221 security. To defend hacker intrusion and stop up security threats spreading, TWCERTCC works hard for safeguarding security and plays the contact agent for sharing the experiences on dealing Taiwan’s network security incidents with other CERTs. Expect to achieve the following goals: Year 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 Total 2874 1824 788 660 1087 679 1094 6666 8,126 140,250 15,150 Table 1. TWCERTCC incident response statistics 1 Possible incidents prevention: provide an incident response channel and the prevent mechanism for the victims to avoid analogous events happening. 2 Real-time incidents handling: offer an immediate warning and defense force to effectively restrain and control incidents extending. 3 Recovery support: provide technological consultant and support to recovery operation and reduce damage. Figure 1 TWCERTCC incident response classification statistics

2.2. Security Vulnerability Announcement

To promote system and network security and reduce damage from intrusion, TWCERTCC is devoted to strengthen services, to publish latest security issues, to provide security documentstools, vulnerability patch information and security related documents download, and actively research attackdefense technologies. 222 Table 2. TWCERTCC advisory statistics The major purpose of the establishment of the localized Vulnerability Database is to collect the information of software vulnerabilities and system weaknesses. The vulnerability database contains 49 categories and up to 29 thousands records. We will continuously invest manpower to maintain and update. The major categories are shown in Fig. 2. Figure 2. Categories of TWCERTCC Vulnerability Database

2.3. Spam Analysis Report

TWCERTCC handles and analyzes spam reported from online. Over five hundred millions of spam received in 2014 and originated from 87 countries. The geographic distribution of the spam sources is shown in Figure 3 and the amount of the spam over the year of 2014 in Figure 4. Year 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 Advisory 197 140 138 119 49 44 234 98 115 154 131 223 Figure 3 The geographic distribution of the spam sources. Figure 4 The amount of spam each month in 2014.

2.4. Anti-Phishing Now

TWCERTCC provides a phishing report service Anti-Phishing Now to stop phishing sites promptly and to prevent further personal privacy leakage. When a phishing site or a phishing web page injected to a victim website is found by a user, he can report the phishing site through the online service. TWCERTCC then informs the corresponding ISP and the domain owner for shutting down the phishing site. The phishing report service can be found in : http:www.apnow.twindex.cgi Unit ： One Hundred 224 3. Events organized co-organized 3.1. Information Security Training TWCERTCC provides a series of security trainingeducation for government agencies and industries to enhance and enrich their knowledge and capability on network and information security. The training course also gives people a channel to exchange information and hands-on practice related to security. By adopting e-learning, TWCERTCC education courses feature a synchronousasynchronous on-line learning, a flexible study schedule, and independence learning without timespace restriction to accommodation the different needs of the learners. TWCERTCC hosts security workshops and training regularly to raise the security awareness, to enhance security technical skills, and to build an information exchange and communication channel among internet users, administrators, and ISPs. Date Subject 2014514 Information Security Trend and Case Studying 201495 Critical Information Infrastructure Protection Table 3 list of TWCERTCC workshops and training courses in 2014 3.2. Drill TWCERTCC supports TANet Taiwan Academic Network to operate an incident handling drill in the fourth quarter of 2014. Total of 4,027 educational institutions and over ten thousands of security officers were involved in this drill program with a high completion rate of 100. 4. Achievements 4.1. The government and organizations recently pay much attention to information and communication security promotion and development. TWCERTCC has made great efforts to manage in security field many years for enhancing network safeguard to protect against the increasing intrusion and attack.  Enhance domestic network security 225 The main purpose of TWCERTCC is to provide assistance to handle the incidents regarding information and network security. By raising the attention of network community to security issues and conducting the research on computer systems, we manage to enhance the fail-safe systems of computers and networks, and proceed to prevent the incident beforehand. We disseminate system vulnerability information to raise the awareness of network security, identify and resolve the system vulnerabilities on various platforms, and work with security researchers to develop the prevention and protection techniques to improve the network security.  Encourage and coordinate incident response TWCERTCC is devoted to promote collaborative research and development on cyber security to reduce the loss caused from incidents. TWCERTCC plays a major communication agent for encourage and coordinating the exchanges and cooperation with domestic ISPs and international CERTs or CSIRTs to maintain global network security.  Security promotion TWCERTCC works to create an international workforce skilled in information assurance and survivability by developing curricula and training for executives, managers, engineers, network administrators and operators. Furthermore, TWCERTCC held seminars and education training programs to promote the importance of security awareness and to enhance the ability of security administrators in a proactive way. Such interactively training provides a great channel for information sharing as well as skill improvement.  Security training Recently frequent incidents encourage security awareness and professional demand. Personal training is the major work in technology development. TWCERTCC offers many introductory and advanced training for executive, managers, educators, engineers, cyber administratorsoperators and so on. TWCERTCC has trained many good talent of security field who are responsible for the security of information assets in different organizations. Hope to enhance domestic research and development capacity by mutual support and cooperation.  International relationship 226 TWCERTCC actively participates in international organizations and activities, and improves our capabilities and services. We have joined in FIRST, APCERT and Anti-spam MoU to be the international coordination in Taiwan to reinforce the information exchange and collaborations among all the other CERTs around the world. On account of the cooperation among the network security organizations, we expect to provide a secure and convenient network environment for the Internet users.

4.2. Publication