4.0 Achievements 4.1 Presentations

Various lectures were delivered by the staff of CERT-In in the national and international workshopsconferencesseminars. CERT-In participated in the following international seminarsconferences: • Botnet Task Force Conference held in Sydney in July 2007 • Blackhat Briefings, July 2007 • Internet Governance Forum meeting in Brazil in November 2007

4.2 Publications

The following white papers were published on website of CERT-In in the year 2007: 1. Analysis of defaced Indian websites year-2006 The primary objective of this paper is to present the detailed statistical analysis of defaced Indian websites during year 2006. In the year 2006 a total no. of 5211 Indian websites were defaced. 2. Analysis of Phishing Incidents year-2006 Phishing is a fast growing financial fraud prevailing across the globe. This document provides analysis of phishing incidents reported to CERT-In during the year 2006. The phishing incidents described in the document includes the cases in which either the phishing websites are hosted in India or domain registrant belongs to India. The document provides details on the incidents analyzed, targeted sectors, brands hijacked etc.

5.0 International collaboration

CERT-In is collaborating with international security organisations and CERTs to facilitate exchange of information related to latest cyber security threats and international best practices. CERT-In is general member of APCERT and member of FIRST.

5.1 MoUs:

CERT-In has signed MoUs with National Cyber Security Centre, Republic of Korea, JPCERTCC and National Computer Board, Mauritius for mutual cooperation in the area of cyber security.

5.2 Drills

• CERT-In participated in the ASEAN CERTs Incident Handling Drill ACID 2007 held on 16 th July 2007. • CERT-In participated in the APCERT International Incident Handling Drill 2007 held on 22 nd November, 2007. 6.0 Future PlansProjects The thrust is to make CERT-In the most trusted referral agency in the area of information security in 75 the country. CERT-In is focusing on following activities: • Building a network of CISOs of Critical Infrastructure Organisations and interacting with them to ensure security of the critical systems • Collaboration with IT product and security vendors to mitigate the vulnerabilities in various systems • Providing guidance for developing and augmenting sectoral CERTs • Cooperation with international CERTs and security organizations on information sharing and incident response • Promote Research and Development activities in the areas of Artifact analysis, Cyber Forensics and security training and awareness • CERT-In is developing a mechanism to issue advance warnings and alerts on cyber attacks and provide countermeasures by analysing Internet traffic patterns 76

N. VNCERT Activity Report 2007

Vietnam Computer Emergency Response Team – Vietnam

1. About CERT Introduction

VNCERT is an agency under Ministry of Information and Communications of Vietnam, established by decision of Vietnam’s Prime minister in December, 2005. In Vietnam, VNCERT is responsible for state management of information security area. Roles of VNCERT: - Coordinating all actions, awareness, resources for combating Network and IS attacks of all kind; - Promoting establishing a connective group of local CSIRTs; - Supporting lawgiver and policymaker to understand about cyber security better; - Cooperating comprehensively with international organizations and national CERTs of other country. Staff and structure VNCERT has four specialized divisions: division of operation, division of system technique, division of training consultancy, division of research developing. VNCERT also has two representative office, one in Hochiminh city and another in Danang city. Current number of employees in VNCERT is thirty three. 2. Incident reports and handling In 2007, the total number of serious incidents reported to VNCERT is 47, which has 19 incidents increase compared to 2006. Many reports are about website defacement and phishing: phishing incidents increased from 4 to 12, defacement incidents increased from 7 to 13. Almost phishing incidents related to finance, commonly forging banks to steal bank’s account , and they are reported from outside Vietnam. Number of incidents related to virus also go up, and so many viruses used USB for spreading. VNCERT works very actively in handling all incidents, especially incidents originated from Vietnam. In 2007, some DNS attacks also occurred. 77