APNIC Security Specialist Adli Wahid presented on APNIC's security outreach and capacity development activities at the CNCERT Conference 2017 in Qingdao, China from 22 to 24 May 2017.
3. The AP Region
• 56 Economies
• Sub-regions
• Different languages & culture
• Infrastratucture
4
4. Cyber Security Asia Pacific Region
• Economies are at different levels of maturity
– Infrastructure
– Awareness
– Subject Matter Expert
• Challenges
– Access to Expertise (local or elsewhere)
– Access to Information
– Growth of Internet & Users
5
5. Security Snapshot of 2016 – 2017
• Establishment of new CERTs – Bhutan, Tonga & New Zealand
• National Cyber Security Strategies announced & revised
• Notable Incidents
o Ransomware / Malware
o DDoS – Mirai botnet, Amplification Attacks
o Targeted Attack - SWIFT, Election related
6
6. History of Collaboration
• APCERT Platform
• Beyond security response support
• Share experience, knowledge
• Engagement beyond the
CERT/CSIRT community
7
10. APNIC Security Approach
• Multistakeholder
• Activities
o Awareness Raising / Outreach
o Training / Technical Assistance
o Mentorship
• Collaboration
o Community Honeynet Project
o Many Regional and Global Partners
o APCERT, FIRST, INTERPOL, APWG, JICA, KISA
11
http://www.apnic.net/roa
13. APNIC Engagement Summary (2016)
14
1%
14%
9%
7%
5%
9%
9%
15%
31%
APNIC Events
Global Technical
Coordination
Regional Technical
Development
Intergovernmental
Internet Governance
Member Outreach
NOG
Security
Training / Technical
Assistance
18%
31%
12%
21%
18%
South Asia
South East Asia
East Asia
Oceania
Global
186 Engagements in 2016
14. Security Outreach
15
• Security training and participation at
27 NOG and CERT events
• Training and support for creation of new
Tonga CERT
• Exploring opportunities to support
CSIRTs & LEAs in the Pacific Regions
• FIRST Tech Colloquia with APRICOT
2016, SANOG 28, APNIC 42
• 62 security-tagged blog posts published
Adli Wahid
15. Self-paced E-learning Course
• APNIC Academy
– https://academy.apnic.net
• Introduction to Cyber Security
o Collaboration with JICA
o Self-paced learning - 5 Modules
o Certification upon course completion
• Launched at the End of March 2017
o 1000+ enrollments
o 200+ completion
16
16. Linking Security Communities
• Collaboration with FIRST.org & APCERT
members to organise FIRST-TC at Network
Operators Group (NOGs) meetings & APRICOT
o Platform to share case studies, best practices & tools
o Linking people together
• FIRST Fellowship Program
o Enabling teams from developing / least developed
countries to join the community
o Teams from FIRST.org : Mongolia, Bangladesh,
Myanmar & Vietnam (2017)
17
17. Interpol & LEA communities
• 2-day Internet Investigation Training
– January 2017 @ Interpol Global Complex of Innovation
(Singapore)
– For ASEAN Internet LEA Officers
• Focus
– Internet Infrastructure Fundamentals
– Internet Governance
– Internet Abuse / Cyber Crime
– Practical Exercises
– Collaboration with regional & international stakeholders
18
18. CERT/CSIRT support
• Japan International Cooperation Agency
(JICA)
– Training for CERTs/CSIRTs from Myanmar, Laos,
Vietnam, Cambodia, Timor Leste
– Hosted in Indonesia
• Korea Information Security Agency (KISA)
– Asia Pacific Information Security Conference
– 5 day training for CERTs/CSIRTs from developing
economies in Seoul
• CSIRTs development in the Pacific Island
19
JICA Training
KISA Training
19. Tonga
o CERT Established in July 2016
o Supported by many organisations
o CERT Australia – Study Visit
o APWG – Cyber Safety Campaigns
o ISIF – Funding for enhancements
o APCERT members support
o Team Cymru & ShadowSever Foundation
20
Training @ APNIC Feb/2017
TongaCERT Discussion May 2016
20. Bhutan
• Multi-stakeholder Cyber Security
Workshop
• Organised by BtCIRT
• Topics
o Cyber Security Issues
o Best Current Practices
o How to collaboration
• A few more planned this year
(Laos, PNG and many more)
21
21. https://blog.apnic.net
22
• Inclusive source of APNIC
community news and views –
352 posts including 80 guest
posts in 2016
• Strong readership growth
continues – monthly average
unique views 16,560 in 2016
(9,741 in 2015)
• Community submissions
welcome!
22. Conclusion
• 2017 – need to move faster & work smarter
– CSIRT Development in Pacific Island Region
• Let’s Collaborate
o Outreach
o Engage & strengthen the wider communities
o Leverage on each other’s strength
o Promote each other’s work
23
apnic.foundation
General awareness is needed; coordination required,
These two pie charts provide an overview of APNIC’s face-to-face engagement activity around the region and the world
The majority of APNIC’s work is in the region – 82% - with the majority of face-to-face activity being training related, followed by security engagements
APNIC was extremely active in the security field in 2016. We know this is very important to Members, and that was confirmed in the APNIC Survey
The knowledge and contacts developed by APNIC’s participation in the security community were brought back to share within the APNIC community – a great example is the hosting of FIRST TC meetings at APNIC conferences but also SANOG and a FIRST-supported training session at PACNOG 19
APNIC is proud to have played a role in helping Tonga establish CERT.to, and this has sparked interest from other Pacific Island states on developing their own security response capabilities
To continue to boost APNIC’s security efforts, a second security specialist will be recruited this year
I hope that we all know about the APNIC Blog by now. If not, it is well worth you making it one of your regular Internet news sites.
These days it’s becoming a hub for community news and views, with great articles from people here in this community and further afield
There’s normally 1-2 new stories each day on the blog, so please do check it out.
Also - The number of guest posts from the community almost doubled last year, so thanks to all of you who have helped.
And if you have an idea for a post that you think the community would like to read, get in touch with Tony, Robbie or Siena in the APNIC comms team.
And I do want to thanks and congratulate that team for a real success here.
Hopefully this report has given you a good snapshot of the year that was, but to stay in touch with what’s happening at APNIC and within the community, visit the blog or any one of APNIC’s social media accounts to learn more