In CIO Vietnam Talkshow 40 Mr. Jim Fitzsimmons gave an interesting presentation about IT Security in Vietnam. There are some facts that are really bad.
Jim also proposed some framework of actions that will help fix the IT Security in businesses.
In the event, audience and speaker also discussed a lot about the trend in using online services such as email, server, application, etc and the matter of security when use these services.
Thank Jim and all the audience very much. We look forward to seeing you in the upcoming event
Link to download the presentation below
08448380779 Call Girls In Civil Lines Women Seeking Men
CIO Vietnam Talkshow 40th
1. The Failure of IT Security in Vietnam
And How an IT Compliance Program Can Help Companies Fix Their
Problems
2. Internet users: 41 million
44% of the population online
#18 in the world for number of internet users
#124 in the world for % of population online
copyright 2014 MF8 International, all rights reserved
VIETNAM &
THE
INTERNET
stats source: Internet World Stats 10.2014
VN image from Free Vector Maps
Total population: 93.4 million
#7 in selected Asia countries for % of population
online
#5 in selected Asian countries for number of
internet users
#121 in UN Human Development Index, a
Medium Human Development country
3. copyright 2014 MF8 International, all rights reserved
DIGITAL CITIES
ONLINE NATIONS
FUTURE STATES
source: Internet World Stats
4. #6 for email harvesting dictionary attacks
(projecthoneypot.org)
#3 source of spam in the world (spamrankings.
net) VNPT #2 network in world
#3 source of zombified botnet computers
(botnet-tracker.blogspot.com)
#8 in the world for Gameover Zues infections
(shadowserver.org) VNPT #5 network in world
copyright 2014 MF8 International, all rights reserved
VIETNAM &
INTERNET
SECURITY &
THE OTHER
FUTURE
STATES
#13 in the world for spam servers
(projecthoneypot.org)
#1 in the world for unpatched Stuxnet
vulnerability (kaspersky labs)
#1 in the world for active XP PCs (kaspersky
labs)
#18 source of DDOS attacks (akamai) #8 in last
24 hours 15/10/2014
THAILAND (20 MILLION
ONLINE) IS
SIGNIFICANTLY LOWER IN
ALL LISTS
THE PHILIPPINES (44
MILLION ONLINE) HARDLY
SHOWS UP IN THE SAME
RANKINGS
INDONESIA (70 MILLION
ONLINE) HAS PROBLEMS,
BUT NOTHING LIKE IN
VIETNAM
5. copyright 2014 MF8 International, all rights reserved
VIETNAM TELNET
PORT 23
COMMAND LINE
REMOTE ACCESS
SHOULD NEVER BE
USED OVER A PUBLIC
NETWORK
14,591
PHILIPPINES
NETBIOS
PORT 139
WINDOWS FILE SHARES
COMMON ATTACK
TARGET AND SHOULD
NEVER BE ACCESSIBLE
ON A PUBLIC NETWORK
721
VNC
PORT 5900
FULL SCREEN REMOTE
ACCESS TO A SERVER
REMOTE ACCESS ONLY
IF STRICTLY NECESSARY
AND WITH VPN, STRONG
AUTHENTICATION IN
PLACE 160
RDP
PORT 3889
FULL SCREEN REMOTE
ACCESS TO A WINDOWS
SERVER
REMOTE ACCESS ONLY
IF STRICTLY NECESSARY
AND WITH VPN, STRONG
AUTHENTICATION IN
PLACE 50
MSSQL
PORT 1433
MICROSOFT SQL
SERVER ACCESS
SHOULD NEVER BE
REMOTELY ACCESSIBLE
380
TELNET
PORT 23
COMMAND LINE
REMOTE ACCESS
2,094
NETBIOS
PORT 139
WINDOWS FILE SHARES
1,299
VNC
PORT 5900
FULL SCREEN REMOTE
ACCESS TO A SERVER
165
RDP
PORT 3889
FULL REMOTE ACCESS
TO A WINDOWS SERVER
94
MSSQL
PORT 1433
MICROSOFT SQL
SERVER ACCESS
195
6. copyright 2014 MF8 International, all rights reserved
WHY
VIETNAM?
WHAT ARE
THE ROOT
CAUSES?
NO ONE, INCLUDING IT
DEPARTMENTS, KNOW
WHAT IS GOING ON WITH
THEIR PCs & NETWORKS
SYSTEMS ARE NOT
CONFIGURED
CORRECTLY
NO ONE BOTHERS TO
UPDATE OLD &
UNLICENSED SOFTWARE
LACK OF
STANDARDS
FOR IT STAFF
MEANS A
FAILURE IN
SYSTEMS
ADMINISTRATION
7. copyright 2014 MF8 International, all rights reserved
HOW ARE
VIETNAMESE
BUSINESSES
AFFECTED?
LOWER STAFF
PRODUCTIVITY WITH
TIME LOST DUE TO
SLOW OR FAILED
COMPUTERS &
APPLICATIONS
IT INVESTMENTS
WASTED AS SYSTEMS
DO NOT PERFORM
WELL
IT DEPARTMENTS HAVE
TROUBLE SHOWING
VALUE TO THE
BUSINESS
COMPROMISED
COMPUTERS MEAN
THAT NO DATA IS
SECURE
8. Organize your IT team into roles &
responsibilities
Use policies to define the right technical and
administrative controls for your data
Develop a management plan to tie every policy
requirement to a role
Define compliance measurements for both
technology and the people responsible for it
copyright 2014 MF8 International, all rights reserved
FIXING THIS IS
MORE ABOUT
MANAGEMENT,
NOT JUST
TECHNOLOGY
THROWING MORE
PEOPLE AT THE
PROBLEM WONφT
FIX IT
Understand and document the information that
you need to manage & secure and which
business stakeholder owns it
Train IT staff to policy requirements
Work with HR to tie compliance accountability to
staff performance
Audit quarterly until results consistently
demonstrate compliance
HOW DO
BUSINESSES
START TO FIX
THE
PROBLEM?
12345678
9. PLANNING AN IT COMPLIANCE PROGRAM
copyright 2014 MF8 International, all rights reserved
Information
inventory &
ownership
Team roles &
responsibilities
Assess if existing
technology meet
policies
Develop policies
Resolve technology
& policy gaps
Train team on
policies
Match roles to
policies
Develop reporting
to information
owners
Link compliance to
HR performance
assessment
Establish
measurements for
policies
Publish policies
1st internal audit
Publish results to
information owners
Information owners
to review & approve
policies
11. copyright 2014 MF8 International, all rights reserved
Harvester
projecthoneypot.org
A harvester is a
computer program that
surfs the internet
looking for email
addresses. Harvesting
email addresses from
the Internet is the
primary way
spammers build their
lists.
Spam Server
projecthoneypot.org
A spam server is the
computer used by a
spammer in order to
send messages. Many
do not belong to the
spammers
themselves, but
instead are "zombies"
compromised by
viruses or other
malware.
Comment Spammer
projecthoneypot.org
Comment spammers
do not send email
spam. Instead,
comment spammers
post to blogs and
forums. These posts
typically include links
to sites being
promoted by the
comment spammer.
Dictionary Attacker
projecthoneypot.org
A dictionary attack
involves making up a
number of email
addresses, sending
mail to them, and
seeing what is
delivered.
Spamrankings.net
August 2014
VNPT #2 source in the
world
Botnet-Tracker
botnet-tracker.
blogspot.com
September 2014 data
Top 25 w/ suspected
botnet IPs
VNPT #5 in the world,
Viettel #13
Gameover Zeus
Infections
Shadowserver.org
VNPT #5 in world
Stuxnet Vulnerability
From Kaspersky,
known systems
vulnerable to infamous
stuxnet attack,
presumed to because
they run Windows XP
VN has 38.79% of the
world’s active XP
computers
Source of DDOS
Attacks
prolexic.com
All time data
(last 24 hours on
15.10.2014)
Targets in USA
VN 13 6 3 3 8 1 18 (8)
TH 16 23 20 38 10 8 12 (13)
PI 35 (28)
HK 20 38 (27)
SG 64 (43)
JN 15 7 3 3 (9)
KO 16 7 28 9 9 (3)
TW 19 17 14 15 19 1 19 (6)
MY 14 18 32 (24)
IN 23 15 7 2 17 (18)
12. copyright 2014 MF8 International, all rights reserved
Symantec Malicious
Activity by source
2012-13
symantec spam
zombies 2012-13
Symantec bot 2012-
13
Symantec web attack
origins 2012-13
Symantec network
attack origins
Symantec top 10 bot
by lifespan 2012-13
Symantec top 10
source of botnet spam
by location 2013
Countries most
affected by online
banking malware 2Q
2014 TrendMicro
Top spam sending
countries 2Q 2014
TrendMicro
Vietnam 6 6 10 5 7
Thailand
Philippine
s
8
HK
Singapore
Japan 5 6 6 10 1
South
Korea
7
Taiwan 4 4
Malaysia 9
Indonesia 4 2 7