125 Although LaoCERT is a new organization and just become a member of APCERT in
last year 2014, but we have coordinate to other CERT organizations for good relationship and cooperation.
5.1. MOD Minutes of Discussion
After MOD signed with Japan Emergency Response Team Coordination Center of Japan JPCERTCC on 19
th
October 2012. LaoCERT, JPCERTCC and ThaiCERT organized The Basic Understanding of CSIRT and Incident Response Training held
in Lao PDR.
5.2. MOU Memorandum of Understanding
Being signed the MOU with Thailand Computer Emergency Response Team ThaiCERT, Electronic Transaction Development Agency ETDA on July 2013.
LaoCERT, JPCERTCC and ThaiCERT organized training course on RTIR and network forensics to exchanged information, knowledge and experience on IT
Security held in Lao PDR in October 2013.
5.3. MoM Minutes of Meeting
By signing the second MoM with Ministry of Information and Communication, Socialist Republic of Vietnam VNCERT on 27
th
October 2014 for collaboration on sharing CERT experiences and exchange knowledge of cyber security between the
two countries.
6.
Future Plans
6.1. Future projects
• Apply to be a member of FIRST Forum of Incident Response and Security
Teams. •
Finished the final drafting of cyber-crimes law and submitted to the National Assembly for approval by June of 2015.
• Send LaoCERT’s technical quality staffs to the SANCEH cyber security
professional course. •
LaoCERT plan to have a CEH diploma or certificate in the field of cyber security.
126 •
Request training course on TSUBAME Sensor in advance level from JPCERTCC.
7.
Conclusion Since 2012, LaoCERT was established as a CERT organization in Laos, It has
learned a lot of knowledge, experiences and has been assistance from the national CERTs such as: ITU, JICA, JPCERTCC, VNCERT, ThaiCERT…..for developing on
capacity building of LaoCERT staffs. However, LaoCERT is willing to cooperate with national CERTs for good relationship and exchange information, knowledge,
experiences, technical skill on cyber security to against with cyber-attack.
127
mmCERT Myanmar Computer Emergency Response Team – Myanmar
1.
About CSIRT CERT
1.1. Introduction
Myanmar Computer Emergency Response Team mmCERT is a national computer emergency response team for handling cyber security incidents in Myanmar and it
was a member of APCERT in 2011. mmCERT has been gradually known to Public, IT Companies, Financial Institutions, Government Organizations and Academic
Service Centers in Myanmar. This 2014 annual report describes the operation and progress of mmCERTcc during last year.
1.1.1. Establishment
mmCERT was established as a national computer emergency response team in Myanmar on July 23 2004 and mmCERTcc mmCERT coordination center is
strengthening on Dec 15 2010 . The Ministry of Communication and Information Technology MCIT is a leading Ministry of National Cyber Security Activities in
Myanmar and it provides budget to mmCERTcc since then.
1.1.2. Workforce power
Members of mmCERTcc include from two ministries: MCIT and Ministry of Science and Technology MOST. The operation of mmCERTcc was directly
managed by Myanmar Posts and Telecommunications MPT, MCIT and total eleven members worked for mmCERTcc last year. The number of members didn’t
increase in 2014.
1.1.3. Constituency
mmCERTcc, a National CERT in myanmar is responsible for ensuring the cyber safety of all citizens as well as government and business organizations include
Internet Service Provider, Financial Institution, Research and Education, Vendors and Economy. mmCERTcc has been enhancing for disseminating security
information and advisories and providing technical assistance to constituencies.
128 Some government agencies, IT industries and service providers were closely
dealing with mmCERT in 2014.
2.
Activities Operations
2.1. Daily Security News
Daily Security News is posted on mmCERT website www.mmcert.org.mm for the purpose of raising the security awareness among the public. It is to accomplish one
of the missions of mmCERT.
2.2. Weekly Email Newsletters
Every Friday, Weekly Email Newsletter was published and distributed to all local ISPs and constituencies starting from August 24, 2012 for the purpose of alerting
the updated world-wide security news. These extracted resources are obtained as a member of APCERT and other security related information are from internet and
security organizations.
2.3. Weekly Technical Article
mmCERT publishes Weekly Technical Article, written in myanmar for the purpose of promoting technical expertise and awareness to the IT persons. It is also posted
on mmCERT website www.mmcert.org.mm
since May 2013, on every Thursday.
2.4. Incident Handling Reports
The following graph shows the incidents that were solved by mmCERT in 2014. According to the results on incident analysis by mmCERTcc, Intrusion and
Malicious cases were the most prominent incident cases in 2014.
129
130
2.5. Abuse Statistics 2.5.1. Abuse Statistics on TSUBAME Sensor Log Data