APAC countries come together to reflect on real-life cyber security incidents.
The Asia Pacific Computer Emergency Response Team has successfully completed its annual drill to test the response capability of leading Computer Security Incident Response Teams (CSIRT) within the Asia Pacific economies.
The theme of this year’s APCERT Drill is “Supply Chain Attack Through Spear-Phishing – Beware of Working from Home -.” This exercise reflects real incidents and issues that exist on the Internet. The participants handled a case of a supply chain attack triggered by spear phishing.
This drill included the need for the teams to interact locally and internationally, with CSIRTs/CERTs and targeted organizations, for coordinated suspension of malicious infrastructure, analysis of malicious code, as well as notification and assistance to affected entities.
This incident response exercise, which was coordinated across many economies, reflects the collaboration amongst the economies in mitigating cyber threats and validates the enhanced communication protocols, technical capabilities, and quality of incident responses that APCERT fosters in assuring Internet security and safety. 25 CSIRTs from 19 economies of APCERT (Australia, Bhutan, Brunei Darussalam, People’s Republic of China, Chinese Taipei, Hong Kong, India, Indonesia, Japan, Korea, Lao People’s Democratic Republic, Malaysia, Myanmar, Philippines, Singapore, Sri Lanka, Thailand, Tonga, and Vietnam) participated in the drill. From the external parties, CSIRTs from 2 economies (Kazakhstan and Tunisia) of OIC-CERT and AfricaCERT participated.
The APCERT Drill will test the region’s cyber security posture and strengthen its collective ability to respond and communicate during a major cyber incident. This year’s APCERT Drill will focus on countering spear-phishing in critical infrastructure companies in a working from home context.
As the COVID-19 pandemic has necessitated companies facilitate remote working, the ACSC observed an increase in malicious cyber actors compromising poorly secured remote access solutions. Compromised accounts can be used to target individuals to maximise the spread of ransomware or gain access to sensitive information, such as intellectual property.
Head of the ACSC, Abigail Bradshaw, said working closely with international partners to raise the region’s cyber defenses is vital to Australia’s overall cyber strategy.
“Activities like APCERT Drill are an opportunity for Australia to collaborate with international partners to help secure cyberspace through cooperation, trust and genuine information sharing,” Bradshaw said.
“As the region’s dependency on cyberspace grows, protecting critical infrastructure and networks is increasingly important to regional security.”
APCERT is the region’s largest cyber security community, made up of 32 cyber security emergency response teams from across the Indo-Pacific. The ACSC holds key positions as a member of the Steering Committee and a number of Working Groups, reinforcing Australia’s leading role in promoting cyber security in the region.