APCERT

With the rapid development of the Internet, many Asia Pacific economies are increasingly dependent on public network applications such as online banking, online stock trading, e-business, e-government and e-customs. The protection of the numerous nationally important information infrastructure that makes up this new and emerging Asia Pacific e-economy is critical to the region's political and economic stability and security. The need to protect these critical national information infrastructure is of paramount. importance.

This growing threat in the Asia Pacific region required a collaborative approach with the various CERT and CSIRT organizations taking the lead role with full support from their respective governments.

To address this urgent need, the Asia Pacific Computer Emergency Response Team (APCERT) was established in the year 2003. APCERT has an operational focus on cyber security and is open to all suitably qualified CERTs and CSIRTs in the Asia Pacific region.

Receiving support from other more established CERTs in the region, namely, Japan CERT (JPCERT/CC), Malaysia CERT (MyCERT), Korea CERT (KrCERT/CC) and Australian Cyber Security Centre (ACSC), Sri Lanka CERT obtained general membership of APCERT in the year 2008 and became a Full Member of the Asia Pacific Computer Emergency Response Team (APCERT) in March 2009.

Sri Lanka CERT is now an active member of APCERT, participating in efforts such as the regional Internet traffic monitoring system (TSUBAME) and the APCERT regional cyber security drill. Membership APCERT has also boosted Sri Lanka CERT’s capability to address attacks originating from other countries in the Asia Pacific region by coordinating response efforts directly with CERTs in those respective countries.

Activities with APCERT

Annual Cyber Security Drill

The Asia Pacific Computer Emergency Response Team (APCERT) conducts its annual drill to test the response capability of leading Computer Security Incident Response Teams (CSIRT) from the Asia Pacific economies.

Throughout this exercise, the participating APCERT teams are required to put into practice and test their incident response handling capability. The most recent cyber drill included the need to interact between CSIRTs/CERTs both locally and internationally, in order to dismantle and resolve the Denial of Service infrastructure involving compromised home devices. This incident response exercise, which was coordinated across many economies, reflects the strong collaboration amongst the economies and validates the enhanced communication protocols, technical capabilities and quality of incident responses that APCERT fosters in assuring Internet security and safety.

Sri Lanka CERT|CC has been a member of the drill organizing committee of APCERT since 2010 and was the lead team for the APCERT Drill 2011 and 2015, coordinating the entire exercise from its offices at the BMICH.

Member of the APCERT Steering Committee

At the annual general meeting of APCERT in 2019, Sri Lanka CERT|CC was elected to the steering committee of APCERT for the term 2019-2021. The other steering committee members are Cybersecurity Malaysia (Chair), China’s CNCERT/CC (Deputy Chair), Japan’s JPCERT (Secretariat), Australia’s ACSC, Korea’s KrCERT/CC and Taiwan’s TWNCERT.

Member of APCERT Working Groups

APCERT has established several working groups (WG) to formulate policies and procedures for its members and to implement and operate several technical projects across the region.

Sri Lanka CERT is an active member of the following working groups of the APCERT.

  • Drill WG

    To improve the efficiency and stability of the organization of the annual drill by maintaining a fixed organization that can learn from experiences each year.

  • Information Sharing WG

    To identify different types of information that is regarded as useful for APCERT members to receive and/or which is available to share with other APCERT members.

  • Membership WG

    To review the current membership criteria/classes and determine whether they should be broadened to include new criteria/classes and if so how the new arrangements will work.

  • Policy, Procedures and Governance WG

    To devise an approach and assist in defining APCERT organizational processes into policies and procedures appropriate to the running of APCERT.

  • Secure Digital Payment WG

    To build trust in the secure usage of digital payments so as to ensure economic stability

  • Training WG

    To establish an overall education and training program to assist members to develop, operate, and improve their incident management capabilities.

  • TSUBAME WG

    A technical WG to exchange analytical information of TSUBAME, the packet traffic monitoring system to observe suspicious scanning activities in the Asia Pacific region.

  • Critical Infrastructure Protection (CIP) WG

Sri Lanka CERT is the Convener of the CIP working group

Critical Infrastructure (CI) such as e-government applications, financial systems, power & energy systems, transportation, and other vital infrastructure is essential for the smooth functioning of an economy and as such these systems should be protected against terrorist activities, natural disasters and now from cyber threats as well.

Traditionally, CERTs across the world are more focussed on securing their country’s information systems which are usually disconnected from Operational Technologies (OT). However, these two technologies are now converging and becoming more interconnected than ever before, and both technologies are also increasingly connected to the Internet resulting in new cyber threats.

In this context, CERT teams play an important role in the prevention and response to cyber threats and incidents that may occur in critical infrastructure, and as such it is essential to prepare and understand the variety of information systems in the CI sector and the potential threats.

Sri Lanka CERT | CC started this working group in 2019 and the mission of the working group is to identify prevailing issues in critical infrastructure protection, propose and recommend best practices, improve collaboration, and enhance knowledge sharing among APCERT member teams to provide better protection of critical infrastructure across multiple economies.

The members of the Critical Infrastructure Protection (CIP) working group are:

  • Sri Lanka CERT | CC (Convener)
  • Cyber Security Malaysia
  • Australian Cyber Security Centre (ACSC)
  • CNCERT/CC(china)
  • TWNCERT (Taiwan)
Introduction of new members to the APCERT

Sri Lanka CERT introduced the following new members to the APCERT community;

  • BtCIRT - Bhutan
  • BGD eGov CIRT - Bangladesh
  • FINCSIRT - Sri Lanka

Sri Lanka CERT served as one of the sponsors for the following CERTs/Organizations to obtain membership of APCERT.

  • BtCIRT-Bhutan
  • BGD eGov CIRT- Bangladesh
  • AfricaCERT-Africa
  • APNIC
img