166
3.2. Drills
In 2014 MonCIRT cannot organize local network security drill-IV due to financial limitation and economic crisis.
3.3. Seminars
In order to create awareness and build Network Security skills within the constituency MonCIRT conducted the following conferences, seminars successfully:
a. MonCIRT was one of the partner in organization of ICTPA expo 2014 and participated in conference dedicated to this event. The governing board
director of MonCIRT prof Khaltar Togtuun was one of key speaker of this conference.
b. With sponsorship of Security Solution Service LLC and National Data Center organized annual “Security Open Day Mongolia 2014” and “Kharuul Zangi
2014” the ethical hacking contest in August.
4.
Achievements
4.1. Presentations
MonCIRT’s board director participated and presented in local conferences as key speakers. In these conferences they have presented following presentations:
a. Conducted presentations during the Annual “Security Open Day” 2014 conference on themes “Modern APTs and how to combat with them”.
Lectures and presentations have been made by members of MonCIRT in various workshops and seminars conducted in the country.
4.2. Publications
The MonCIRT published 9 advisories and 36 vulnerability notes in 2014. Among the criteria for developing an advisory are the urgency of the problem, potential
impact of intruder exploitation, and existence of a software patch or workaround. On the day of release, we send advisories to a mailing list of MOSA and network
administrators mailing list. MonCIRT Security Practices
167 MonCIRT security practices are easy-to-implement guidance for experienced
system administrators. The practices are technology-neutral, so they apply to many operating systems and platforms. Practices available in the repository of MonCIRT.
Other Security Information The MonCIRT captures lessons learned from handling incidents and vulnerability
reports and makes them available to users of the Internet through a web site archive of security information. These include answers to frequently asked
questions and tech tips for systems administrators.
4.3. Certification Membership
No Certification and Memberships obtained in 2014:
5.
International and Domestic Collaboration
5.1. MoU
We offered to sign MOU with National Cyber Security Authority on close cooperation and information sharing and waiting for positive reply.
5.2. Event participation
Our representative participated in 3d specialized conference “Protection of Industrial Networks - SAINT-PETERSBURG 2014” held in Saint Petersburg,
Russia in 26-27 November.
5.3. International incident coordination
Upon request of some security companies from Europe, Italian and Poland CERTs we handled incidents related to 6 phishing web sites installed illegally in
Mongolian web servers.
6.
Future Plans
6.1. Future projects
We now working on development of all necessary documents, handbooks of CSIRT in Mongolian language. In addition our experts will train staffs of expected MoD
168 CERT. Also the General Authority for Border Protection GABP expresses interest
to implement project on creation of CSIRT within GABP in 2015.
6.2. Future plan