vncert
If you can't read please download the document
DESCRIPTION
Bai vietTRANSCRIPT
-
Thng tin v thng
Trung tm VNCERT
TON, AN NINH
Security World - H , 03/2012
Trnh by: TS. Khnh
-
dung
I. MI CNTT - CNTT-TT
- Chnh
-
- Pht v thch
II. MI PHP L -
- pht
III. TNH HNH AN TON THNG TIN - l ATTT
- l ATTT
- gi nguy ATTT
- php
2
-
-TT (2/2012)
,
thu bao
(x )
/ so
cng
Thu bao 15,3 -1,4 %
119 +4,3 %
32,6 +18,4 %
4,3 +18,2 %
: k 3
-
PHT CHNH (12/2010)
100% 100%
21/22 62/63
88,50% 63,19%
88,37% 85,53%
4.841 88.387
-4 28 751
95% 75%
90% 93%
87% (20%)
4
-
5
PHT (12/2010)
100%
98%
Internet 89%
trong SX-KD
+ Doanh
+ Doanh v
96%
80%
53%
52%
21%
15%
C website ring 38%
14%
gia TP (H ...)
+ Dng internet cho
+ C thanh ton
49%
18%
4%
-
6
PHT V THCH
bo ( n VN thnh CNTT-TT)
+ 2015: 50% dn , 20%-30% Internet
, 85% sng di , cng 2,3
+ 2020: 70% dn , 50%-60% GD Internet
, 95% sng di , cng 4.
Thch :
+ Ti chnh-Ngn hng, , , trn
+ my+3 x = CNTT
+ khng an ton, , l
+ hacker > < ATTT
+ ,
ATTT ngy cng quan
-
Giai 2005-2011
+ lin quan: 5
+ : 7
+ Thng : 9
+ hnh, : 9
+ Tiu Nam: 2
7
-
chung
+ Cc quy kh phong ph trung xc
tin ra cc quy
Ch cc ti l
+ :
c tnh cao,
g b, khi qun
Cc QPPL pht
+ thi v tun :
quan tm
cc , ti
cc tiu , quy
8
-
PHT MI PHP L
trong xy
+ : 2
+ : 4 v cc thng
+ Tiu Nam thch : 31
Nhm tiu l an ton thng tin: 6
Nhm tiu gi ATTT: 8
Nhm tiu AT v : 9
Nhm tiu ATTT: 3
Nhm tiu m v : 5
9
-
II. TNH HNH AN TON TT
- khai Quy pht ATTT 2010
- khai 897/CT-TTg ngy 10/6/2011
CP khai cc
an ton thng tin
- Theo bo co cc CQNN thng 11/2011,
cc , ngnh v xy
v ph an ton thng tin .
- Trn 30% cc chuyn trch CNTT cc
, ngnh v ban hnh quy
an ton thng tin .
10
-
10
61.2
69.8
24.4
36
12
59
33
69
27
35
0 10 20 30 40 50 60 70 80
p hnh mua phng do
cng
c ATTT
c xy HT l ATTT theo TCVN-ISO/IEC 27001:2009
c cn chuyn trch bn chuyn trch ATTT
c ban hnh quy trnh thao tc l
my tnh
c ban hnh quy ATTT lnh ph v p 2011
2010
69% c cn chuyn trch ATTT v 59% c
an ton, an ninh thng tin.
L ATTT
11 : st VNISA+VNCERT
-
-
TT Nhm doanh
st
quan tm ( 1-10)
cng tc ATTT
1 Cng 15 5/10
2 Ngn hng Ti chnh 10 10/10
3 khon 08 10/10
4 Hng khng 03 10/10
5 thng 04 8/10
6 TMDT v CNTT 15 7/10
12
-
P PHP ATTT (%)
16.4
14.1
16.6
42
18
24.5
0 20 40 60
Nhm php l log-file,php l v ATTT
Nhm cng d qutl v ATTT
Nhm php sot truyp cng sinh
Nhm php
Nhm phpv m
trung bnh p ccphp cng ATT
13
-
rc (Spam) VN thng 6/2011
k
VNCERT +
VINASIS trong
2010:
rc
tnh
sau ba
.
-
thng tin VN
cc
cc ngnh trung
ccdoanh nh
Theo gi VNCERT 2010
-
CNG (%)
17
9
6
35
46
18
8
10
10
27
0 20 40 60
: st VNISA+VNCERT 2010 16
-
Tnh hnh l VNCERT
2009 2010 2012
Phishing 136 66.0% 233 86.0% 385 50.9%
Malware 10 4.9% 8 3.0% 13 1.7%
DoS/DDoS 6 2.9% 1 0.4% 3 0.4%
SMS Spams 19 9.2% 10 3.7% 14 1.8%
Deface 35 17.0% 19 7.0%
340 44.9%
Khc 2 0.3%
(= so
) 206 =261% 271 =132% 757 =279%
17
-
Xu thay cc CERT QG l
Phishing Malware Deface Spam Botnet
Indonexia
Malaysia
Philippin
Singapore
Thi Lan
-
GI NGUY ATTT
- cng ti chnh, ngn hng
- chnh , thng tin QG
- Nguy cng nay
- Nguy
- Nguy cng
- Nguy an ton thng tin trong thng
- Nguy tranh v
- Nguy , khng sot ATTT
19
-
GI NGUY ATTT
20
c
ng
do
th
m
B
,
Xm
,
ph
, D
Do
S
uy tn
-
GI NGUY ATTT
21
1
Khai thc
2
dung
m
3
cng x
-
pht m Q1-2011
Theo k Microsoft 22
-
pht m Q2-2011
Theo k Microsoft 23
-
My pht tn m Q2 - 2011
Theo k Microsoft 24
-
k cc Q3-2010 Q2-2011
Theo k Microsoft 25
Sophos: During the first half of 2011, we saw a new malicious URL every 4 .5 seconds
-
k social engineering
Theo k Microsoft 26
-
27
- Botnet ri v tm cch pht
tn.
- Cc m c theo di, thng tin
cng vo quan, ,
doanh .
- Cc virus ly file l nguy , ly lan trn hng
my Nam, l dng virus ly file
Sality.
- cc m trn cc hnh di
Android, v c xu .
Tnh hnh ly lan m nay
-
28
- Ly lan qua cc USB
- Pht tn qua cc trnh chat Yahoo v
ch Facebook.
- Ly lan thng qua trnh Web.
- Pht tn qua Email cch cc file km
, hay cc link .
- Ly lan qua cc tin thi, v nhng m
vo cc crack.
- ly lan, v cc trnh
virus.
- Khai thc trong , hnh ly
lan, l cc Microsoft
Word.
-
29
HNH
co m
- trn my tnh
- hnh xuyn
- trnh m c
lin v .
- cc c r rng,
l trang cc .
- Khi file km trn
xem xt khi ra l cc file
. Khng cc file nghi .
-
3
0
CNTT&TT
an ton cho
CNTT
Pht nhn
v nng cao
Hon mi
php l
Nng cao , thng tin,
tuyn ATTT
Hon cc v chnh
sch nh ATTT
Pht ATTT: Huy
, nhn
Xy cc v
cc ATTT
tc trong v ngoi