H. SingCERT Activity Report 2007
Singapore Computer Emergency Response Team – Singapore
1.0 About SingCERT
1.1 Introduction The Singapore Computer Emergency Response Team SingCERT is a one-stop centre for
security incident response in Singapore. Besides providing assistance to its constituency in incident resolution and co-ordination, SingCERT also broadcasts security alerts, advisories and
security patches. To promote security awareness and to educate the general public, SingCERT organises frequent seminars, workshops and sharing sessions covering a wide range of security
topics.
1.1.1 Establishment SingCERT was set up in 1997 to facilitate the detection, resolution and prevention of security
related incidents on the Internet. SingCERT is a government funded national initiative and is managed and driven by the Infocomm Development Authority of Singapore.
1.1.2 Constituency SingCERT provides services primarily to the Singapore local constituency comprising of
companies and end users.
2.0 Activities Operations
2.1 Incident Trend For 2007, phishing and malicious software continued to be a concern. SingCERT handled on average
3 phishing incidents a month for FY07. SingCERT worked with our Internet Service Providers ISPs and other foreign CERTs to track down affected systems and users and informed them on how
to secure their systems.
2.2 Participation in events SingCERT participated in the APCERT Annual Drill 2007 and provided the IRC server that was
used for co-ordination and communication by the drill participants.
3.0 Events organised co-organised
3.1 Seminars and
Workshops In our continued efforts to keep our constituency updated on security trends and developments,
SingCERT organised 3 seminars and 2 workshops for the year 2007. 4.0 International Collaboration
4.1 Incident Drill
SingCERT planned and led the ASEAN CERT Incident Drill ACID 2007 which expanded its scope to include not only the 10 ASEAN member countries, but also the dialogue partners and
44
representative from Europe. The drill was conducted successfully and received good feedback from the participants.
5.0 Future Plans and Projects
SingCERT, together with MyCERT, will be organising the 3
rd
ASEAN CERT Incident Drill for the year 2008. Discussions are in progress to work out the scope and coverage.
45
I. ThaiCERT Activity Report 2007
Thai Computer Emergency Response Team – Thai
Year 2007 Review and Comparative Incident Statistics
Response to computer security’s incidents is the main mission of ThaiCERT. ThaiCERT has been receiving a number of security incidents since the year 2001 -- year of ThaiCERT
establishment -- and coordinated related organizations to resolve them. In the beginning, ThaiCERT only provides response service to government organizations, but since the advent of phishing cases
we expand our service to several private organizations concerning those cases in order to expedite the closing of their compromised cases.
150 355
389 400
453 342
378
50 100
150 200
250 300
350 400
450 500
2001 2002
2003 2004
2005 2006
2007 Year
C a
s e
s
Chart 1: Number of ThaiCERT’s handled incident in each year from 2001 to 2007. According to the number of incidents in each year since 2001 in Chart 1 shown above, in year 2007
the total incident cases have been decreased from previous years. From the number of incidents categorized by types in Table 1 shown below, the phishing cases have been rapidly increased. They
grew by 108 cases from year 2006 -- about 70-percent increase. On the contrary, malware computer virus, internet worm, etc. cases decreased to only 38 cases. Based on these data, one of possible
reasons that can explain this situation -- in an optimistic way -- is that many users, especially non-administrative users, become more aware of computer threats than before. Consequentially, they
might have improved their preparations to prevent those threats. The Chart 2 plotted from last table shown below depicts a clearer view.
46