125 Although LaoCERT is a new organization and just become a member of APCERT in last year 2014, but we have coordinate to other CERT organizations for good relationship and cooperation.

5.1. MOD Minutes of Discussion

After MOD signed with Japan Emergency Response Team Coordination Center of Japan JPCERTCC on 19 th October 2012. LaoCERT, JPCERTCC and ThaiCERT organized The Basic Understanding of CSIRT and Incident Response Training held in Lao PDR.

5.2. MOU Memorandum of Understanding

Being signed the MOU with Thailand Computer Emergency Response Team ThaiCERT, Electronic Transaction Development Agency ETDA on July 2013. LaoCERT, JPCERTCC and ThaiCERT organized training course on RTIR and network forensics to exchanged information, knowledge and experience on IT Security held in Lao PDR in October 2013.

5.3. MoM Minutes of Meeting

By signing the second MoM with Ministry of Information and Communication, Socialist Republic of Vietnam VNCERT on 27 th October 2014 for collaboration on sharing CERT experiences and exchange knowledge of cyber security between the two countries. 6. Future Plans

6.1. Future projects

• Apply to be a member of FIRST Forum of Incident Response and Security Teams. • Finished the final drafting of cyber-crimes law and submitted to the National Assembly for approval by June of 2015. • Send LaoCERT’s technical quality staffs to the SANCEH cyber security professional course. • LaoCERT plan to have a CEH diploma or certificate in the field of cyber security. 126 • Request training course on TSUBAME Sensor in advance level from JPCERTCC. 7. Conclusion Since 2012, LaoCERT was established as a CERT organization in Laos, It has learned a lot of knowledge, experiences and has been assistance from the national CERTs such as: ITU, JICA, JPCERTCC, VNCERT, ThaiCERT…..for developing on capacity building of LaoCERT staffs. However, LaoCERT is willing to cooperate with national CERTs for good relationship and exchange information, knowledge, experiences, technical skill on cyber security to against with cyber-attack. 127 mmCERT Myanmar Computer Emergency Response Team – Myanmar 1. About CSIRT CERT

1.1. Introduction

Myanmar Computer Emergency Response Team mmCERT is a national computer emergency response team for handling cyber security incidents in Myanmar and it was a member of APCERT in 2011. mmCERT has been gradually known to Public, IT Companies, Financial Institutions, Government Organizations and Academic Service Centers in Myanmar. This 2014 annual report describes the operation and progress of mmCERTcc during last year.

1.1.1. Establishment

mmCERT was established as a national computer emergency response team in Myanmar on July 23 2004 and mmCERTcc mmCERT coordination center is strengthening on Dec 15 2010 . The Ministry of Communication and Information Technology MCIT is a leading Ministry of National Cyber Security Activities in Myanmar and it provides budget to mmCERTcc since then.

1.1.2. Workforce power

Members of mmCERTcc include from two ministries: MCIT and Ministry of Science and Technology MOST. The operation of mmCERTcc was directly managed by Myanmar Posts and Telecommunications MPT, MCIT and total eleven members worked for mmCERTcc last year. The number of members didn’t increase in 2014.

1.1.3. Constituency

mmCERTcc, a National CERT in myanmar is responsible for ensuring the cyber safety of all citizens as well as government and business organizations include Internet Service Provider, Financial Institution, Research and Education, Vendors and Economy. mmCERTcc has been enhancing for disseminating security information and advisories and providing technical assistance to constituencies. 128 Some government agencies, IT industries and service providers were closely dealing with mmCERT in 2014. 2. Activities Operations

2.1. Daily Security News

Daily Security News is posted on mmCERT website www.mmcert.org.mm for the purpose of raising the security awareness among the public. It is to accomplish one of the missions of mmCERT.

2.2. Weekly Email Newsletters

Every Friday, Weekly Email Newsletter was published and distributed to all local ISPs and constituencies starting from August 24, 2012 for the purpose of alerting the updated world-wide security news. These extracted resources are obtained as a member of APCERT and other security related information are from internet and security organizations.

2.3. Weekly Technical Article

mmCERT publishes Weekly Technical Article, written in myanmar for the purpose of promoting technical expertise and awareness to the IT persons. It is also posted on mmCERT website www.mmcert.org.mm since May 2013, on every Thursday.

2.4. Incident Handling Reports

The following graph shows the incidents that were solved by mmCERT in 2014. According to the results on incident analysis by mmCERTcc, Intrusion and Malicious cases were the most prominent incident cases in 2014. 129 130 2.5. Abuse Statistics 2.5.1. Abuse Statistics on TSUBAME Sensor Log Data