“computer security is everyone’s responsibility”

“Computer Security is Everyone’s Responsibility”

30 November - 2 December 2009The Royale Chulan, Kuala Lumpur

Supported by:

CyberSecurity Malaysia

Corporate Office,Level 8, Block A,Mines Waterfront Business Park,No. 3, Jalan Tasik, The Mines Resort City,43300 Seri Kembangan,Selangor Darul Ehsan, Malaysia.

Phone : +603 - 8992 6888Fax : +603 - 8945 3205Email : [email protected]

www.cybersecurity.mywww.cybersafe.my

Organized by:

2

www.cybersecurity.my

Welcome Messages • TheHonorableMinisterofScience,TechnologyandInnovation(MOSTI),Malaysia• TheHonorableDeputyMinisterofScience,TechnologyandInnovation(MOSTI),Malaysia• ChiefExecutiveOfficerofCyberSecurityMalaysia

About World Computer Security Day Malaysia 2009 (WCSD-MY2009)

Ways to Participate in World Computer Security Day

About CyberSecurity Malaysia

About CyberSAFE

Events in conjunction with WCSD-MY2009• InformationSecurityProfessionalsNetworkingForum&CocktailReception(30November2009)• INFOSECURITY.my&FIRSTTechnicalColloquiumKualaLumpur2009(1–2December2009)• 1stASEANCyberVolunteersDevelopmentCourse(28November–2December2009)• DinnerReceptioninconjunctionwiththeOfficialLaunchofCyberSecurityMalaysiaMalwareResearchCentreandtheExchangeofMemorandumofUnderstanding(1December2009)

About CyberSecurity Malaysia Malware Research Centre

Exchange of Memorandum of Understanding between CyberSecurity Malaysia and Partners• DisasterRecoveryInstituteMalaysiaSdnBhd(DRI)• RHBBank• TaiwanHoneynet• UniversitiKualaLumpur(UniKL)

Media and Promotional Activities

TableofContents

3Computer Security is Everyone’s Responsibility

www.cybersafe.my

Honorable Datuk Seri Dr. Maximus Johnity Ongkili, JPMinisterofScience,TechnologyandInnovation,Malaysia

I am pleased that CyberSecurity Malaysia, an agency under MOSTI in charge ofnational cyber security -- including running the Cyber999 Help Centre for MalaysianInternetusers--istakingtheleadwithregardtoWorldComputerSecurityDay(WCSD)Malaysia,designatedon30thNovember2009.

Thecorebusinessof computer securityprogrammesand theMinistry’s vision for thenation is complimentary, that is: to deliver Science, Technology and Innovation forknowledgegeneration,wealthcreationandsocietalwell-being.

Torealisethisnationalvision, theNationalStrategic InformationandCommunicationsTechnology (ICT) Roadmap for Malaysia formulated by the National InformationTechnologyCouncil,seekstoensurethatICTiswellintegratedintothesocio-economicfabricofthenation.Moreso,aswestrivetobringprogresstothepeopleinrealisingour1Malaysiamission.

WCSDMalaysia2009isclearlyaninitiativethatrelatesdirectlytothisvision,andthisisthefirsttimeWCSDisbeingobservedinabigwayinMalaysia.

I commendCyberSecurityMalaysia for its vision andexecutionof thenationalWCSDprogrammeandIamconfidentsecurityprofessionals,industryplayersandmembersofthepublicwillgainimmenselyfromthesecomputersecurityawarenessactivities.

AlthoughNovember30th isthedateofobservance, Iunderstandthere isflexibilitytoorganiseorholdcomputer security awarenessevents in recognitionofWCSD.Thus, ItakethisopportunitytoencourageandcalluponallMalaysianorganisations--notjustthoserelatedtocybersecurityorInformationTechnology--tojoinhandsandcelebrateWCSDMalaysia2009.

“Championing scientific discovery, transforming innovation.”

Honorable Datuk Seri Dr. Maximus Johnity Ongkili, JPMinisterofScience,TechnologyandInnovation,Malaysia

WelcomeMessage

4


Honorable Tuan Haji Fadillah bin Haji YusofDeputyMinisterofScience,TechnologyandInnovation,Malaysia

I would like to thank CyberSecurity Malaysia for championingWorld ComputerSecurityDay(WCSD)2009inMalaysiaanditishightimethatsafetyandsecurity-consciouscomputingbegiventheduefocusandattentionitdeservesamongstMalaysiansinthepublicandprivatespheres.

Towards thisend, theGovernment is supportiveofall efforts into improvingnationalawareness of computer security and cyber security.Whilewebelieve the onus is onindividualusers, any initiative thataidsandassistsour fellowMalaysians inpracticingsafecomputingiscommendable.

AttheGovernmentlevel,wefeelthattheparticipationbythepublicandprivatesectororganisationsisnotonlycrucial,butessentialforthesuccessfuldisseminationofsafetyandsecurityconsciouscomputingpracticesamongmembersofthepublic.

OurhonourablePrimeMinisterinhisBudget2010speechstressedonhisadministration’seconomicvisiontotransformthenationintoahigh-income,knowledge-basedsocietywith a value-driven economy. I believe with this in mind, Malaysian practising safecomputingcanhelpbringthenationonestepclosertothisvisionandaspiration.

Withthegrowingonlinepopulationandincreasingsocialmediaparticipation,computersand the Internet have become essential tools forMalaysian across all segments andsectorsbothintheprivateandpublicsectors.Assuch,thegovernmentstronglyfeelsthateveryMalaysianmustbecomemoreawareofcomputersecurityandsafetyissuesandthemeanstoprotectthemselvesandtheirinformationassets.

Honorable Tuan Haji Fadillah bin Haji YusofDeputyMinisterofScience,TechnologyandInnovation,Malaysia

WelcomeMessage


www.cybersafe.my

WelcomeMessage

Lt. Col. Husin Jazri(Retired)CISSP,CBCPChiefExecutiveOfficer,CyberSecurityMalaysia

The World Computer Security Day (WCSD) isanannualeventobservedworldwidethat was started in 1988 by the Association for Computer Security Day to help raiseawareness of computer related security issues.This yearmarks the first timeWCSD isbeingobservedinabigwayinMalaysiaandthethemeis“Computer Security is Everyone’s Responsibility.”

In today’shighly interconnectedworld,computersecurity isnot justa technical issue,butasocial issue.Anysecurity incidenthasthepotentialof impactingvictimssocially,financiallyandemotionally.

Inthatsensecomputersecurity isnodifferenttopersonalsecurity,and inrecognitionofWCSD, we want to strive to collectively make Malaysiansmore computer-securityconsciousbecausemanyamongusstillaren’t.OneofthewayswecanachievegreatercomputersecurityawarenessamongMalaysiansfromeveryfacetofsocietyisbyhelpingeachother,remindingeachotherandtellingeachotheraboutsafercomputinghabits.MalaysiansarenolongernewtotheworldoftheInternet–thus,itishightimewetakeresponsibilityforourfundamentalrighttointernetaccessbygettingeducatedoncyberthreatsandhowwecanplayourparttoprotectourselvesandourassetsagainstcybercrime.Formembersofthepublic,IencourageyoutovisitCybersafe.my,asitethathasbeencreatedespeciallybyCyberSecurityMalaysiaasatreasuretroveofcomputingsafetytipsandbestpracticesasareferenceforallMalaysians.

MalaysiannetizenswhoarevictimsofcomputersecuritybreachesoranyillegalactivityincyberspaceareencouragedtorefertheincidenttoCyber999TM Help Centrebycalling1-300-88-2999, sending e-mail to [email protected] , or filling up anonlinereportatwww.cybersecurity.myorwww.mycert.org.my.

Lt. Col. Husin Jazri (Retired)CISSP,CBCPChiefExecutiveOfficer,CyberSecurityMalaysia

6


World Computer Security Day (WCSD) is an annualeventthatisobservedworldwide.Itisopentoanyoneoranyorganisationintheworldthatwouldliketoobserveandcelebrateitintheirownways.

Started in 1988, theWCSD helps to raise awareness ofcomputer related security issues. The goal of observingtheWCSDistoremindpeopletoprotecttheircomputersandinformation.Eachindividualisresponsibleandplaysapartinprotectinginformationassetsandresources.

Officially, the WCSD is on November 30th. However,someorganizationschoosetohavefunctionsonthenextbusinessdayorweekifitfallsonaweekend.

InMalaysia,thisyear2009isthefirsttimethattheWCSDiscelebratedinanorganisedmanner,drivenbyCyberSecurityMalaysia - theNational Cyber Security Specialist Centre,

AboutWorldComputerSecurityDay–Malaysia2009(WCSD-MY2009)

whichisanagencyunderthepurviewoftheMinistryofScience,TechnologyandInnovation(MOSTI).

As the national cyber security specialist centre, webelievethatweshouldtakethe lead incelebratingandpromotingtheWCSDinMalaysia.Hence,wehavetakentheinitiativetoorganisevariouseventsandpromotionsinconjunctionwiththeWorldComputerSecurityDay–Malaysia2009(WCSD-MY2009).

ThethemefortheWCSD-MY2009is“Computer Security is Everyone’s Responsibility”.

WehopeallMalaysiansandresidentsofMalaysiawouldjoinus inobservingtheWCSD inabigway for thefirsttimeever!Computer Security is Everyone’s Responsibility. Be Smart, Be Safe! Be a part of the WCSD-MY2009!


www.cybersafe.my

1. Displaycomputersecurityposters.

2. Presentcomputersecuritybriefings.

3. Changeyourpassword.

4. Checkforcomputerviruses.

5. Showcomputersecurityvideos,filmsorslides.

6. Protectagainststaticelectricity.

7. Modifythelogonmessageonyourcomputersystemto

notifyusersthatComputerSecurityDayisNovember30.

8. Vacuumyourcomputerandtheimmediatearea.

9. Cleantheheadsonyourdiskdrivesorothermagnetic

mediadrives.

10. Back-upyourdata.(afterbeingcertainthatitisvirus-free.)

11. Deleteunneededfiles.

12. Initiateacomputersecurityposterdesigncontestfornext

year.

13. Demonstratecomputersecuritysoftware.

14. Publicizeexistingcomputersecuritypolicy.

15. Issuenewandimprovedcomputersecuritypolicy.

16. Declareanamnestydayforcomputersecurityviolatorswho

wishtoreform.

17. AnnounceCOMPUTERSECURITYDAYinyourinternal

newsletter.

18. Examinetheauditfilesonyourcomputers.

19. Verifythatthe“Welcome”messagethatisnormallyusedon

yourcomputerisappropriateforyourorganization.

20. Write-protectalldiskettesthatarenottobewrittento.

21. Takethewrite-protectringsoutofthetapesinyourlibrary.

22. Verifyyourinventoryofcomputerapplications.

23. Verifyyourinventoryofcomputerutilitiesandpackaged

software.

24. Verifyyourinventoryofcomputerhardware.

25. Installandinspectpowersurgeprotectionasappropriate.

26. Installfire/smokedetectionandsuppressionequipmentin

computerareas.

27. Eliminatedustfromcomputerareas,includingchalkdust.

28. Providedustandwatercoversforpersonalandlarger

computers.

29. Post“NoDrinking”and“NoSmoking”signsincomputer

areas.

30. Developarecoveryplanforallcomputersystemsthat

requireone.

WaystoParticipateinWorldComputerSecurityDay

At present,thereareatleast53waystoparticipateinComputerSecurityDay.ThelistiscompiledbytheAssociationofComputerSecurityDay(ACSD),anon-profitorganisationthatstartedWCSDandcurrentlymanagestheCSDwebsite.

Youareencouragedtoaddtothislist.Forexample,addthisasitem#54.Visitwww.cybersafe.mytolearnmoreaboutcomputersafety-fromhandytips,coolposters,interestingvideosandotherresourcesoncybersecurityandsafety.

31. Verifythatpasswordsarenot“Posted”andallotherkeysare

secured.

32. Verifythatbackuppowerandairconditioningfityour

needs.

33. Haveaminitrainingsessiontoprovideallcomputerusers

withabasicunderstandingofcomputersecurity.

34. Verifythatallsourcecodeisprotectedfromunauthorized

changes.

35. Verifythateachcomputerhastroublelogandthatitis

beingused.

36. Verifythatappropriateoffsitestorageexistsandisbeing

used.

37. Removeallunnecessaryitemssuchasextrasupplies,coat

racks,andprintoutsfromthecomputerroom.

38. Selectacomputersystemonwhichtoperformarisk

analysis.

39. Beginplanningfornextyear’sCOMPUTERSECURITYDAY.

40. ChangetheFORMATcommandinDOStoavoidaccidentally

FORMATingofdisks.

41. Protectthecomputeronyourstore-and-forwardphone

messagesystem.

42. Holdadiscussionofethicswithcomputerusers.

43. Volunteertospeakaboutcomputersecurityatalocal

computercluborschool.

44. CollectComputerSecurityDaymemorabiliatotradewith

others.

45. Registerandpayforallcommercialsoftwarethatisusedon

yourcomputer.

46. Registerandpayforallsharewarethatyouuseregularly.

47. Installallsecurity-relatedupdatestoyourcomputer’s

operatingsystem.

48. Helpacomputernovicebackuptheirfiles.

49. Protectallcabincomputersfromfloatingdropletsofliquid.

50. Plantoattendacomputersecuritymeetingorseminar.

51. Considertheprivacyaspectofthedataonyourcomputer

andprotectit.

52. Updateyouranti-virusprogram

53. SendtheASCDanitemtoaddtothislist

Source:www.computersecurityday.org

8


www.mycert.org.my/cyber999

www.mycert.org.my

MalaysiaCommonCriteriaCertificationBody(MyCB)www.cybersecurity.my/mycc

DigitalForensics

SecurityAssurance

SecurityManagementandBestPractices

CyberSecurityResearchandPolicy

Training

Outreachwww.cyberSAFE.my

CyberSecurity Malaysia started as the MalaysianComputerEmergencyResponseTeam(MyCERT)in1997.In 1998, it grew to become the National ICT Security &EmergencyResponseCentre (NISER).B72007,NISERhasbeentransformedandrenamedCyberSecurityMalaysia.

CyberSecurity Malaysia is positioned as the nationalcyber security specialist centre under the Ministry ofScience, Technology and Innovation (MOSTI), with apassion for providing excellent services. It runs a helpcentre, the Cyber999TM, for Malaysian internet users.It also provides safety tips, advisories and specializedservices in the fields of cyber security such as DigitalForensics andWireless Security. It runs aTrainingCentreforprofessionalcertification;managesanOutreachPortalwww.cybersafe.my; and is the sole certification bodyfor Common Criteria (ISO 15408) in Malaysia. For moreinformation,pleasegotowww.cybersecurity.my.

WiththeadventofCyberSecurityMalaysia,thepeopleinMalaysiacanhaveapeaceofmindthatcyberspacethreatscan be overcome, hence achieving a safer and securedcyberspace.

AboutCyberSecurityMalaysia

ListofServices


www.cybersafe.my

CyberSAFE, short for CyberSecurity Awareness for Everyone, is CyberSecurity Malaysia’s initiative to educate andenhancetheawarenessofthegeneralpubliconthetechnologicalandsocialissuesfacinginternetusers,particularlyonthedangersofgettingonline.

These issues include:• GoodOnlineChattingandSocialNetworkingHabits• SafeInternetBankingandOnlineShopping• OnlineInvestmentScams,IdentityThefts,OnlineFraudandPhishingScams• ProtectingyourComputeragainstViruses,WormsandotherMalwareInfections• CyberStalking,CyberbullyingandOnlineHarassment• EmailandSpam• ProtectingPrivacyandPersonalInformationOnline

CyberSAFE’s target groups include:• SchoolChildren• Students• Teachers• Parents• Adults• Organizations

CyberSAFE activities include:• AwarenessTalksandOpenSeminar• TrainingofTeachers/Ambassadors• OnsiteAwarenessDays/Week• AwarenessActivityKits• AwarenessRoadshowsandCompetitions• ConsultationwiththeCommunityandVariousInterestGroups

CyberSAFEaimstoprovidethenecessaryinformationandrecourcestoalltargettedgroupsforthemtobeabletomakeinformedchoicesandmanagetheabovementionedissueseasier.

AboutCyberSAFE

Let’s Make The Internet A Safer Place

www.cybersafe.my

10


The InfoSecurity Professionals Networking Forum & Cocktail Receptionwillbeheldonthe30November2009, Monday. CyberSecurity Malaysia will take thisopportunity to introduce the society of the InformationSecurityProfessionalsinMalaysiaandwillconductthefirstmembershipdriveonthatday.

For participants with information security professionalqualificationsfromrecognizedbodies,CPEpointswillbeawardedbasedonthetermsandconditionssetforthbytherespectivecertifyingbodies.

EventsinconjunctionwithWCSD-MY2009

TIME PROGRAM

2.30pm–3.00pm Registration

3.00pm–3.15pm Opening Remarks:IntroductiontoCyberSecurityMalaysia&SocietyofInformationSecurity

Professionals

Lt. Col. Husin Jazri (Retired),Chief Executive Officer, CyberSecurity Malaysia

3.15pm–3.45pm Presentation 1Mr. Prinya Hom-anek,ACIS Thailand

3.45pm–4.30pm Presentation 2:InformationSecurityProfessionalsDevelopmentinSingapore

Freddy Tan, Microsoft Asia

4.30pm–5.15pm Presentation 3: TrendsinCybercrimeandMaliciousInternetActivity

Ryan Connolly, Team Cymru

5.15pm–5.30pm Panel DiscussionsModerator:

Lt. Col. Husin Jazri (Retired), Chief Executive Officer, CyberSecurity Malaysia

Panelists:

• Prinya Hom-anek, ACIS Thailand

• Freddy Tan, Microsoft Asia

• Ryan Connolly, Team Cymru

• Adli Abd Wahid, MyCERT, CyberSecurity Malaysia

5.30pmonwards NetworkingCocktailReception@Tamingsari2

InfoSecurity Professionals Networking Forum & Cocktail Reception

Date: 30 November 2009, Monday

Time: 2.30 pm – 6.00 pm

Venue: Tamingsari 2 & 3, Ground Floor, The Royale Chulan Kuala Lumpur

Theme: Shifting Cyber Landscape: Gearing towards Innovation

Objectives• ToprovideInformationSecuritypractitionersanavenuetocollaborateandshareknowledge.

• To install and ingrain the importance of InformationSecuritytoindividualsandbusinesses.

• To complement and promote the implementation ofContinuingProfessionalDevelopment(CPD).

• ToaddresshumanresourcesrequirementinMalaysiaforinformationsecurityprofessionals.

• Toensuremembersprovidecompetentservicesinthehighestprofessionalmannertobenefitthepublicandthenation.

• Toenhanceinternationalalliances.• To increase exposure and visibility of people andbusiness.

CyberSecurity Malaysia reserves the right to alter the program and speakers without prior notice.


www.cybersafe.my

INFOSECURITY.my consists of technical security talksby seasoned security practitioners. The talks are purelytechnicalinnatureandmostofthespeakersareinvolveddirectlywithsecurityoperationsonthedaytodaybasis.

INFOSECURITY.my talk is followed by a 1-day hands-onsessionsonvarioustopics.Afullsessionisabout3hourslong and participants are required to bring their ownlaptop and do the necessary installation of applicationsasper requiredby the instructors.Thereare8hands-on

INFOSECURITY.my & FIRST Technical Colloquium Kuala Lumpur 2009

Date: 1 – 2 December 2009, Tuesday – Wednesday

Time: 9.00 am – 5.45 pm

Venue: The Royale Chulan Kuala LumpurTamingsari 3, Ground Floor (1st December) Executive Boardroom, Sri Panglima 2, Sri Bendahara 1, Sri Bendahara 2, Level 1 (2nd December)

sessionsandtheclasssizeislimitedtoamaximumof20participantsperclass.

Theevent isheldonthe1stand2ndDecember2009atTheRoyalChulanHotel,KualaLumpur.Thegeneralthemefor this year’s event is malware or malicious code. TheupdatedprogramdetailsisavailableatthefollowingURL:http://www.cybersecurity.my/first-tc/index.html

This event is suitable for Security practitioners, MalwareAnalysts,Professorsorlecturersteachingandresearchingsecurity related topics. Postgraduate students pursuingresearch in computer security are also encouraged toparticipateinthisevent.

This event is held with the Forum of Security IncidentResponse Team (FIRST) and Team Cymru. CyberSecurityMalaysia is amember of FIRST and houses theMalaysiaComputerEmergencyResponseTeam(MyCERT).

TIME PLENARYSESSIONS

09:00-09:15 Opening/Welcoming RemarksCyberSecurity Malaysia & FIRST Rep

09:15-10:00 State of Health of the Internet and our NetworksRichard Perlot to, Shadowserver Foundation, US

10:00-10:30 NetworkingBreak

10:30-11:15 Threats to Our Security: Motivations and TargetsRyan Connolly,Team Cymru, US

11:15-12:00 Emerging Threats and a New IDSMatt Jonkman, Emerging Threats

12:00-12:45 The Emperor’s New Cloud: AnAnalysisoftheJuly2009RoK/USADdoSAttacksRoland Dobbins, Arbor Networks

13:00-14:00 Lunch

14:00-14:45 VirusTotal Proper UsageJulio Canto,VirusTotal

14:45-15:30 New Developments on Brazilian Phishing MalwareJacomo Piccolini, ESR/RNP, BR


16:00-16:45 Case Study, Database Hack with a TwistAlex Tilley, ACMA

16:45-17:30 Low Interaction Server Honeypot EvolutionMark Schloesser,Girraffe Honeynet

17:30-17:40 Closing/Administrative

18:00-21:00 Dinner(participants & speakers invited)

December1st(Tuesday)

12


Time HANDS-oN SESSIoN 1 (Morning)

HANDS-oN SESSIoN 2 (Morning)



08:45-09:00 FIRST Rep Brief opening / administrative announcements

09:00-10:30 Becoming Criminal - A Botnet ExerciseShadowServer

Network Monitoring and Traffic AnalysisKeisuke Kamata,JPCERT/

CC JPCERT Coordination

Center, JP

AusCERT Web Security Hands-onAdnan Shukor, Hafiz Mat Tabrani, MyCERT, MY


11:00-12:30 Becoming Criminal - A Botnet Exercise(continued)

ShadowServer

Network Monitoring and Traffic Analysis (continued)

Keisuke Kamata,JPCERT/

CC JPCERT Coordination

Center, JP

AusCERT (continued) Web Security Hands-on(continued)

Adnan Shukor, Hafiz Mat Tabrani, MyCERT, MY

12:30-14:00 Lunch

TIME HANDS-oN SESSIoN 5 (Afternoon)

HANDS-oN SESSIoN 6 (Afternoon)



14:00-15:30 David Watson,UK

Honeynet

HTTP Protocol and Web Application SecurityShiori Sato,JPCERT/CC, JP

Network ForensicsTeam Cymru

Security Information and Event Monitoring with OSSIM

Haythem El Mir,Technical Dept./NACS, TN


16:00-17:30 David Watson,UK

Honeynet(continued)

HTTP Protocol and Web Application Security (continued)

Shiori Sato,JPCERT/CC, JP

Network Forensics(continued)

Team Cymru

Security Information and Event Monitoring with OSSIM (continued)Haythem El Mir,Technical Dept./NACS, TN

17:30-17:45 Closing

December2nd(Wednesday)

INFOSECURITY.my & FIRST Technical Colloquium Kuala Lumpur 2009: Hands-on Sessions



www.cybersafe.my

In conjunction with theWorld Computer Security Day-Malaysia 2009 programme by CyberSecurity Malaysia,theCommitteeforASEAN Youth Cooperation (CAYC),is organizing a “Training of Trainer” course entitled “The 1st ASEAN CYBER VOLUNTEERS DEVELOPMENT COURSE” from28 November – 2 December 2009, inKualaLumpur,Malaysia.

AsperacceptanceduringtheSeniorOfficialsMeetingonYouth (4thSOMY)of the6thASEANMinisterialMeetingonYouth(6thAMMY),inBangkok,last24thJune2009,the

1st ASEAN Cyber Volunteers Development Course

Date: 28 November – 2 December 2009 (Saturday – Wednesday)

Venue: Tun Sri Lanang 2 & 3, Ground Floor, The Royale Chulan Kuala Lumpur (1st December)

coursewillbeco-organizedwiththe InternationalYouthCentre (IYC) Kuala Lumpur, supported by the Ministryof Youth and Sports Malaysia and Ministry of Science,Technology & Innovation Malaysia, in cooperation withCyberSecurityMalaysia,WorldAssemblyofYouth (WAY),Asian Youth Council (AYC) and the Malaysian YouthCouncil(MYC).

The course’s aim is to createASEANYouthPeaceCorps;withthefollowingobjectives:• Tocreatepoolof ICTskilledvolunteers,throughcyberinnovationforcommunities.

• Tobridgethedigitaldivideamongyoungpeopleinthelesserdevelopednations.

• TocreateopportunityforyouthvolunteersfromvariousbackgroundtodoICToutreachprogrameffectivelyandefficiently.

• TopromoteASEANawarenessamongyouth.

TIME PROGRAM

8.00–9.00am Registration

9.00–10.30am Email and Application Part 1

9.30–10.20am Break

10.20am–1.00pm Application Part 2andWeb Browsing

1.00–2.00pm Lunch

2.00–3.00pm Social Networking - Benefits and Opportunities

3.00–4.00pm Web 2.0 Apps Part 1

4.00–4.20pm AfternoonBreak

4.20–5.00pm Web 2.0 Apps Part 2

5.00–5.30pm Q&A andWrap Up.


14


TIME PROGRAM

6.00pm Arrival ofGuests

6.30pm ArrivalofY.B.Tuan Haji Fadillah bin Haji YusofDeputy Minister of Science, Technology and Innovation, Malaysia

6.35pm OpeningPerformance

6.40pm Welcome IntroductionbyEmcee

6.45pm Welcome AddressbyLt. Col. Husin Jazri (Retired)Chief Executive Officer, CyberSecurity Malaysia

6.55pm AddressbyY.B. Tuan Haji Fadillah bin Haji YusofDeputy Minister of Science, Technology and Innovation, Malaysia

7.05pm Exchange of Memorandum of Understanding Ceremony Official Launch of CyberSecurity Malaysia Malware Research Center

7.15pm

MaghribPrayers

Networking

7.35pm FoodPresentation

7.40pm DinnerCommence

8.10pm SpeechbyMr. Sobri AhmadSecretary General, Committee for ASEAN Youth Cooperation

8.20pm 1st ASEAN Cyber Volunteers Development Course – ActivitiesVideo

8.25pm Presentation of Certificate & Memento totheASEANCountriesand3memberstates

byY.B. Tuan Haji Fadillah bin Haji Yusof

8.40pm Presentation of Memento to Y.B. Tuan Haji Fadillah bin Haji Yusof

8.45pm Performance

9.00pm DepartureofY.B. Tuan Haji Fadillah bin Haji Yusof

WCSD-MY2009 Dinner Reception

Date: 1 December 2009, Tuesday

Time: 6.00 pm – 9.00 pm

Venue: Tamingsari 1 & 2, Ground Floor, The Royale Chulan Kuala Lumpur



www.cybersafe.my

The CyberSecurity Malaysia Malware Research Centre is the centre of excellence inmalware research. As thepremiermalwareresearchcentreinthecountry,CyberSecurityMalaysiaMalwareResearchCentrewillstrivetoensurethatMalaysiansareadequatelypreparedandprotectedfromsuchmaliciouscodes.

Among the expected outcomes of our researches are:• ResearchandDevelopmentintechniquestodetectandmitigateMaliciousCodes• ThreatsAnalysis–In-Depthanalysisofemergingthreats• Advisories&Alerts–SharinginformationwithpartnersandMalaysiaInternetusersatlarge• EnhancingtheNation’scapacityindealingwiththisformofthreat–i.e.bydevelopingtalentsinthisfield

Always working to ensure a safer environment for internet users throughout Malaysia, the CyberSecurity MalaysiaMalware ResearchCentrewill continuously strive towards excellence inmalware research and in ensuring that thecyberspaceremainssafeforeveryone.

CyberSecurity Malaysia Malware Research Centre intends to achieve its goals via: • Partnerships–strongpartnershipswithacademia,researchersandinformationsharingwithstrategicpartners• ContinuallysupportingCyber999HelpCentreServicewhich iscurrentlybeingofferedtothepublic forescalatingcybersecurityincidents(free-of-charge)

• DistributedHoneynetProject–alsoknownasLebahnet.Thecountry’sbiggestdistributednetworkformonitoringmaliciousnetworkactivities

AboutCyberSecurityMalaysiaMalwareResearchCentre

16


DRI (Disaster Recovery Institute Malaysia Sdn. Bhd.),anAffiliateoftheDisasterRecoveryInstituteInternational),hasjustconcludedaStrategicCollaborationAgreementwithCyberSecurity Malaysiaon6November2009.

Formore than 20 years, DRI International has set the standard for professionalism in business continuity planningandhasprovidedtheprofession’spremiercertificationandeducation.Thereareover7,500activebusinesscontinuityprofessionalsfromvariousindustriesandbusinesssectorsmaintainingDRIInternationalcertificationsworldwide.

With the collaboration, it will enhance CyberSecurity Malaysia’s capacity and capability in building the businesscontinuitymanagement (this ispartof the ISMS ISO27001 requirement).CyberSecurityMalaysiawill collaborate inorganizing the BusinessContinuityManagement (BCM) education courses such as BCLE2000 (Professional BusinessContinuityManagementCertification),BCOE-PF1(PandemicInfluenza–BuildingaContinuityPlan)andBOE-200(BCMIntermediateCourse).CyberSecurityMalaysia’sroleisalsotopromoteawarenesstoorganizationstobuildresiliencewiththecapacityforaneffectiveresponsethatsafeguardstheinterestsofitskeystakeholders,reputation,brandandvaluecreatingactivities.

TheMemorandum of Strategic Alliance betweenRHB Bank andCyberSecurity Malaysia is the commitment ofbothpartiestodiscuss,explore,collaborateandjointlydevelopinitiativesandactivitiesrelatedtoInternetSafetyandInformationSecurityforRHB’sstakeholders,particularlyontheCyberSAFEProgram,ISMSandProfessionaltraining.

ThecollaborationalsoextendstotheuseofdownloadablematerialsavailableonCSM’sCyberSAFEportalaswellastheorganizationofrelatedprogramsandactivities.

ExchangeofMemorandumofUnderstandingbetweenCyberSecurityMalaysiaandPartners


www.cybersafe.my

TheMemorandumofUnderstandingbetweenTaiwan HoneynetandCyberSecurity Malaysia istoexchangeoninformationandtechnicalexpertise,aswellastocollaborateandresearchintheareaofcomputersecurity.

TaiwanHoneynet Project is a Chapter of theHoneynet Project.The project is an international, non-profit researchorganizationdedicatedtoimprovingthesecurityoftheInternetatnocosttothepublic.

Locally,TaiwanHoneynetProjectprovides the total solution todealwith computer security incidents andmethodofpreventionforTaiwanacademicnetwork.ThisprojectalsocollaborateswithISPs,othergovernmentdepartmentsandinternationalsecurityorganizations.Ouraimistocapturenetworkattackbehavior,realizingthedetailsofhackingtechnologyandinvestigatingtheinfectionofmalware.Wehopethattheprojectwillraiseawarenessofcurrentthreatsandvulnerabilities,andimprovethemake-upofdefensestrategies

TheMemorandumofUnderstandingbetweenUniversiti Kuala Lumpur (UniKL)andCyberSecurity Malaysia istoexchangeon informationandtechnicalexpertise,aswellastocollaborateandresearch intheareaofcomputersecurity.

UniKL,basedintheheartofMalaysia’scapitalandcommercearea,isoneofthecountry’sleadingtechnicaluniversity.Theuniversityaimstoprovideourgraduateswiththeknowledge,skillsandattituderequiredtocontributetowardsandplaymajorrolesinaglobalisedandknowledge-basedeconomy.Ourvisionistobecomethepremierentrepreneurialtechnical university in the country by 2020 through excellence in research, education, training, entrepreneurship,consultancyandcommunityservices.Ourresearchactivityisfocusedondevelopingnewtechnologiesandproductstosupportourtechno-entrepreneurshipventureswithourresearchers,graduatesandindustrialpartners.Theuniversitypartnerswithmanyotherlocalandinternationaluniversitiesandresearchinstitutionstobringcloserresearchknowledgeintosuccessfulapplicationandcommercialization.

18


MEDIA ADVERTISEMENT DATE

1. Cyber Media i.WCSDwebpageatwww.cybersafe.my

ii.Facebookfanpage

iii.TwitterIdentitypageandTwit-a-Day

iv.BannersatNuffnangbloggersmainpages

v.Blog-editorials

vi.Blog-posts

vii.Rave&Rants

viii.Surveys

ix.Pledges

16Novto31Dec

2. Utusan Online SiteTakeOver 28-30Nov

3. The Star Online OnlineMediumRectangularbanner-Mainpage 30Nov

4. Bernama Online OnlineRectangularbanner-Generalpage 28-30Nov

5. Utusan Malaysia National,mainsection,half-pageadvertisement 30Nov

6. The New Straits Times National,mainsection,half-pageadvertisement 30Nov

7. Fly.FM (English) Radiocommercialsat4popularradiostations.

Eachstationwillhave5spotsof30seconds“LiveRead”bytheannouncer

between6.00am–10.00am(3spots)andbetween4.00pm–8.00pm

(2spots)

30Nov

8. Hot. FM (Malay) 30Nov

9. THR Raaga (Tamil) 30Nov

10. My.FM (Chinese) 30Nov

11. Street Buntings BuntingwillbeplacedalongmainroadsurroundingRoyaleChulanHotel 27Nov-3Dec

12. PR and Publicity i.TV3interview.MHI

ii.RadioInterview.Radio24

iii.RadioInterview.RadioIKIM

iv.NewspaperInterview

17Nov–16Dec

Media and Promotional Activities

WCSD-MY2009 Web Portalwww.cybersafe.my/wcsd

WCSD-MY2009 Facebook:World Computer Security Day (WCSD) Malaysia

WCSD-MY2009 Twitter:http://twitter.com/WCSDMY

“Computer Security is Everyone’s Responsibility”

30 November - 2 December 2009The Royale Chulan, Kuala Lumpur

Supported by:

CyberSecurity Malaysia

Corporate Office,Level 8, Block A,Mines Waterfront Business Park,No. 3, Jalan Tasik, The Mines Resort City,43300 Seri Kembangan,Selangor Darul Ehsan, Malaysia.

Phone : +603 - 8992 6888Fax : +603 - 8945 3205Email : [email protected]

www.cybersecurity.mywww.cybersafe.my

Organized by:

“computer security is everyone’s responsibility”

Documents