//Blogs - 13 Mar 2020
AusCERT and the APCERT CYBER DRILL 2020
“BANKER DOUBLES DOWN ON MINING”
This year, AusCERT took on a more proactive approach in the Asia Pacific region by taking on the lead role in coordinating this annual drill. As the lead, AusCERT created the scenario and orchestrated the creation of “the inject” – which are the prompts sent to all involved teams.
Of course, it goes without saying that the drill was not entirely AusCERT's contribution.
Contribution, either be it via infrastructure through ticketing systems; or communication as well as artefact creations came from various other national computer emergency response teams around the Asia Pacific.
AusCERT had the opportunity to lead these teams and coordinated the various resources to ensure that APCERT/CSIRT, as well as all invited partners and guest CERTs/CSIRTs spanning across the globe, through this cyber security drill are ready to cooperate in handling incidents as they come.
11 March 2020
The Asia Pacific Computer Emergency Response Team (APCERT) today has successfully completed its annual drill to test the response capability of leading Computer Security Incident Response Teams (CSIRT) within the Asia Pacific economies.
The theme of this year’s APCERT Drill is “Banker doubles down on Miner”. This exercise reflects real incidents and issues that exist on the Internet. The participants handled a case of a local business affected by malware infection which is triggered by data breach.
Throughout the exercise, the participating teams activated and tested their incident handling arrangements. This drill included the need for the teams to interact locally and internationally, with CSIRTs/CERTs and targeted organizations, for coordinated suspension of malicious infrastructure, analysis of malicious code, as well as notification and assistance to affected entities. This incident response exercise, which was coordinated across many economies, reflects the collaboration amongst the economies in mitigating cyber threats and validates the enhanced communication protocols, technical capabilities and quality of incident responses that APCERT fosters in assuring Internet security and safety.
25 CSIRTs from 19 economies of APCERT (Australia, Bangladesh, Brunei Darussalam, People's Republic of China, Chinese Taipei, Hong Kong, India, Indonesia, Japan, Korea, Lao People's Democratic Republic, Macau, Malaysia, Myanmar, New Zealand, Singapore, Sri Lanka, Thailand, and Vietnam) participated in the drill. From the external parties, CSIRTs from 7 economies (Benin, Egypt, Jordan, Morocco, Nigeria, Pakistan and Tunisia) of OIC-CERT and AfricaCERT participated.
APCERT was established by leading and national Computer Security Incident Response Teams (CSIRTs) from the economies of the Asia Pacific region to improve cooperation, response and information sharing among CSIRTs in the region. APCERT Operational Members consist of 30 CSIRTs from 21 economies. Further information about APCERT can be found at: www.apcert.org/.
~ End ~