Sunday, 19 May 2019

Vietnam organizes cyber security drill responding to APT attack

Updated at Wednesday, 28 Nov 2018, 23:17
The Hanoitimes - As of the third quarter of 2018, there had been 8,319 network attacks in Vietnam, including 1,575 malware cases, 4,829 deface cases, and 1,915 phishing attacks.
The Vietnam Computer Emergency Response Teams (VNCERT) and PwC Vietnam on November 28 co-organized a cyber security drill, which is aimed to respond to an APT (Advanced Persistant Threat) attack.
Overview of the drill. Source: PwC.
Overview of the drill. Source: PwC.
First recorded in between 2010 and 2011, APT attacks have been at the forefront of cyber security threats due to their sophisticated and continuous persistent methods, ranging from highly technical to social engineering attacks. APT attacks have produced variants that can bypass safety and security solutions, causing significant damage, especially to critical infrastructure.

The drill attracted over 100 participants in Ho Chi Minh City, Hanoi and Da Nang, including IT and cyber security leaders and professionals from member agencies of the nationwide network for cyber security emergency response, provincial Departments of Information and Communications, as well as organizations currently operating critical information systems in the southern region.

The participating teams had to analyze and investigate the problem, thereby identifying the source of the attack, the list of IP addresses that the malware was connected to, and the vulnerabilities and attack techniques used to penetrate the system.

Based on that, they were able to determine the severity and impacts of the attack. By employing realistic attack scenarios, the drill provided the participants with important skills that are highly practical.

“What sets this drill apart is that it was designed as a competition, in which the technical professionals could exchange knowledge and experiences, improve their skills, and win meaningful awards from the organising committee,” said Nguyen Khac Lich, head of the organizing committee.

As per the Prime Minister's Decision No. 1622 on "Boosting the operations of the network for cyber security emergency response and capacity building for professional cyber security incident response teams until 2020 with a vision to 2025”, VNCERT’s emphasis is on being the national coordinator for incident response. 

"As the coordinator of cyber security incident response activities throughout the country, VNCERT regularly puts a focus on international drills and exercises to improve the capabilities of information security technical staff in all organisations," said Nguyen Trong Duong, director of VNCERT.

Annually, highlights include the ASEAN CERTs Incident Drill (ACID), Asia- Pacific CERTs (APCERT) Drill, and the ASEAN-Japan Drill, held annually  on a nationwide scale in the Northern, Central and Southern regions of Vietnam. Most recently, in June 2018, a large-scale cyber incident response drill was organized for the first time ever in the Central Highlands region.

Previously, in January 2018, VNCERT entered into a strategic partnership in cyber security incident response for 2018-2020 with PwC Vietnam.

Under the agreement, PwC Vietnam and VNCERT will work together to strengthen training activities andto raise the capabilities for timely response to information security incidents in Vietnamese organisations; further develop the market of information security services; and exchange information on new information security incidents, threats and attacks.

VNCERT’s statistics show that as of the third quarter of 2018, there had been 8,319 network attacks in Vietnam, including 1,575 malware cases, 4,829 deface cases, and 1,915 phishing attacks.
Ngoc Thuy
Thiết kế web: OnIP™