APCERT Conducts Drill to Safeguard Critical Infrastructural Facilities
20 Incident response teams from 15 Asia Pacific countries participated in the Drill
In the recent times, government departments, intelligence services, counter-crime agencies, military networks, energy and oil companies, stock exchanges, banks, financial institutions and universities among others have suffered cyber-attacks. Power grids, transportation systems, telecommunication networks and nuclear facilities face constant threat of cyber-attacks. Cyber-attacks on critical infrastructure facilities may halt operations, disrupt public services and may also lead to loss of life. Therefore, incident response teams must be well-equipped to deal with any cyber-attacks on critical installations.
APCERT focuses on improving regional and international cooperation on cyber security, evolving new methods to combat security incidents, provide a forum to share information on information security, latest viruses and malware and assisting teams in the region to improve computer emergency responses.
Experts created a scenario wherein, attacks were launched on critical infrastructure facilities of an imaginary economy. Attacks were in the form of spam e-mails to employees, short message service (SMS) containing malicious links leading to malware hosting websites. When unwary employees click on the malicious link, malware gets installed on the computers. The malware is designed to be part of a botnet, which establishes connection with a remote command and control server through Internet Relay Chat (IRC) and social networking channels. The bots probe, intrude and cause breakdown of critical infrastructural facilities. Cyber security awareness education may help the employees in understanding threats and encourage secure computing and Internet practices.According to APCERT, the participating teams responded to the attacks and shared information for identifying and analyzing malware, tracing and shutting down botnet hosting systems. The participating teams also shared information on procedures to communicate information on security threats to critical infrastructural facilities and the public at large.
Proper coordination and collaboration between incident response teams of different countries could facilitate in tracing the attack trail and initiating proper responses. Response teams can share information and gain insights on the response procedures pursued by teams from other countries. The teams may also assist each other in improving response procedures through online training programs, webinars, workshops and seminars and strengthen the defenses against cyber-attacks.
Cyber-attacks on critical infrastructure facilities may have adverse implications on the economy at large. Together with the incident response mechanisms, countries must also focus on improving the cyber security awareness among the citizens. Educational institutions must include cyber security fundamentals at an early level in the school curriculum. Enlightened citizens would help in improving the IT security culture and improve the IT security scenario.
EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.
EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted security conferences.
Tag Words: security introduction, botnet, internet relay chat, asia pacific, response team, cyber security, critical infrastructure, apcert, security