AAPPCCEERRTT AAnnnnuuaall RReeppoorrtt 22001111 APCERT Secretariat E-mail: apcert-sec@apcert.org URL: http://www.apcert.org 1 CONTENTS CONTENTS ........................................................................................................................... 2 Chair’s Message 2011 ............................................................................................................ 4 I. About APCERT ................................................................................................................... 6 II. APCERT Activity Report 2011 ....................................................................................... 12 1. International Activities and Engagements 12 2. Approval of New General Members / Full Members 15 3. APCERT SC Meetings 15 4. APCERT Survey 2011 15 III. Activity Reports from APCERT Members ................................................................... 17 Full Members 17 1. AusCERT Activity Report 17 2. BKIS Activity Report 22 3. BruCERT Activity Report 27 4. CERT-In Activity Report 32 5. CNCERT/CC Activity Report 42 6. HKCERT Activity Report 52 7. ID-CERT Activity Report 59 8. Id-SIRTII/CC Activity Report 66 9. JPCERT/CC Activity Report 72 10. KrCERT/CC Activity Report 81 11. MyCERT Activity Report 86 12. SingCERT Activity Report 96 13. Sri Lanka CERT/CC Activity Report 99 14. ThaiCERT Activity Report 111 15. TWCERT/CC Activity Report 118 16. TWNCERT Activity Report 130 17. VNCERT Activity Report 137 2 General Members 143 18. BDCERT Activity Report 143 19. CERT Australia Activity Report 148 20. mmCERT Activity Report 154 21. MOCERT Activity Report 160 22. MonCIRT Activity Report 170 23. TechCERT Activity Report 187 3 Chair’s Message 2011 After 9 years of successful collaboration and activities, APCERT updated its vision at the last Annual General Meeting in March 2011. Our new vision is “APCERT will work to help create a Safe, Clean and Reliable Cyber Space in the Asia Pacific Region through global collaboration.” Each member CSIRT serves its own constituency for security incident response and information infrastructure protection and APCERT members support each other to achieve that mission through membership in APCERT and participation in its forums and activities. APCERT also increasingly serves as a regional collaboration forum for members to work together and collaborate globally to improve the health and security of our shared common environment – the Internet. We must begin to implement strategies and approaches that work to improve the Internet ecosystem and its health in addition to protecting against and reacting to specific threats and incidents. The APCERT members realize the need to jointly work and that global efforts are required to solve common cyber security challenges. We plan to contribute to making the Internet ecosystem cleaner and healthier as a basis for improved cyber security in the Asia Pacific as a mutual gain for all in the long-term. As a step, we participated global dialogues to discuss clean-up norms, signed MOU with Organization of Islamic Cooperation in September, kept closed engagement with other regional CERT frameworks, and AP regional policy frameworks and operation groups. This year, our activities also focused on improving APCERT as a collaboration forum. After 9 years since its formation, we know we face new threats, CERTs and other key stake holders relationships are evolving as security operations community acts globally and regionally, and therefore collaboration with these and other key stakeholders becomes ever more critical for our situation awareness and effective incident response. Hence, members worked through the Working Group to discuss new membership structure, new mechanism to energize the information sharing and collaboration among members and also with global/regional security operations and experts. Steering committee and Working Group conveners have conducted the membership survey, prioritized the problem areas and developed the next steps for 4 improvement. APCERT will lead and move forward. We have built trust and strong collaboration with each other. Now we must deepen that collaboration and work with others to extend our efforts make cyberspace more safe and secure. I look forward to working with you all and our partners across the globe to make next year our most successful! Yurie Ito, Chair, APCERT Director, Global Coordination Division, JPCERT/CC 5 I. About APCERT 1. Objectives and Scope of Activities APCERT (Asia Pacific Computer Emergency Response Team) is a coalition of the forum of CERTs (Computer Emergency Response Teams) and CSIRTs (Computer Security Incident Response Teams). The organization was established on February 2003 to encourage and support the activities of CERTs/CSIRTs in the Asia Pacific region. APCERT will maintain a trusted contact network of computer security experts in the Asia-pacific region to improve the regions’ awareness and competency in relation to computer security incidents through: 1. enhancing Asia-Pacific regional and international cooperation on information security; 2. jointly developing measures to deal with large-scale or regional network security incidents; 3. facilitating information sharing and technology exchange, including information security, computer virus and malicious code, among its members; 4. promoting collaborative research and development on subjects of interest to its members; 5. assisting other CERTs and CSIRTs in the region to conduct efficient and effective computer emergency response; 6. providing inputs and/or recommendations to help address legal issues related to information security and emergency response across regional boundaries. The formation of CERTs/CSIRTs at the organizational, national and regional levels is essential to the effective and efficient response to computer security incidents, widespread security vulnerabilities and incident coordination throughout the region. One important role of CERTs/CSIRTs is education and training to raise awareness and encourage best practice. APCERT coordinates activities with other regional and global organizations, such as the Forum of incident Response and Security Teams (FIRST) <www.first.org>, and TF-CSIRT, a task force that promotes collaboration between CSIRTs at the European level <www.terena.nl/tech/task-forces/tf-csirt/>. 6 The geographical boundary of APCERT activities are the same as that of APNIC. The region covers the entire Asia-Pacific, comprising of 56 economies. The list of those economies is available at: http://www.apnic.net/about-APNIC/organization/apnics-region At present, APCERT Chair is JPCERT/CC (Japan Computer Emergency Response Team/Coordination Center). Deputy Chair is KrCERT/CC (Korea Internet Security Center). JPCERT/CC (Japan Computer Emergency Response Team/Coordination Center) serves as secretariat. URL: http://www.apcert.org Email: apcert-sec@apcert.org. 2. APCERT Members APCERT was formed in 2003 by 15 teams from 12 economies across the Asia-Pacific region, and has increased its membership since then. In 2010, TechCERT, MonCIRT and CERT Australia have been approved as General Member of APCERT. Also, BruCERT has upgraded its membership to Full Member of APCERT. As of December 2011, APCERT consists of 28 teams from 19 economies across the AP region, of which 19 teams are full members and 9 teams are general members. Full Members Team Official Team Name Economy AusCERT Australian Computer Emergency Response Team Australia Bkis Bach Khoa Internetwork Security Center Vietnam Negara Brunei BruCERT Brunei Computer Emergency Response Team Darussalam People’s Republic of CCERT CERNET Computer Emergency Response Team China 7 CERT-In Indian Computer Emergency Response Team India National Computer network Emergency Response People’s Republic of CNCERT/CC technical Team / Coordination Center of China China Hong Kong Computer Emergency Response Team HKCERT Hong Kong, China Coordination Centre ID-CERT Indonesia Computer Emergency Response Team Indonesia Indonesia Security Incident Response Team of ID-SIRTII Indonesia Internet Infrastructure Japan Computer Emergency Response Team / JPCERT/CC Japan Coordination Center KrCERT/CC Korea Internet Security Center Korea MyCERT Malaysian Computer Emergency Response Team Malaysia PHCERT Philippine Computer Emergency Response Team Philippine SingCERT Singapore Computer Emergency Response Team Singapore Sri Lanka Sri Lanka Computer Emergency Readiness Team Sri Lanka CERT/CC Coordination Centre ThaiCERT Thai Computer Emergency Response Team Thailand Taiwan Computer Emergency Response Team / TWCERT/CC Chinese Taipei Coordination Center Taiwan National Computer Emergency Response TWNCERT Chinese Taipei Team VNCERT Vietnam Computer Emergency Response Team Vietnam General Members Team Official Team Name Economy BDCERT Bangladesh Computer Emergency Response Team Bangladesh BP DSIRT BP Digital Security Incident Response Team Singapore CERT CERT Australia Australia Australia Government Computer Security and Incident GCSIRT Philippines Response Team mmCERT Myanmar Computer Emergency Response Team Myanmar Macau Computer Emergency Response Team MOCERT Macao Coordination Centre 8 MonCIRT Mongolian Cyber Incident Response Team Mongolia National University of Singapore Computer NUSCERT Singapore Emergency Response Team TechCERT TechCERT Sri Lanka 9 3. Steering Committee (SC) Since the last APCERT AGM held in March 2010, in Jeju, Korea, the following members served as APCERT Steering Committee (SC). • JPCERT/CC (Chair/Secretariat) • KrCERT/CC (Deputy Chair)
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages195 Page
-
File Size-