APNIC staff have been busy with security activities. Below are some key themes that have emerged from this work, and details of the engagements staff have been involved in.
Detection and analysis
Some of the recent workshops have focused on detection and analysis using honeynet data, and sharing those findings with the wider community
It’s one thing to have honeypots in place, it’s quite another to actually get actionable intelligence into the communities that need it. A key goal of current workshops is to let security teams know that threat feed (such as our honeynet feeds) information is freely available, and to invite them to get involved.
Virtual events are great, but…
Our engagements are all currently held in the virtual sphere. It works fine for the most part, but face-to-face engagement leads to strong relationships and tighter networks. Furthermore, we noticed that not all economies can participate in some of our online activities due to limitations of Internet accessibility.
However, collaboration with local partners remains fruitful. Our work with groups like BtCIRT and PacSON has been helpful in understanding the different flavours of local security needs. We also work with local partners who are willing to support their communities. This helps with capacity building and continuity in the long run.
Community is key
Our security activities don’t just pair security trainers with APNIC Members; the regional security community is large and consists of different stakeholders doing different kinds of security work. We’ve seen a wide variety of participants in recent months, including Research and Education Networks (RENs), universities, governments, CSIRTs, and law enforcement agencies.
For security to happen we need buy-in and commitment from a wide variety of stakeholders. This multistakeholder approach has been a key focus of our engagement.
Here’s a list of activities APNIC’s security duo Adli and Jamie participated in or supported from April to June 2021.
- Sector CSIRT discussion with the Pakistan Telecommunication Authority
- Honeynet discussion with MNNOG
- 2nd ICANN APAC-TWNIC Engagement Forum 2021
- FIRST Cyber Threat Intelligence (CTI) Summit 2021
- Live eTutorial: Introduction to Suricata Intrusion Detection System
- Tabletop exercises for FIRST Fellowship Teams
- CrikeyCon 2021
- Auscert Conference 2021
- Bhutan CIRT (BtCIRT) Community Workshop 2021 – Linux Forensics
- PacSON security community tutorial (Memory forensics)
- Rightscon 2021
- FIRST annual conference and AGM
- Presentation to Cyber Safety Pasifika
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.