superintendencia de telecomunicaciones de ecuador · 2014-02-24 · first/tf-csirt technical...

Superintendencia de Telecomunicaciones de Ecuador

EcuCERT

FIRST/TF-CSIRT Technical Colloquium

Zurich 2014

Ecuador

LANGUAGE: SPANISHPOPULATION: AROUND 16’ ITS POSTITION IS 66 IN THE WORLDSIMILAR TO NETHERLANDS 65 IN THE WORLD

AREA: 256,370 KM2 , IT`S POSITION IS AROUND 80 IN THE WORLD SIMILAR TO UNITED KINGDOM SIMILAR TO NEW ZELAND

1 2 34

Galápagos - Islands

Coast – Pacific Ocean

Los Andes – Highlands

Amazon – Rain Forest

Cities - Quito

Cities - Guayaquil

Cities - Cuenca

People of Ecuador

FAIR PLAY

Superintendencia de Telecomunicaciones

EcuCERT’s Team

TelecommunicationStatistics:2’ million fixed lines,

6 operators15’2 million mobile users,

3 operators10´4 millions internet users,

234 ISPDomains:general use .ec - clubsuizo.ecGovernment use .gob.ec - supertel.gob.ecCommercial use .com.ec - casadelsuizo.com.ec

Ecuador

INDIVIDUAL EFFORTS

• National Coordination

• Constituency, mission, services,

• Establishing Policies

• Appropriated Workplace

• Incident handling

• Training

• Membership to FIRST

In which areas we are working?

• CYBER SECURITY COMMITTEE

• NATIONAL CYBER SECURITY PLAN

• PERSONAL DATA PROTECTION LAW

• TELECOMMUNICATIONS AND CYBER SECURITY LAW

COORDINATION

• Our constituency will be at the

beginning:

– The telecommunication sector

– The government

• But in the future we will

increase to all the citizens

CONSTITUENCY

• Installing the ECUCERT's data center

• Buying the better tools of hardware and software

• Equipping the forensic laboratory

• Improving the network infrastructure

• Improving the physical and logical security

APPROPRIATED WORKPLACE

• We are using RTIR

– How to recive an incident

– Incident handling process

– Reports

INCIDENT HANDLING

RECIVED TRAINING

• Our personal has been trained in courses that areaimed to potential CSIRT knowledge, to gain agood grounding in the main aspects of working inan incident handling and response team:– EC-Council: 1) Incident Handler, 2) Ethical Hacking, 3)

Certified Security Analysis.– TERENA: Transits 1– LACNIC: Proyecto Amparo– ITU – IMPACT: Workshops, Ciberdrills.– USCERT-ICSCERT: Industrial Control Systems

Cybersecurity– USTTI: Cybersecurity and ICT Policy– and a large number of local trainings

IP-PBX FRAUD 232 registred cases Companies and Institutions (Grupo de abogados, Servicios

petroleros, IESS, Cancillería, Uniandes, Banco del Austro,Cabired, Motransa, Servidinámica, LG, Uniplex, Telecuatro, entreotros)

Economic damage (over 5´ USD) Atypical destinations(Guinea, Ghana, Austria, Gambia, Iridium,

Cuba)

CSIRT Nacional

Ecucert - SupertelJanuary 2012 – December 2013

Registered cyber crimes

CSIRT Nacional

Ecucert - SupertelJanuary 2013 – December 2013

“Defacement” 943 registered cases

Government and private domains

Attacked domains (Registro Civil, Bomberos, Registro de la Propiedad, Puerto de Esmeraldas, Movistar, Armada, Universidad Israel, CCI, ESPOL, Yamaha, aesoft, entre otros).

Registered cyber crimes

41,23%

37,21%

9,67%

4,75%4,32%

1,80%

0,40%

0,37% 0,25%

Defacements

.com.ec

.gob.ec / .gov.ec

.ec

.edu.ec

.org.ec

.mil.ec

.fin.ec

.net.ec

.med.ec

Registered cyber crimes