MyCERT 3rd Quarter 2011 Summary Report - CyberSAFE Malaysia

More documents

Recommendations

Info

6Based on the statistics, there was a20% reduction in numbers compared toprevious quarters. This is might due to theestablishment of digital forensics laboratoryby some LEAs, for example PDRM’s ForensicCheras Facility and the MACC facility. Whenit involves high profile cases, these LEAsnormally will be referred to by the DFD.In doing so, these LEAs can validate theirfindings by having a trusted second party tocarry out the necessary analysis. This is alsoproof that the LEAs practises impartiality.Most of the LEAs and RBs were trained byDFD’s professionals. This would indirectlystrengthen the cooperation between thetwo sides enable the sharing of expertise intheir respective fields. The establishment ofdigitals forensics labs by LEAs showed thatour aim to empower our LEAs has started toproduce results. DFD can now focus moreon cases which requires more technicaland advance technology. This type of casesneeds more in-depth research since thecriminals are more IT savvy and more up-todatetools are used.Data Recovery Case StatisticsData recovery is the process of salvagingdata from damaged, failed, corrupted,or inaccessible secondary storage mediamediums when it cannot be accessednormally. Often, data is salvaged fromstorage mediums such as internal orexternal hard disk drives, solid state drives(SSD), USB flash drives, storage tapes, CDs,DVDs, Redundant Array of Independent(or Inexpensive) Disks (RAID), and otherelectronics storage mediums. Recovery maybe required due to physical damage to thestorage device or logical damage to the filesystem that prevents it from being mountedby the host operating system.Another scenario involves a disk-levelfailure, such as a compromised file systemor disk partition or a hard disk failure. Inany of these cases, the data cannot be easilyread. Depending on the situation, solutionsinvolve repairing the file system, partitiontable or master boot record, or utilisinghard disk recovery techniques ranging fromsoftware-based recovery of corrupted datato hardware replacement on a physicallydamaged disk. If hard disk recovery isnecessary, typically, the disk itself has failedpermanently and the focus is rather on aone-time recovery, salvaging whatever datathat can be read.In a third scenario, files have been “deleted”from a storage medium. Theoretically,deleted files are not erased immediately;instead, references to them in the directorystructure are removed, and the space theyoccupy is made available for overwriting.In the meantime, the original file may berestored.Figure 3 shows the breakdown of casesreceived under Data Recovery (Jul-September2011) from Public, Private and GovernmentAgencies in Quarter 3 of 2011.Figure 3: Breakdown of cases received by Sector under DataRecovery (Jul-Sept 2011)It can be concluded that cases receivedfrom the government sector constituted thehighest majority with 16 cases, followedby the public sector with nine cases andthe private sector with two cases. Effectivefrom October 2011, Data Recovery serviceswill be taken over by CyberSecurity Clinics.CyberSecurity Clinic is another initiative byCyberSecurity Malaysia with the aim to helpe-Security | Cyber Security Malaysia | Vol: 28-(Q3/2011)© CyberSecurity Malaysia 2011 - All Rights Reserved
Malaysians with the following objectives:1. To provide an avenue for consumers toobtain assistance and to resolve issuesin relation to cyber security, cyber safetyand data privacy from a trusted serviceprovider at a competitive price.2. To serve as a citizen ‘touch-point’and to demonstrate the government’scommitment to the people by meetingand satisfying their needs.Others ActivitiesDuring this period, DFD has conductedseveral training sessions and lectures, whichinvolved participants from governmentbodies and enforcement authorities aswell as local universities. The objectivesof the training programmes were to shareknowledge between DFD experts andparticipants so that both parties can benefitand discuss latest issues and technologies.The summaries obtained will focus onDFD’s research and development and theircollaboration with local higher institutions.TalkDFD has conducted several talks as requestedby LEAs, RBs and other institutions suchas Department of Pharmacy, Judicial andLegal Training Institute (ILKAP), CompaniesCommission of Malaysia (SSM), RoyalMalaysian Customs Academy (AKMAL)and Universiti Teknologi Mara (UITM).Favourite topics requested were related todigital forensics and information securityin Malaysia. The sessions aimed to createawareness on the importance of digitalforensics to employees at these agenciesand the need to practice it in their dailytasks. Besides training professionals atLEAs, stakeholders and other governmentagencies, these sessions also help to ensuresustainability and effective dissemination ofinformation and resources.Research and DevelopmentCurrently, the R&D Unit of DFD collaborateswith Universiti Kebangsaan Malaysia (UKM)in obtaining the Exploratory Research GrantScheme (ERGS). The purpose of ERGS is topromote research and the early discoveryof knowledge that can contribute to anincrease in the level of intellectualism, thecreation of new technologies and a dynamiccultural enrichment environment in line withMalaysia’s national aspirations.One research was conducted in July 2011,named “A 2.5D Facial Identification by UsingFuzzy Bees Algorithm for Video ForensicsAnalysis”. The Process Flow for this researchis as below:3. Equipment Purchasing4. Assembly and Test5. Data Collection6. Researching methodology for 2D and 3Dface recognition7. Project expected to be completed byAugust 2012ConclusionIn conclusion, the field of digital forensicswill continue to grow in line with currentinformation technology developments whichare in tandem with the awareness level of themasses on the use of such technology. Thepublic, LEAs and RBs are now more aware onthe increase in threats for cyber-crimes andthat it requires more effort to combat them.Therefore, training sessions, talks and R&Dare important elements to be balanced withnew and growing information technologydisciplines and cyber-crimes. ■7e-Security | Cyber Security Malaysia | Vol: 28-(Q3/2011)© CyberSecurity Malaysia 2011 - All Rights Reserved
Page 3: MyCERT 3 rd Quarter 2011 Summary Re
Page 6 and 7: 4compared to the previous quarter.
Page 10 and 11: 8Legal Restriction on CryptographyB
Page 12 and 13: 10Wassenaar Agreement “will not i
Page 14 and 15: 12transactions, electronically thro
Page 16 and 17: 14deciding if software is considere
Page 18 and 19: 16SPAM, the Annoying Culprit on the
Page 20 and 21: 18Figure 4: The distribution of spa
Page 23 and 24: “wire-once” settings pool bare-
Page 25 and 26: San Francisco, CA. McKesson has dou
Page 27 and 28: 3. Consistency:It means that the be
Page 29 and 30: Mathematics Operations in BinaryNum
Page 31 and 32: compare the difference between a bi
Page 33 and 34: divided, it will remain as remainde
Page 35 and 36: Criteria is in a better spot to pro
Page 37 and 38: ASPECTS PLAN EXECUTE ANALYSISObject

MyCERT 3rd Quarter 2011 Summary Report - CyberSAFE Malaysia

Create successful ePaper yourself

Delete template?

Save as template?