KZ-CERT Kazakhstan public service of response to computer incidents
Owners:
Communication agency of the Republic of Kazakhstan and information (ASYA RK)
Structure of KZ-CERT
For 2016 the coordinate system of CERT integrates more than 90 countries of the world. Through it interaction concerning timely response to the incidents of information security directed to information infrastructure of the states[1] is provided].
KZ-CERT performs cooperation with 18 similar organizations of Russia, the USA, Belarus, Uzbekistan, Armenia, Azerbaijan, China, South Korea, Malaysia, Indonesia, Australia, Moldova, Lithuania, Latvia, India.
Functions and problems of KZ-CERT
The Kazakhstan Service serves as outer jacket of interaction, both with the outside world, and with users of the Kazakhstan segment of the Internet, being engaged in collecting and information analysis, the notification and warning of state agencies, organizations and the population about incidents of a computer security and timely response to them.
The service issues the recommendations about response to events and incidents of cybersecurity to state bodies, hosting providers, users and owners of resources of the Internet, we conduct selective instrumental examination of Internet resources. Notifies the population concerning different risks and threats. Response to computer incidents is carried out by means of the kz-cert.kz Internet resource, accounts in social networks and through round-the-clock "hot line" of 1400.
Besides, the Service holds seminars for state bodies concerning protection against cyberthreats, explaining bases of the organization of data protection, participates in conferences and forums, holds meetings with private companies.
Within exclusive activity of RGP "GTS" according to Subparagraph 4 of point 1 of Article 14 of the law "About Informatization", KZ-CERT performs monitoring of Internet resources of state bodies for the purpose of their safe use and response to incidents of information security.
KZ-CERT carries out monitoring of Internet resources of state agencies for the purpose of timely warning and detection of incidents of cybersecurity and also performs collection of information about incidents in the Kazakhstan domain zone from open sources and from the profile organizations (for example, from foreign CERT and cybersecurity laboratories) for the purpose of warning of threats of cybersecurity of owners and users of Internet resources.
As of 2016 KZ-CERT sent more than 31 thousand letters notifications on cybersecurity incidents (since 2011) to owners and providers of Internet resources of other countries and foreign services CERT.
KZ-CERT, within the competence, renders assistance in different prevention of incidents. These are attacks on nodes of network infrastructure and server resources for the purpose of violation of their working capacity (DoS, DdoS, scanning, etc.), distribution of the malicious software, cracking of information systems and resources, including with implementation of malware, a diface, a phishing, botnets and other violations.
KZ-CERT acts as the contact party on interaction with the foreign organizations for response to computer incidents. For development of external relations in computer incidents active correspondence is conducted, meetings are held, Memoranda of understanding and cooperation and also the Confidentiality agreements providing exchange of available information on computer incidents are signed.
History
2020
The memorandum after mutual understanding on cyber security with APCERT
RGP "Public Technical Service" is signed "The memorandum of understanding on cyber security" with the Asia-Pacific rapid response team on computer incidents (APCERT) which became already the 30th in a moneybox of Service KZ-CERT. It became known on July 1, 2020.
Main objectives of the Memorandum are:
- information exchange about threats of information security;
- joint response to incidents of information security;
- information exchange about distribution of the malicious software;
- exchange of compromise indicators.
The memorandum after mutual understanding on cyber security the Agency of data exchange of Ministry of Justice of Georgia
RGP "Public Technical Service" (Service of response to computer incidents of KZ-CERT) signed in the summer of 2020 "The memorandum of understanding on cyber security" with the Agency of data exchange of the Ministry of Justice of Georgia (Rapid response team on computer incidents), thereby having increased a total quantity of the concluded memorandums up to 29.
Main objectives of the Memorandum are:
- information exchange about threats of information security;
- joint response to incidents of information security;
- information exchange about distribution of the malicious software;
- exchange of compromise indicators.
The agency of data exchange of the Ministry of Justice of Georgia (Data Exchange Agency) was created in 2010. It is responsible for development of the electronic government in the country, provides electronic interaction between state structures, builds network infrastructure for information exchange and develops standards in the field of information and communication technologies. It is possible to learn about activity of the Agency on the CERT.GOV.GE Internet resource in more detail.
Signing of the Memorandum is one more step in providing and increasing the level of security of a cyberspace of the Republic of Kazakhstan and Georgia.
2012: Accession to FIRST (Forum of Incident Response and Security Teams)
In 2012 KZ-CERT entered the international organization of FIRST (Forum of Incident Response and Security Teams) integrating Services CERT worldwide. Then, in 2012, joined the Trusted Introducer for Security and Incident Response Teams (TI) organization, also responses to incidents of CSIRT Assistance Program became a workgroup member on an anti-phishing of APWG and the participant of the program of rendering assistance to Security services. In 2015 KZ-CERT joined alliance of Services of response to computer incidents of member countries of the Organization of Islamic interaction" (OIC-CERT).
You See Also
- FinCERT (FinCERT, FINTSERT)
- CERT-GIB Computer Emergency Response Team - Group-IB
- UZINFOCOM Department CERT-UZ
- Computer group of emergency response of China (CERT)
- CERT NZ
- National center for data protection of a health care system of Norway (HelseCERT)
- Cyber crime in the world
- Cyber crime and cyber conflicts: Russia
- Communication (market of Kazakhstan)
- Communication (market of Kazakhstan)
See Also
- Censorship on the Internet. World experience
- Censorship (control) on the Internet. Experience of China
- Censorship (control) on the Internet. Experience of Russia, Roskomnadzor
- Law on regulation of Runet
- VPN and privacy (anonymity, anonymizers)
- Protection of critical information infrastructure of Russia
- Law On security of critical information infrastructure of the Russian Federation
- National Biometric Platform (NBP)
- Single Biometric System (SBS) of these clients of banks
- Biometric identification (market of Russia)
- Directory of solutions and projects of biometrics
- Digital economy of Russia
- Information security of digital economy of Russia
- SORM (System for Operative Investigative Activities)
- State detection system, warnings and mitigations of consequences of the computer attacks (State system of detection, prevention and elimination of consequences of computer attacks)
- National filtering system of Internet traffic (NASFIT)
- Yastreb-M Statistics of telephone conversations
- How to bypass Internet censorship of the house and at office: 5 easy ways
- The auditor - a control system of blocking of the websites in Russia
- The Single Network of Data Transmission (SNDT) for state agencies (Russian State Network, RSNet)
- Data network of public authorities (SPDOV)
- Single network of telecommunication of the Russian Federation
- Electronic Government of the Russian Federation
- Digital economy of Russia
- Cyber crime in the world
- Requirements of a NIST
- Global index of cyber security
- Cyber wars, Cyber war of Russia and USA
- Cyber crime and cyber conflicts: Russia, FSB, National coordination center for computer incidents (NKTsKI), Information Security Center (ISC) of FSB, Management of K BSTM of the Ministry of Internal Affairs of the Russian Federation, Ministry of Internal Affairs of the Russian Federation, Ministry of Defence of the Russian Federation, National Guard of the Russian Federation
- Cyber crime and cyber conflicts: Ukraine
- Cyber crime and cyber conflicts: USA, CIA, NSA, FBI, US Cybercom, U.S. Department of Defense, NATO, Department of Homeland Security, Cybersecurity and Infrastructure Security Agency (CISA)
- Cyber crime and cyber conflicts: Europe, ENISA
- Cyber crime and cyber conflicts: Israel
- Cyber crime and cyber conflicts: Iran
- Cyber crime and cyber conflicts: China
- As the USA spied on production of chips in the USSR
- Security risks of communication in a mobile network
- Information security in banks
- Digital transformation of the Russian banks
- Overview: IT in banks 2016
- The policy of the Central Bank in the field of data protection (cyber security)
- Losses of the organizations from cyber crime
- Losses of banks from cyber crime
- Trends of development of IT in insurance (cyberinsurance)
- Cyber attacks
- Overview: Security of information systems
- Information security
- Information security (world market)
- Information security (market of Russia)
- The main trends in data protection
- Software for data protection (world market)
- Software for data protection (the market of Russia)
- Pentesting (pentesting)
- Cybersecurity - Means of enciphering
- Cryptography
- VPN - Virtual private networks
- Security incident management: problems and their solutions
- Authentication systems
- Law on personal data No. 152-FZ
- Personal data protection in the European Union and the USA
- Quotations of user data in the market of cybercriminals
- Jackpotting
- Virus racketeer (encoder)
- WannaCry (virus racketeer)
- Petya/ExPetr/GoldenEye (virus racketeer)
- Malware (malware)
- APT - Targeted or target attacks
- DDoS and DeOS
- Attacks on DNS servers
- DoS-attacks on content delivery networks, CDN Content Delivery Network
- How to be protected from DDoS attack. TADetails
- Rootkit
- Fraud Detection System (fraud, fraud, fraud detection system)
- Solutions Antifraud directory and projects
- How to select an antifraud system for bank? TADetails
- Security Information and Event Management (SIEM)
- Directory of SIEM solutions and projects
- Than a SIEM system is useful and how to implement it?
- For what the SIEM system is necessary and as it to implement TADetails
- Intrusion detection and prevention systems
- Reflections of local threats (HIPS)
- Confidential information protection from internal threats (IPC)
- Phishing, DMARC, SMTP
- Trojan
- Botha's botnet
- Backdoor
- Worms Stuxnet Regin
- Flood
- Information loss preventions (DLP)
- Skimming (shimming)
- Spam
- Sound attacks
- Antispam software solutions
- Classical file infectors
- Antiviruses
- Cybersecurity: means of protecting
- Backup system
- Backup system (technologies)
- Backup system (security)
- Firewalls
Notes
- ↑ [https://digital.report/kz-cert-posrednik-v-obespechenii-kiberbezopasnosti-kazneta/ of KZ-CERT – the intermediary in ensuring cyber security Kazneta
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |