ASEAN

Welcome to the CyberGreen-ASEAN Mitigation Resource Portal

CyberGreen measures the presence of risk conditions to the Internet, and generates a Cyber Ecosystem health state index by country and AS (Anonymous System).

This Cyber Mitigation Resource Portal has been developed by CyberGreen with support and sponsorship from the Cyber Security Agency (CSA) of Singapore. It aims to provide ASEAN Member States with a regional view on the cyber health state and the necessary resources needed to enhance our remediation efforts collectively. In light of its commitment to a healthier Cyber Ecosystem, CyberGreen will collaborate with Singapore as its focal point for the ASEAN region.

What is CyberGreen?

CyberGreen is a global initiative focused on helping to improve the health of the global Cyber Ecosystem. CyberGreen will achieve this by providing reliable metrics, measurements, and mitigation best practices to a variety of stakeholders.

Using its measurement of risk conditions posed to the global Internet, CyberGreen formulates an index that can be presented in three views:

  1. ASEAN Regional View
  2. Country-Level View
  3. Anonymous System (AS) View

ASEAN Regional View

The ASEAN regional view provides a snapshot of remediation achievements and progress collectively.

Country-Level View

The country-level view provides the count of vulnerable devices for the four risk indicators within each country.

Example: Singapore country-level view

The country-level views for each ASEAN state can be accessed here:


Autonomous System (AS) View

The anonymous system (AS) view provides the count of vulnerable devices for the four risk indicators by country’s AS. Through this view, stakeholders are able to see the trendline which shows the level of improvement over time for a given AS. This gives policymakers the visibility they need to make informed decisions.

Example: Singapore AS view

What We Measure

CyberGreen develops and applies statistical methods to data, allowing for measurement of key indicators of risk conditions. Using state-of-the-art metrics-based measurement and visualization, CyberGreen produces an Index score for four risk indicators using 1 TB of validated data collected from multiple sources. The four risk indicators are Open DNS, Open NTP, Open SSDP, and Open SNMP. CyberGreen will add Spam to its list of risk indicators in the coming months.

Risk Indicators

Open DNS: The Domain Name System (DNS) is pervasive. For enterprises, it is their digital identity as well as a critical component of their security architecture. Since DNS runs on the UDP protocol, it can be used for amplification attacks. Read more »

Open NTP: Computers and network devices have a perversely strong need to have good agreement about what constitutes the current time. Most computers stay synchronized using Network Time Protocol (NTP). Just like DNS, NTP is a UDP-based service, and shares the same weaknesses that DNS does. Read more »

Open SSDPThe Simple Service Discovery Protocol (SSDP) is used for advertisement and discovery of network services and presence information. It is often enabled in customer end devices (CPEs) such as modems. Since SSDP runs over UDP, it can be used for UDP reflection attacks. Read more »

Open SNMP: Simple Network Management Protocol (SNMP) is an Internet-standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks and more. It runs on the UDP protocol and can be abused for UDP based amplification attacks.

Spam: [to be included as a risk indicator soon] Spam is roughly equivalent to unsolicited telephone marketing calls, except that the user pays for part of the message since everyone shares the cost of maintaining the Internet. Spammers typically send a piece of e-mail to a distribution list in the millions, expecting that only a tiny number of readers will respond to their offer. Read more »

Mitigation Campaign Steps

Once CyberGreen has identified the presence of those risk conditions within a country, it requires coordination with national CSIRTs or other equivalent organizations to begin the process of mitigation. Read more »

Capacity Building Materials

Download CyberGreen’s mitigation best current practices for three risk conditions that are present in the Cyber Ecosystem.

Contact

For more information on how you can get involved with risk mitigation, or any other general inquiries, please contact us using the form below.

Name
Email
Message

ASEAN Mitigation Resource Portal made possible by:

CSA-logo Shadowserver