171 iii. Successfully handle high profile incidents such as Advanced Persistence Threat APT attacks, Trojans, and mobile phone malware; iv. Automate the incident response processes; and v. Launched Cyber999 Mobile Apps for Internet users to report incidents.

2.2. Malware Research Centre MRC

MyCERT also manages the CyberSecurity Malaysia Malware Research Centre MRC launched on December 2, 2009. The centre operates a distributed research network for analysing malware and computer security threats. Collaboration with trusted parties and researchers in sharing cyber threat research information provides opportunity to strengthening and understanding the threats. Among the activities of the MRC are as follows: i. Conduct research and development work in mitigating malware threats; ii. Produce advisories and reports related to the latest threats; iii. Monitor threats via the distributed Honeynet project; and iv. Collaborate in malware research with Universities, CERTs and international organizations.

2.3. Constituency

MyCERT’s constituency is the Malaysian Internet Users. Incidents within Malaysia that have been reported either by the Malaysian public or international organizations will be resolved by assisting on technical matters. If the reported case involves international connection, MyCERT will request trusted parties in that particular country or constituency to assist in resolving the security issues. 2.4. MyCERT’s Activities Operation 2.4.1. Incident handling reports and abuse statistics MyCERT receives reports from various parties within its constituency as well as foreign correspondents. These include home users, private sectors, government sectors, security teams from abroad foreign CERTs, Special Interest Groups, as well as internal proactive monitoring by CyberSecurity Malaysia staff. In 2014, MyCERT has produced the following cyber threat notifications: i. 38 Advisories ii. 32 Alerts The specific list of the advisory, alerts and summary reports can be viewed at: 172 http:www.mycert.org.myenservicesadvisoriesmycert2014mainindex.html MyCERT under its Cyber999 service has successfully resolved more than 98 out of 11,918 incidents reported, an increase of 12 incidents reported compared to the year 2013. The bulk of the reported incidents was related to Fraud 37.6 and followed by Spam 30.6 and Intrusion Attempt 10.9. Other significant cases reported, according to the percentage of report were Intrusion 9.4, Malicious Codes 6 and Cyber Harassment 4.6. The figures below show the reported cases handled by MyCERT for the year 2014: Figure 1: Reported Incidents handled by MyCERT in 2014 Further information on Cyber999 statistics can be viewed at: http:www.mycert.org.myenservicesstatisticmycert2014maindetail949in dex.html

2.5. MyCERT’s Events Involvement And Achievements

MyCERT has actively participated in providing support for IT security events by attending various trainings, seminarsconferences and meetings. MyCERT members contributed their expertise in the following events: 173

2.5.1. Cyber Drills

MyCERT is the organizer of the OIC-CERT Cyber Drill. This international exercise was conducted on June 4, 2014. The objective of the drill is to test the communication channels, procedures in handling contingencies and the technical capabilities of participating teams in handling cyber incidents. Thirteen 13 CERT teams from twelve 12 countries had participated in the exercise. Besides the OIC-CERT Cyber Drill, MyCERT has also involved in three 3 other international Cyber Drills, namely: i. APCERT Drill 19 th February 2014; ii. IMPACT International Cyber Exercise 13 th May 2014; and iii. ASEAN CERT Incident Drill – ACID 24 th September 2014.

2.5.2. Trainings

Several workshops or hands-on training were conducted by MyCERT in year 2014 which includes: i. Incident Handling and Network Security IHNS Training for Private and Government Sectors; ii. Incident Handling and Network Security IHNS Training for Nigeria CSIRT; and iii. Workshop on Cyber999 Customer Relations Management CRM System for local Law Enforcement Agencies LEA.

2.5.3. Presentations

MyCERT has been invited to give talk at various international conferences or seminars. Among the distinguished events were: i. Artificial Intelligence Computer ScienceAICS 2014, Bandung, Indonesia, 15 September – 16 September 2014; ii. APCERT AGM Conference 2014, Taipei, Taiwan, 18 – 21 March 2014; iii. National CSIRT Meeting 2014, Boston, USA, 28 – 29 June 2014; iv. OIC-CERT Annual Conference and AGM 2014, Bandar Seri Begawan, Brunei, 20 – 22 October 2014; and v. Tokyo International Conference on Engineering and Applied ScienceTICEAS 2014, Tokyo, Japan, 17 – 19 December 2014.

2.5.4. Tools Developed

174 i. Cyber999 Mobile Application for Android and iOS Apple; ii. Android Sandbox; and iii. HeartBleed Verification Site.

2.5.5. Paper Publication

MyCERT had contributed to the cyber community by providing few articles in various publications: i. Title: Automated Enhancement Tool for Malware Incident Handling; Published: Artificial Intelligent Computer System AICS 2014; Proceedings. ii. Title: Automating Big Data Analysis: Malaysia CERT Experience; Published: Proceeding of the Tokyo International Conference on Engineering and Applied Sciences 2014.

2.5.6. Social Media

Technological advancement through social media has provided invaluable tool for MyCERT to disseminate information across a wide audience. MyCERT through Facebook account https:www.facebook.commycert.org.my had gathered 1,782 likes and 947 followers at MyCERT Twiiter account https:twitter.commycert. Being the technical reference centre of the country, MyCERT has been invited by the media organizations for radio and television interview on cyber security related matters. 3. INTERNATIONAL COLLABORATION The Malaysian National Cyber Security Policy identified International Cooperation as one of the areas in enhancing cyber security. In line with this, CyberSecurity Malaysia has been actively involved in establishing collaborative relationships with foreign parties.

3.1. Working Visits

CyberSecurity Malaysia made several working visits to various international organizations to further enhance the country’s cyber security condition. The objective of the visit is to seek potential collaboration in knowledge exchange. Among the visits are: 175 i. University of Oxford e-Research Center; ii. University of Surrey; iii. Trend Micro CSIRT, Taiwan; iv. Myung Information Technologies Co. Ltd MIT Korea; and v. CERT-UK. CyberSecurity Malaysia also received several working visits from foreign organizations who have the similar objectives, such as from: i. International IT University, Kazakhtan; ii. The Republican State Enterprise Technical Service. Kazakhtan; iii. Ministry of Awdaf and Islamic Affairs, Kuwait; and iv. Organization of the Islamic Cooperation, Saudi Arabia

3.2. Memorandum of Understanding MoU