First UN-backed simulation of cyber attack takes place in South-east Asia


ITU Secretary General Hamadoun Touré


2 December 2011 – Mass web destruction, spam and malware infection were among the scenarios involved during the first cross-border cyber drill organized by the United Nations and an international partnership against online threats in South-east Asia that aims to build cooperation and improve response measures to cyber attacks. The drill, launched by the UN International Telecommunication Union (ITU) and the International Multilateral Partnership Against Cyber Threats (IMPACT), was a coordinated exercise to assess the security and emergency readiness of Cambodia, Laos, Myanmar and Viet Nam, also known as the CLMV countries.

Each country had a team participating in three simulated cyber security emergency incidents. Teams were required to identify the origin of the attacks, identify possible solutions and mitigation steps, and rectify the damage.

The one-day exercise then simulated a cyber attack response linking the response systems of the fours countries known as Computer Emergency Response Team/Computer Incident Response Teams (CERT/CIRT), as well as experts from ITU and IMPACT.

“Cyber attacks are borderless, so it is vital for every CERT/CIRT to share information and experience on cross-border incident handling, in order to refine and test points of contact and procedures, to enhance the effectiveness of their response to active cyber threats,” said ITU Secretary-General Hamadoun Touré.

According to a news release issued by ITU, the exercise was intended to help build greater cooperation and improve communication among the countries, and it took into account real-life constraints such as the disparity in the countries’ capabilities and developments.

The drill, which was held yesterday, did not aim to criticize capabilities or a particular network, system or infrastructure, but instead sought to emphasize the need for continuous communication channels between neighbouring countries, as well as enhance each country’s incident response capabilities.

“The ITU-IMPACT ALERT (Applied Learning for Emergency Response Team) achieved several positive outcomes, including identification of readiness of each country’s CERTs/CIRTs team, establishing the need for proper contingency plans, improving the familiarity with tools and other related software and communicating the importance of maintaining logs and having adequately trained personnel in place to handle cyber threats,” said Datuk Mohd Noor Amin, Chairman of IMPACT.

“This was a great opportunity for countries to put their contingency strategies to the test. This cyber drill serves as the prototype for upcoming larger global exercises being designed for 2012.”

un.org