HÀ NỘI – Ten ASEAN nations are testing their cyber security emergency response preparedness with a drill that began here yesterday.

The ASEAN CERT Incident Drill (ACID 2017) includes teams representing 10 ASEAN member nations and five dialogue countries: Australia, China, India, Japan and South Korea. The programme aims to promote opportunities for cooperation and practice among the computer emergency response teams (CERT) responsible for handling and solving their countries’ cyber security issues.

ACID 2017 focuses on the latest cyber security trends for CERT. The programme will prepare some rehearsal scripts for participants to practice building and implementing plans to handle cyber security incidents.

Speaking at the opening ceremony, Nguyễn Thành Hưng, Deputy Minister of Information and Communications, said that frequent international rehearsals help maintain the smooth communication among countries to quickly respond during emergencies. The rehearsals also allow participants to acquire knowledge and experiences in solving various cyber security incidents.

According to Nguyễn Khắc Lịch, Vice Director of VNCERT, the importance of such events is increasing, as Việt Nam faces a growing range of cyber security challenges. VNCERT is responsible for coordinating the monitoring and handling process nationwide to promptly stop incidents.

In 2017, VNCERT has detected nine vulnerabilities in the Windows operating system and asked public and private agencies to fix them. It also responded to the May 2017 outbreak of Wannacry ransomware in Việt Nam. This self-spreading malware, also known as WannaDecryptor 2.0, attacks Windows computers.

VNCERT has updated secure versions of Windows for more than 100,000 clients and 5,000 hosts, since most computers in Việt Nam run Windows. This huge effort to minimise Wannacry’s consequences ensured that ultimately only 565 clients and four hosts were malware-infected.

As of this month, VNCERT has recorded and solved nearly 2,000 phishing scams, about 4,000 malware attacks and more than 3,500 website defacements. Recently, VNCERT has analysed behavior patterns of some malware and found 71 domains and 17 IP addresses of command-and-control (C&C) severs. This is an advanced persistent threat (APT) aimed at Vietnamese information systems.

Việt Nam’s team at ACID 2017 will be divided into a core team and a rehearsal team. The core team includes VNCERT’s experts and representatives from Bkav, Viettel, VNPT, CMC Infosec, and VNPT Technology. This team will be the main actor instructing all other participants in solving cases and escalation plans.

Rehearsal teams will investigate case-related information and data; analyse and identify behaviour patterns of attackers; recommend solutions to warn the public, minimise impacts and stop incidents from spreading; and restore operations after an attack.

Though the teams are divided by country, the event aims at promoting international solutions to the international challenge of cyberspace attacks. With professional drills, countries can cooperate to prevent and protect themselves from cyber-attacks.

ACID follows two other annual international rehearsals conducted in Việt Nam in March and May. – VNS