166

3.2. Drills

In 2014 MonCIRT cannot organize local network security drill-IV due to financial limitation and economic crisis.

3.3. Seminars

In order to create awareness and build Network Security skills within the constituency MonCIRT conducted the following conferences, seminars successfully: a. MonCIRT was one of the partner in organization of ICTPA expo 2014 and participated in conference dedicated to this event. The governing board director of MonCIRT prof Khaltar Togtuun was one of key speaker of this conference. b. With sponsorship of Security Solution Service LLC and National Data Center organized annual “Security Open Day Mongolia 2014” and “Kharuul Zangi 2014” the ethical hacking contest in August. 4. Achievements

4.1. Presentations

MonCIRT’s board director participated and presented in local conferences as key speakers. In these conferences they have presented following presentations: a. Conducted presentations during the Annual “Security Open Day” 2014 conference on themes “Modern APTs and how to combat with them”. Lectures and presentations have been made by members of MonCIRT in various workshops and seminars conducted in the country.

4.2. Publications

The MonCIRT published 9 advisories and 36 vulnerability notes in 2014. Among the criteria for developing an advisory are the urgency of the problem, potential impact of intruder exploitation, and existence of a software patch or workaround. On the day of release, we send advisories to a mailing list of MOSA and network administrators mailing list. MonCIRT Security Practices 167 MonCIRT security practices are easy-to-implement guidance for experienced system administrators. The practices are technology-neutral, so they apply to many operating systems and platforms. Practices available in the repository of MonCIRT. Other Security Information The MonCIRT captures lessons learned from handling incidents and vulnerability reports and makes them available to users of the Internet through a web site archive of security information. These include answers to frequently asked questions and tech tips for systems administrators.

4.3. Certification Membership

No Certification and Memberships obtained in 2014: 5. International and Domestic Collaboration

5.1. MoU

We offered to sign MOU with National Cyber Security Authority on close cooperation and information sharing and waiting for positive reply.

5.2. Event participation

Our representative participated in 3d specialized conference “Protection of Industrial Networks - SAINT-PETERSBURG 2014” held in Saint Petersburg, Russia in 26-27 November.

5.3. International incident coordination

Upon request of some security companies from Europe, Italian and Poland CERTs we handled incidents related to 6 phishing web sites installed illegally in Mongolian web servers. 6. Future Plans

6.1. Future projects

We now working on development of all necessary documents, handbooks of CSIRT in Mongolian language. In addition our experts will train staffs of expected MoD 168 CERT. Also the General Authority for Border Protection GABP expresses interest to implement project on creation of CSIRT within GABP in 2015.

6.2. Future plan