Media Release - APCERT Drill Closes Worldwide Botnet
Date: 21 December 2005

The Asia Pacific Computer Emergency Response Team (APCERT) today completed
its second annual drill to test the timeliness and response capability of
many of its member computer security incident response teams (CSIRT) teams.

The drill scenario centred around KrCERT/CC from Korea notifying other
APCERT CSIRTs about the detection of a botnet attacking many sites in South
Korea and requested intervention and assistance from other APCERT CSIRTs to
help stop the attacks, by closing down the attacking bots located in other
APCERT economies. A Œbotnet¹ is jargon for a robot network. A botnet
comprises hundreds and often thousands of compromised computers (bots) which
allow them to be remotely controlled by an attacker to conduct a variety of
different types of Internet attacks, including distributed denial of service

APCERT was established by leading and national CSIRTs from the economies of
the Asia Pacific region to improve the level of cooperation, response and
information sharing among CSIRTs in the region. APCERT comprises 17 CSIRTs
from 13 economies.

³This is the second drill organised by APCERT member CSIRTs in China, Japan
and South Korea², said Graham Ingram, the APCERT Chair.

³This year, the drill has been expanded to include a number of other APCERT
teams, including the leading or national CSIRTs of the Philippines,
Singapore, Hong Kong China, Malaysia, Chinese Taipei and Australia, he said.

³The drill is important and helps us refine and test the points of contacts
and procedures we have established to share and respond to active Internet
attacks in progress. The reality is that APCERT members are already very
active in helping each other respond to Internet attacks within our
respective economies, but drills like this help us review and improve our
procedures and ensure that we are prepared to help each other as best we
can², Mr Ingram said.

KrCERT/CC, which is part of the Korea Information Security Agency, initiated
the idea for the drill and developed the drill scenario. ³Though the drill
is designed to improve cross-border cooperation to stop Internet attacks,
the drill also demonstrates the need for strong relationship between CSIRTs
and Internet Service Providers (ISP) in each local economy,² said Mr Arnold
Yoon, Coordination Manager for KrCERT/CC, Korea Information Security Agency.

³Today, most cyber security incidents are cross-border in nature. For
resolution to be effective and timely, it is imperative that national CERTs
understand the procedures and importance in working with one another. This
drill offers an opportune platform to refine processes and prepare the
various national teams to better manage security breaches in today¹s
borderless world of cyberspace,² said Mr Martin Khoo, Head of SingCERT,
Infocomm Development Authority of Singapore.

³The drill has greatly enhanced the response capability of the CERT teams in
the region and fostered a closer working relationship among us. As a result,
the teams are able to better utilize the resources and expertise in the
region to tackle the increasing cyber attacks, and work together to respond
much faster to incidents,² said Mr. Roy Ko, Centre Manager of Hong Kong
Computer Emergency Response Team Coordination Centre (HKCERT).

Mr Husin Jazri, Director of National ICT Security and Emergency Response
Centre (NISER), Malaysia said, ³It has been an important event being a
member of the APCERT network to cooperatively exercise each other¹s
capability in handling incident within the region. NISER through MyCERT
(Malaysian Computer Emergency Response Team) has been providing support in
responding to Malaysian internet users on computer security incidents,² he

Further information about APCERT can be found on

You are a subscribed member of the infowarrior list. Visit for list information or to unsubscribe. This message
may be redistributed freely in its entirety. Any and all copyrights
appearing in list messages are maintained by their respective owners.

Reply via email to