Introduction

Computer Emergency Response Team KKLW ( CERT KKLW ) was formed in October 1997 and has been communicated to all KKLW agencies.

Objective

  1. In line with the General Circular No 4 Year 2006 : Information Technology and Communication (ICT) Security Incident Operational Management of Public Sector
  2. To upgrade Departmental Head responsibility towards ICT Security incident in KKLW
  3. To develop specialist and human capital in security incident operational
  4. To tighten IT security incident operational through CERT as thefirst level Support

Function

  1. Director
    1. To upgrade Departmental Head towards the ICT Security incident in KKLW
    2. To develop specialist and human capital in security incident operational
  2. CERT KKLW Manager
    1. To determine level and type of incident
    2. To prepare a complete incident report
    3. To inform traceable incident from PRISMA and external sources
    4. To give incident information to GCERT MAMPU
    5. To accept GCERT MAMPU , if necessary
    6. To run ICT security standard evaluation and recovery action
    7. To manage overall ICT KKLW security programme
  3. CERT KKLW Members
    1. To receive and detect incident through PRISMA and external sources
    2. To conduct research/investigation on the incident
    3. To report incident to ICTSO/CIO

Types of ICT Security Incident

  1. Violation of Policy
    1. ICT asset usage for the purpose of information leakages and/or to access information which violated the ICT Security Policy
  2. Denial of Services
    1. Threat towards the computer system security whereby information processing services are deliberately denied towards the system users. It includes any actions that retract system from normal functioning. Including in the denial of services (DoS), distributed denial of services (DdoS) and sabotage.
  3. Intrusion
    1. To use and modify hardware, software features or any system component without knowledge, instruction or agreement of any parties. It includes unauthorized access
  4. Forgery
    1. Forgery or identity impersonation which occurs a lot by sending message through e mail including unlawful and identity theft, information theft/espionage and hoaxes.
  5. Spam
    1. Spams are email sent to the other email by unidentified sender at one time and con-currently (the same email content). This will cause traffic and it will slow down the network.
  6. Malicious code
    1. Hardware or software which was included in the system without permission for intrusion. It involve virus, Trojan, worm, spyware attack and others.
  7. Harrassement / Threats
    1. Harassment and Threat through various actions which is email and letter with personnel motive.
  8. Attemps / Hack Threats / Information Gathering
    1. Attempt (whether fail or succeed) to access system or data without permission. Including spoofing, phishing, probing, and war driving and scanning.
    2. Physical Loss
    3. Loss in access and usage due to damage, theft and fire on the ICT asset.

Roles of ICT KKLW Users

  1. Do not publish that leads to public attraction to hack your website/system.
  2. Report problems to the CERT KKLW, email to cert@rurallink.gov.my using forms provided by downloaded from KKLW portal
  3. To inform problems to the KKLW information Management Division
  4. To keep OS system log and application
  5. After the incident do not change any items in the incident for investigation purposes.

Reporting Method of ICT Incident

Please click here to download file.

New Trend of ICT Incident

  1. Loss of PDA, Laptop and Mobile Hardware
    • Most of private/personal information stored in the mobile hardware.
  2. Social Engineering
    • Information leakages due to human (example : chatting)
  3. Typo Squating
    • Error in typing the URL address will cause the users to the forged website (examples: city.com with citybay.com)

ICT Security Policy

Please click here to download file.

Circular/Guidelines/Order Letter/Act

    1. Public Administration Development Circular No 1 Year 2003
      Guidelines On Internet Usage & Electronic Mail Procedure In Government Agencies
    2. General Circular No 4 Year 2006
      Information Technology Security Incident Operational Management (ICT) Public Sector
    3. General Circular No 6 Year 2005
      Information Security Risk Assessment Guidelines Public Sector
  1. The Malaysian Public Sector Information Security High Level Risk Assessment (HiLRA) Guide
  2. MyMIS – Malaysian Public Sector Management Of ICT Security Handbook
  3. The Malaysian Public Sector Information Security Risk Assessment Methodology (MyRAM)

 

 

    1. General Circular No 2 Year 2006
      Administration Reinforcement It Committee And Government Internet
    2. General Circular No 1 Year 2001
      Information Technology And Communication (ICT) Security Incident Report Mechanism
    3. General Circular No 3 Year 2000
      Government Information Technology And Communication Basic Principles Security
    4. Secretary General Directive Orders (31st January 2007)
      Security Defense Procedures For Handphone Restriction Or Others ICT Communication Hardware Without Permission Or Legal Authority In Government Agencies.
    5. Secretary General Directive Orders (20th October 2006)
      Procedures To Security Tighten On Firm Wireless Local Area Network In Government Agencies.
    6. Secretary General Directive Orders (20th August 2004)
      Directive Orders Labour Health And Security Act 1994 And Orders Implementation, Rules, Procedures And Law Allocations Related To Security Protection In Government Agencies.
    7. Information Technology And Government Activities Electronic Act Orders (680 Act)
      1. Electronic Government Activity Act 2007 (680 Act)
      2. Information Technology Instructions
      3. Electronic Government Activity Act (EGAA) By Advisory Division, Attorney General Department Slide

 

  1. Mampu Director Head Directive Order
    1. Blog Implementation Guidelines For Public Sector Agency
    2. Transition Guidelines for Internet Protocol Version 6 (IPv6) Public Sector
    3. Procedure On Electronic Mail Usage In Government Agencies
    4. Procedure In Electronic Mail System Implementation Establishment In Government Agencies
    5. Server Log Files Activation for the ICT Security Incident Handling Management Purposes in Government Agencies
    6. Use of Social Networking Media in the Public Sector
    7. Use of Smartphones, Personal Digital Assistants and Mobile Communication Tools as Additional Communication Channels
    8. Agency Service Continuity Management in the Public Sector