ASEAN

Welcome to the CyberGreen-ASEAN Mitigation Resource Portal

CyberGreen measures the presence of risk conditions to the Internet, and generates a Cyber Ecosystem health state index by country and AS (Anonymous System).

This Cyber Mitigation Resource Portal has been developed by CyberGreen with support and sponsorship from the Cyber Security Agency (CSA) of Singapore. It aims to provide ASEAN Member States with a regional view on the cyber health state and the necessary resources needed to enhance our remediation efforts collectively. In light of its commitment to a healthier Cyber Ecosystem, CyberGreen will collaborate with Singapore as its focal point for the ASEAN region.

What is CyberGreen?

CyberGreen is a global initiative focused on helping to improve the health of the global Cyber Ecosystem. CyberGreen will achieve this by providing reliable metrics, measurements, and mitigation best practices to a variety of stakeholders.

Using its measurement of risk conditions posed to the global Internet, CyberGreen formulates an index that can be presented in three views:

  1. ASEAN Regional View
  2. Country-Level View
  3. Anonymous System (AS) View

ASEAN Regional View

The ASEAN regional view provides a snapshot of remediation achievements and progress collectively.

Country-Level View

The country-level view provides the count of vulnerable devices for the four risk indicators within each country.

Example: Singapore country-level view

The country-level views for each ASEAN state can be accessed here:


Brunei

Cambodia

Indonesia

Laos PDR

Malaysia

Myanmar

Philippines

Singapore

Thailand

Viet Nam


Autonomous System (AS) View

The anonymous system (AS) view provides the count of vulnerable devices for the four risk indicators by country’s AS. Through this view, stakeholders are able to see the trendline which shows the level of improvement over time for a given AS. This gives policymakers the visibility they need to make informed decisions.

Example: Singapore AS view

What We Measure

CyberGreen develops and applies statistical methods to data, allowing for measurement of key indicators of risk conditions. Using state-of-the-art metrics-based measurement and visualization, CyberGreen produces an Index score for five risk indicators using its own Internet scan data. The five risk indicators are open DNS, open NTP, open SSDP, open SNMP and open CHARGEN protocols.

Risk Indicators

Open DNS: The Domain Name System (DNS) is pervasive. For enterprises, it is their digital identity as well as a critical component of their security architecture. Since DNS runs on the UDP protocol, it can be used for amplification attacks. Read more »

Open NTP: Computers and network devices have a perversely strong need to have good agreement about what constitutes the current time. Most computers stay synchronized using Network Time Protocol (NTP). Just like DNS, NTP is a UDP-based service, and shares the same weaknesses that DNS does. Read more »

Open SSDPThe Simple Service Discovery Protocol (SSDP) is used for advertisement and discovery of network services and presence information. It is often enabled in customer end devices (CPEs) such as modems. Since SSDP runs over UDP, it can be used for UDP reflection attacks. Read more »

Open SNMP: Simple Network Management Protocol (SNMP) is an Internet-standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks and more. It runs on the UDP protocol and can be abused for UDP based amplification attacks. Read more »

Open CHARGEN: Character Generator Protocol (CHARGEN) is a service of the Internet Protocol Suite defined in RFC 864 in 1983 by Jon Postel. It is intended for testing, debugging, and measurement purposes. The protocol is rarely used, as its design flaws allow ready misuse. Read more »

Mitigation Campaign Steps

Once CyberGreen has identified the presence of those risk conditions within a country, it requires coordination with national CSIRTs or other equivalent organizations to begin the process of mitigation. Read more »

Capacity Building Materials

Download CyberGreen’s mitigation best current practices for four risk conditions that are present in the Cyber Ecosystem.

Open SSDP
Download Open SSDP
CyberGreen Open NTP Mitigation
Download Open NTP
CyberGreen OpenDNS Mitigation
Download Open DNS
CyberGreen Bot Infection Mitigation
Download Bot Infection

Contact

For more information on how you can get involved with risk mitigation, or any other general inquiries, please contact us using the form below.

Name
Email
Message

ASEAN Mitigation Resource Portal made possible by:

CSA-logo Shadowserver