Geneva, Switzerland (PRWEB) December 04, 2011
United Nations’ specialized agency the International Telecommunication Union (ITU) and the International Multilateral Partnership Against Cyber Threats (IMPACT) yesterday held the world’s first cross border drill exercise by an international organization and a United Nations agency.
The inaugural cyber-drill was launched by ITU-IMPACT ALERT (Applied Learning for Emergency Response Team), and comprised a simulated cyber attack response linking the Computer Emergency Response Team/Computer Incident Response Teams (CERT/CIRT) of Cambodia, Lao P.D.R., Myanmar and Viet Nam (the CLMV countries) with executing experts from ITU-IMPACT. The one-day drill was held in conjunction with the ITU-ASEAN Sub-regional CSIRT/CIRT/CERT Workshop for CLMV countries in Yangon, Myanmar.
IMPACT, the cybersecurity executing arm of ITU, is the largest cybersecurity alliance of its kind in the world, with 137 partner countries now formally part of the ITU-IMPACT coalition, and with strong support from global industry giants, partners from academia and international organizations.
The cyber drill was a simulated and coordinated exercise to assess the cybersecurity emergency readiness of CLMV countries and their incident response capabilities in mitigating and countering cyber attacks. The exercise helped build greater international cooperation between participating countries, and improved their communication and mitigation processes. It was also unique in that it was deliberately designed to involve countries with differing developing status – one rapidly growing developing country (Viet Nam) and three UN-designated Least Developed Countries – Cambodia, Lao P.D.R and Myanmar. That meant that the exercise was able to take into account the real-life constraints faced by many economies in the developing world. An important aspect of the drill was the involvement of countries at the regional level.
“Cyber attacks are borderless, so it is vital for every CERT/CIRT to share information and experience on cross-border incident handling, in order to refine and test points of contact and procedures, to enhance the effectiveness of their response to active cyber threats,” said ITU Secretary-General Dr Hamadoun Touré.
The drill involved a team from each of the four CLMV countries. Drill scenarios involved three cybersecurity emergency incidents: mass web defacement, spam and malware infection. Teams were required to identify the origin of the attacks, identify possible solutions and mitigation steps, and rectify the defacement and/or outbreak. All events and incidents were simulated – no live systems were attacked.
Each participating country team was divided into two roles, representing ‘player’ and ‘observer’. The player executed the incident handling process, analyzed the threats and mitigated the simulated attacks, while the observer executed the communication roles and assisted the player to mitigate the simulated attacks.
The drill scenarios were created by experts from ITU-IMPACT, F-Secure and Trend Micro. Though competitors in the outside world, ITU’s long-standing tradition of public-private partnership provided a unique platform for these partners to come together for the good of the global community to enhance readiness to combat cyber threats.
The drill was conducted as a ‘no-fault’ exercise. The aim was not to criticize capabilities or a particular network, system or infrastructure, but rather to emphasize the need for continuous communication channels between neighbouring countries, as well as enhancing each country’s incident response capabilities.
“The ITU-IMPACT ALERT achieved several positive outcomes including identification of readiness of each country’s CERTs/CIRTs Team, establishing the need for proper contingency plans, improving the familiarity with tools and other related software and communicating the importance of maintaining logs and having adequately trained personnel in place to handle cyberthreats,” said Datuk Mohd Noor Amin, Chairman of IMPACT.
“This was a great opportunity for countries to put their contingency strategies to the test. This cyber drill serves as the prototype for upcoming larger global exercises being designed for 2012,” he added.
The 2011 ‘ITU-IMPACT ALERT’ was sponsored by ABI Research, with technical assistance provided by Trend Micro and F-Secure.
For more information, please contact:
ITU Cybersecurity Coordinator
Tel: +41 22 730 6760
Mobile: +41 79 217 3590
Chief, Media Relations & Public Information
Tel: +41 22 730 6039
Mobile: +41 79 599 1439
Manager, Corporate Communications
Tel : +60 3 8313 2124
E-mail : kalaivani(dot)pakiri(at)impact-alliance(dot)org
ITU is the leading United Nations agency for information and communication technology. For over 145 years, ITU has coordinated the shared global use of the radio spectrum, promoted international cooperation in assigning satellite orbits, worked to improve communication infrastructure in the developing world, and established the worldwide standards that foster seamless interconnection of a vast range of communications systems. From broadband networks to new-generation wireless technologies, aeronautical and maritime navigation, radio astronomy, satellite-based meteorology and converging fixed-mobile phone, Internet and broadcasting technologies, ITU is committed to connecting the world. http://www.itu.int
The International Multilateral Partnership Against Cyber Threats (IMPACT) is the cybersecurity executing arm of the United Nations' specialized agency for ICTs, the International Telecommunication Union . As the world’s first comprehensive alliance against cyber threats, IMPACT brings together governments, academia and industry experts to enhance the global community’s capabilities in dealing with cyber threats. Based in Cyberjaya, Malaysia, IMPACT is the operational home of ITU’s Global Cybersecurity Agenda (GCA). IMPACT offers ITU’s Member States with access to expertise, facilities and resources to effectively address cyber threats, as well as assisting United Nations agencies in protecting their ICT infrastructures.
# # #