fraud reported in Indonesia:  Total loss January - March 2014: USD4.832,00 and Rp2.250.000,00  3 countries complained their citizen as victim: Saudi, Singapore, and France.  Item bought: wood, birth control devices which not standard and not in accordance with the agreement, bicycle, villahouse rent.  Communication media:  Via email 90  proceeded bank transfer  hijack company email account

2.3. New Service

Since March 2014, ID-CERT gives daily feed to DIKBUD Education and Cultural Ministry of cyber incident.

2.4. Etc

ID-CERT has issued 2 Security Alerts in 2014: OpenSSL Heartbleed http:www.cert.or.idindex-beritaidberita47 At April 13, 2014, ID-CERT received information from a valid source of vulnerabilities that exist in the version of OpenSSL 1.0.1 to 1.0.1f which can reveal the users sensitive information to the attacker. The impact of this vulnerability is a remote, unauthenticated attacker may be able to take sensitive information, such as secret keys. By using sensitive information, an attacker may be able to decrypt, spoof, or perform man-in-the-middle attack on the network traffic that would otherwise be protected by the OpenSSL. solution: - applying updates - Disable support for OpenSSL heartbeat - Another recommendation is to recompile OpenSSL with DOPENSSL_NO_HEARTBEATS falg. Bash http:www.cert.or.idindex-beritaidberita50 Product: Bash Publisher: SUSE Operating System: SUSE ImpactAccess: execute code remote commands unauthenticated Unauthorized Access - from an existing account Solution: Patch upgrade

3. Event