APCERT embarks on global coordination to mitigate denial of service attacks

The Asia Pacific Computer Emergency Response Team (APCERT) successfully completed recently (on 29 January) its annual cyber security drill to test the response capability of leading Computer Security Incident Response Teams (CSIRT) from the Asia Pacific economies.

For the second time, APCERT included the participation of members from the Organization of the Islamic Cooperation – Computer Emergency Response Team (OIC-CERT) in this annual drill, following a Memorandum of Understanding on a collaboration signed in September 2011.

The theme of the APCERT Drill 2013 was ‘Countering Large Scale Denial of Service Attacks’. The exercise reflected real incidents and problems that exist on the Internet. The teams were tested, not only to go beyond identifying a large denial of device attack on various companies and governments as a symptom of the problem, but also to analyse the root causes and to remove malicious elements from the Internet, in the minimum amount of time.

During the exercise, the participating teams activated and tested their incident response handling arrangements, locally and internationally, in order to mitigate the impact of Denial of Service (DoS) attacks that involved large scale propagation of malicious software acting to impair critical infrastructure and economic activities.

This incident response exercise, which was coordinated across many economies, reflects the strong collaboration amongst the economies and validates the enhanced communication protocols, technical capabilities and quality of incident responses that APCERT fosters in assuring Internet security and safety.

22 CSIRT teams from 18 economies (Australia, Bangladesh, Brunei Darussalam, People’s Republic of China, Chinese Taipei, Hong Kong, India, Indonesia, Japan, Korea, Macao, Malaysia, Myanmar, New Zealand, Singapore, Sri Lanka, Thailand and Vietnam) of the APCERT and four CSIRT teams from four economies (Egypt, Pakistan, Oman and Tunisia ) of the OIC-CERT, participated in the drill.

Sri Lanka CERT|CC participated in this annual cyber security drill for the sixth consecutive year and continues to collaborate with its Asian counterparts to prevent and combat cyber crime. Sri Lanka CERT|CC also plays an active role at APCERT and serves on several working groups in addition to serving on the main organising committee for the annual general meeting, which will be held in March 2013 in Brisbane, Australia.

APCERT was established by leading and national Computer Security Incident Response Teams (CSIRTs) from the economies of the Asia Pacific region to improve cooperation, response and information sharing among CSIRTs in the region. APCERT consists of 30 CSIRTs from 20 economies. Further information about APCERT can be found at www.apcert.org.

OIC-CERT was established in January 2009, to provide a platform for member countries to explore and to develop collaborative initiatives and possible partnerships in matters pertaining to cyber security that shall strengthen their self reliant in the cyberspace. OIC-CERT consists of 26 CERTs, cyber security related agencies and professional from 18 economies. Further information about OIC-CERT can be found at: www.oic-cert.net.

Formed in 2006, the Sri Lanka Computer Emergency Readiness Team | Coordinating Centre (Sri Lanka CERT|CC), a fully owned subsidiary of the ICT Agency of Sri Lanka (ICTA), is a Government entity mandated with the protection of information and information systems within the State sector, while extending its services to the private sector and general public.

Its services range from responding to and investigating information security breaches, to preventing security breaches by way of awareness creation, security assessments and security capability building. It is a full member and the national point of contact for both the Asia Pacific Computer Emergency Response Team (APCERT) and the Forum of Incident Response Security Teams (FIRST), which are regional and global associations, respectively, formed to coordinate security efforts between nations. Learn more at www.cert.gov.lk.