[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ISN] Security teams wrap up anti-cyber attack drill
By Manjula FERNANDO
19 February 2012
The leading computer security response teams in Sri Lanka completed a
drill to test response capability of their systems last week in a joint
cross-border action organised by the Asia Pacific Computer Emergency
Response Team (APCERT) headquartered in Japan.
Titled "Advance Persistent Threats and Global Coordination", the drill
this year was attended by 24 response teams in 19 Asia Pacific
countries, which was conducted for five hours from 8.00 a.m. to 1.00
"We simulated a real life attack on the Internet. During the drill,
their communication, analytical and problem-solving skills were
evaluated," Manager, Product Development, Janantha Marasinghe of
TechCERT, the network which acted as the head of organising committee
and the exercise control in the drill told the Sunday Observer .
The drill created a virtual world with a defence contractor as the
target of the cyber attack.
One of the employees of this establishment, which deals with highly
classified and sensitive data, receives a physhing e-mail (a mail that
can steal important data in your computer). It was not detected until
the company receives an anonymous call later that day saying their data
has been published in a website.
The task was to identify and neutralize the threat.
The objective of the drill was to exercise incident response handling
arrangements locally and internationally to mitigate the impact of
Advance Persistent Threats (APT). APT involve large scale 'malicious
software' propagation and attacks capable of impairing the critical
infrastructure and economic activities (Banks).
"The APT advanced persistent threat is like a 'kottu' of several
different attacks. It can be a combination of physhing, cross site
scripting, etc, etc," Marasinghe said.
Last year there has been several major APT attacks on the Internet
crippling major establishments.
These were in the EU, the US and China, etc. Sri Lanka has not
experienced such attacks so far but remains vulnerable.
Both SLCERT and TechCERT the two cyber security response teams in Sri
Lanka participated in the drill.
APCERT is a contact network of computer security networks in the Asia
Pacific and is chaired by Japan computer emergency response team.
Marasinghe said they plan to do domestic drills like this every year
with banks and other vulnerable establishments.
"We felt the Sri Lankan teams were taking more time on the analytical
stuff. This is an area that needs to be improved but on the whole Sri
Lanka's preparedness was comparatively good."
The countries took part in the drill were Australia, Bangladesh,
People's Republic of China, Chinese Taipei, Hong Kong, India, Indonesia,
Japan, Korea, Macao, Malaysia, Myanmar, Singapore, Sri Lanka, Thailand
and Vietnam, Tunisia, Egypt and Pakistan.
TechCERT, a division of LK domain registry was appointed as the head of
cyber security drill organising committee. It was tasked with scenario
development, drill preparation co-ordination and 'artifact' development.
Learn how to be a Pen Tester or a CISSP with Expanding Security online. Get
a free class invitation and see how good and fun the program really is.