02 February 2010
The Asia Pacific Computer Emergency Response Team (APCERT) completed
its annual drill to test the response capability of leading Computer
Security Incident Response Teams (CSIRTs) from Asia Pacific economies
recently (28 January).
The theme of the drill was Fighting Cyber Crimes with Financial
Incentives. The objective of the drill is for participating teams to
exercise incident response handling arrangements, locally and
internationally, to mitigate the impact of ongoing internet based
attacks and to enable better coordination of teams in the region in
tackling cyber incidents.
In this year's scenarios, financial web sites handling online
transactions, including e-banking, e-auction and stock trading were
under different kinds of attack by cyber criminals, with an aim to
paralyse online business activities, to compromise user credentials and
to transfer money to fuel the underground economy.
Criminals are capitalising on the popularity of online business, which
has become a profitable revenue stream for the underground economy.
Criminals use professionally developed botnets (networks of zombie
computers) to obtain login credentials, to host phishing sites and to
launch distributed denial of service (DDoS) attacks. Victim computers
may be compromised and become part of a botnet when users browse
web-sites infected by malware.
Sixteen teams from 14 economies (Australia, Brunei, China, Chinese
Taipei, Hong Kong, India, Indonesia, Japan, Korea, Malaysia, Singapore,
Sri Lanka, Thailand, and Vietnam) participated in the drill. They
responded to simulated incidents and shared information to detect,
analyse the malware. They also took action to shut down or block systems
hosting phishing sites or involved in DDoS attacks across the region.
"This is the sixth drill organised by APCERT members," said Roy Ko,
Chair of APCERT. "The drill is important because cyber attacks are
borderless. It is vital for every Computer Security Incident Response
Team (CSIRT) to share information and experience on cross-border
incident handling, to refine and test the points of contacts and
procedures, and to respond to active internet attacks in progress. The
capability to organise an annual drill verifies our competence to
protect our own cyber security and the security of our neighbours".
BKIS (Vietnam) and SLCERT (Sri Lanka) were the key contributors to the
scenarios and artefact design.
"It is encouraging that more teams participated in the drill this year,
with many other teams and organisations joining in as observers to learn
from this exercise," added Ko.
APCERT was established by leading national CSIRTs from the economies of
the Asia Pacific region, to improve cooperation, response and
information sharing among CSIRTs in the region. APCERT consists of 23
CSIRTs from 16 economies.
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News