The Asia Pacific Computer Emergency Response Team (APCERT) completed its third annual test drill last month with the Australian Computer Emergency Response Team (AusCERT) acting as chair of the event and working group.
Around 15 computer security incident response teams (CSIRT) from China, Brunei, India, Japan, Korea, Malaysia, Singapore, Thailand, Taipei, Hong Kong and Vietnam participated in the war game held on December 19, with the objective of testing existing incident response locally and internationally to Internet-based attacks.
The scenario involved a situation where Web sites were infecting computers with malicious code to create a global DDoS (distributed denial-of-service) attack directed at e-commerce sites. Participants were required to share information regarding incidents, and detect or shut down systems hosting malware or launching DDoS attacks. In some countries major Internet Service Providers (ISPs) and law enforcement agencies were involved in the drill.
Graham Ingram, chair of APCERT and director of AusCERT, said the drill is designed to review and improve procedures.
"The drill is important for us to have a chance to share the common experience on cross-border incident handling and helps us refine and test the points of contacts and procedures we have established to share and respond to active Internet attacks in progress," Ingram said.
"The reality is that APCERT members are already very active in helping each other respond to Internet attacks within our respective economies, hence drills like this help us improve our procedures and ensure that we are prepared to help each other as best we can."
Husin Jazri, director of the Malaysia Cyber Security Agency (MCSA) said the drill reinforces collaboration among participating countries.
"The exercise illustrates the criticality in having immediate access to an effective contact point beyond physical borders across time domains," Jazri said.
"Infrastructure attacks can be mitigated given the speed and competency in dissecting and analyzing evidence and informed decisions can be made in a short time period."
The Korea Information Security Agency developed the drill scenario and initiated the drill. Mr Woo-Han Kim, head of the Korea Information Security Agency (krCERT/CC) said it was designed for international cert collaboration.
"The drill is basically intended as a cross-border incident handling scheme," Mr Woo-Han Kim said.
"The practical handling needs close cooperation, seamless communication and effective decision making between CSIRTs and ISPs in each economy."
- +
Ticked Off at Tick the Box Mentality 04/02/2008 13:01:15
Does your executive search firm know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients?Does your executive search firm know its MIS managers from its elbow? Does it even know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients?
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Know thy self: Reduce costs, secure data and ensure compliance with identity management
Solve Exchange Mailbox Storage Issues Once and for All
Achieving the impossible: Unlimited application scalability
Wireless LANs: Is my enterprise at risk?
Mimosa™ NearPoint™ for Microsoft® Exchange Server: Email Archiving 101
Refresh your AUP: Top tips to ensure your acceptable use policy is fit for purpose
Discover the advantages of an open architecture multi-vendor network solution
CRM your salespeople will love
Zones provide focussed content from Computerworld and leading technology partners.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Vignette Announces 2008 Excellence Awards 2008-11-21 10:50:00+11
PGP and Ponemon Institute Unveil Inaugural Australian Data Breach Study 2008 2008-11-20 17:34:00+11
Symantec Cloud Services Transform Data Centre Operations Through Proactive Management 2008-11-20 12:06:00+11
Verizon Business Offers Tips to Building a Successful Unified Communications and Collaboration Plan 2008-11-20 12:04:00+11
AARNet Brings 4K Digital Cinema to Australia: First 4K HD Video Signal delivered into Australia by AARNet 2008-11-20 12:02:00+11
Email Archiving Implementation: Five Costly Mistakes to Avoid
Email Archiving is essential for managing email data, but is potentially expensive to implement. Read on to discover the five key areas where email archiving costs can be contained, including data capture methods and default configuration methods.
Buying Guides
