SUMMARY REPORT

THIRD ARF WORKSHOP ON CYBER SECURTIY

NEW DELHI, INDIA

6-8 September 2006

  1. Pursuant to the decision of the 13th ASEAN Regional Forum (ARF) Ministerial Meeting in Kuala Lumpur in July 2006, India hosted the 3rd ARF Workshop on Cyber Security in New Delhi from 6th to 8th September 2006. 58 delegates from 20 ARF participating countries and representatives of ASEAN Secretariat and private sectors participated in the workshop. In total, 13 country presentations and 4 industry presentations were made during the workshop. The List of Delegates appears at Annex A.

Session I – Inauguration: Threat of cyber terrorism – National perspective

  1. ARF is recognized as one of the pre-eminent forums active in addressing and creating awareness about cyber terrorism and threats among member countries. Prior to this workshop, two seminars were held in Republic of Korea in October 2004 and in the Philippines in October 2005. The need to recognize a focal point in each member country to address specifically cyber security related issues was felt, which may also help in pooling resources for capacity building to combat any kind of cyber attacks. Furthermore, that would also enable the governments of Member countries to identify the core services that need to be protected from electronic attacks and work with organizations responsible for these systems.
  1. In the opening remarks, India stated that the need of cyber security had become indispensable to protect IT infrastructure in view of socio-economic development where the role of public-private engagement should be a key component of strategy to secure cyberspace. This engagement will take a variety of forms and will address audits, awareness, training, technological improvements, vulnerability remediation, and recovery operations. It was emphasized to focus effectively in creating suitable conditions for enhancing IT use and better security environment in terms of enabling legal framework, security assurance framework and security awareness and education. In addition to this, it was stressed that the effective role of the network intermediaries such as ISPs, network service providers and web hosting service providers could not be ignored in making the cyber space safe and secure.
  1. Towards this end, it was considered necessary to develop consensus among ARF participants for building and maintaining trusted relationship, sharing and exchanging of information and expertise, facilitating adequate and timely response to security threats, responding to legal and regulatory requirements, linking technology decisions to the bottom line and collaborating in developing and updating appropriate tools of cyber security.
  1. ASEAN Secretariat highlighted the urgency and importance of international cooperation in protecting today’s borderless and very vulnerable cyberspace and suggested to continue the multi-modality mechanism of collaboration and coordination amongst and between ARF participants to address emerging issues and challenges in cyber security. In moving forward, it is crucial to discuss ways and means to implement the actions and measures outlined in the ARF Statement on Cooperation in Fighting Cyber Attack and Terrorist Misuse of Cyber Space (July 2006)
  1. The 3 days Workshop was organized in the following manner. (Annex B)

Session I: Inauguration (Focus: Threat of cyber terrorism – National perspective)

Session II: Country presentations (Focus: Presentations by ARF member countries on respective Government initiatives on cyber security and protection of critical information infrastructure)

Session III: Country presentations Continued

Session IV: Presentations by Private Sector organizations (Focus: Cyber security - trends and protection strategies)

Session V: Country presentations (Focus: Cyber security - trends and protection strategies)

Session VI: Country Presentations and Presentations by Private Sector organizations (Focus: Cyber security - trends and protection strategies)

Session VII: Discussion on strategy to counter cyber terrorism and areas of cooperation

Session VIII: Consideration and adoption of ARF summary report

Session II: Presentations by ARF participants on respective Government

Initiatives on cyber security and protection of critical information infrastructure

  1. Onset, India made a presentation on cyber security and protection of critical information infrastructure. Highlighting the economic and demographic indicators, Indian presentation shared information on its information security survey with particular emphasis on security breaches. The presentation also included information regarding Indian cyber community, activities of CERT-In, challenges and concerns, action at government level, critical infrastructure protection and National Information Security Assurance Program (NISAP). The Indian presentation also identified areas for possible cooperation, viz., coordination in early warning, threat & vulnerability analysis and incident tracking, assistance in cyber space monitoring, cyber security drills/exercises to test the vulnerability & preparedness of critical sectors, joint R&D projects on cyber security and exchange of expertise. (Annex 1)
  1. Republic of Korea made presentation on recent cyber attacks and countermeasures containing basic concepts, cyber attack trends, countermeasure activities and future plans. They also presented current status of cyber intrusion incidents. Their countermeasure activities include national cyber security management system, strengthening co-operation by encouraging participations from professional organizations etc., establishing a cyber security council in each region and entering into the Common Criteria Recognition Arrangement (CCRA). They also presented the future plans for establishing an information sharing system, development of technical measures, strengthening preventing activities and promotion of cyber security awareness. (Annex 2)
  1. Singapore’s representative stressed enhancing Infocomm security, resilience and preparedness of the nation as a journey without end, positive mindset to treat cyber security with priority as a continuous process, and partnership and participation from public, private and people sector as critical components. Strategy to Secure Singapore’s Cyberspace with its agenda was presented. A narration on cyber threats in Singapore, their fundamental principles involving multi-prong approach, proactive efforts in terms of legislation and policies and guidelines etc were presented. They also presented Singapore’s 3-year Infocomm Security Masterplan. (Annex 3)
  1. Canada’s representative discussed Canada’s strategies, policies and structures used to protect critical information and infrastructure from cyber incidents that employed two-pronged approach of modernizing legislation and crisis management. It also included cooperation with Canada’s provinces and other critical entities such as energy generation and transmission, transportation and communications, and financial and commercial services. Modernizing the legislation intended to deal with unauthorized use of computers, mischief to data, password and device related offences Crisis Management inter alia includes process for incident response, public safety and emergency preparedness, coordination with industry, etc. (Annex 4)

Session III – Country Presentation Continued

  1. China’s presentation on Cyber Crime in China: Current Situation and Countermeasures outlined the situation of cyber crime, Internet security legislation and policies against cyber crime among other issues. They pointed that hacking of crucial information systems, phishing, online pornography and gambling were some of the major cyber related crimes. Cyber-facilitated terrorism includes communication, coordination, threatening the victims, disseminating terrorism information or rumors etc. They also expressed their experience in dealing with such incidents. Incidents related to cyber targeted terrorism including attack on crucial networks and information systems were also presented. Cyber Legislation of China is armed with the Criminal Law of People’s Republic of China among other related laws. The policies emphasized prevention in first place, software & hardware production security and evaluation mechanism. (Annex 5)
  1. European Union’s presentation on strategy for secure information society-dialogue, partnership and empowerment highlighted the importance of network and information security for the creation of a single European space. The availability, reliability and security of networks and information systems are increasingly central to their economies and to the fabric of the society. In tackling cyber security challenges the European Community has developed a three pronged approach involving specific network and information security measures, the regulatory framework for electronic communications including privacy and data protection issues and the fight against cyber crime. The European Network and Information Security Agency (ENISA) contributed to the development of a culture of network and information security for the benefit of citizens, consumers, enterprises and public sector organizations. The EU is also playing an active role in addressing cyber security related issues at international level. They have taken a number of initiatives such as addressing the evolution of spam and threats and making proposals for improving co-operation among Law enforcement authorities. They have also earmarked appropriate financial resources under the seventh EU Framework Programs in this regard. Thus identifying and meeting cyber security challenges the participations of multi-stakeholders is also an important part of their approach. (Annex 6)
  1. Indonesian national policy in combating cyber crime emerged from the common global threats being faced in cyber and other computer related crimes since the inception of Internet technology that are found in the forms of hacking, cracking, database deconstruction, network stability, spoofing and deployment of trojan viruses with intended damaging impact. The most recent modus of cyber-crime found in Indonesia is counterfeit online transaction. The challenges that are faced by the Government of Indonesia were also presented. It includes general concept of Indonesian national information system policy that involves two major infrastructures namely the fundamental infrastructure which mainly consists of human resources, and regulation and technical infrastructure which mainly consists of network security, application as well as content and data center protection. It was also informed that the establishment of a legal basis for national information system policy is the focus of the Indonesian Government to deal with threats that emerge in relation with cyber and other computer related crime.On technical realm, the Department of Communication and Information Technology, in cooperation with the Indonesian National Police and the Internet Community (the Indonesian Internet Providers Association) is currently working on the establishment of Indonesian Security Incident Response Team on Internet Infrastructure (ID SIRTII) as the Indonesian computer emergency response team. (Annex 7)
  1. Malaysia’s presentation on Malaysia initiatives on cyber terrorism outlined current statistics in cyber threats, cyber security strategies, policies and programs in Malaysia and moving forward. It was informed that Malaysia is preparing for any eventualities involving cyber terrorism through formulating and reviewing national policies, enhancing technical and operational capabilities amongst relevant agencies, improving the related laws and enhancing international cooperation. They opined on computer security incidents, digital forensics cases, cyber crime cases, national cyber security policy, Malaysian cyber security center, current services provided by the Malaysian cyber security center and CERTS in Malaysia. It was elaborated on 9th Malaysian plan in enhancing cyber security. It was also informed that Malaysia will establish the International Multilateral Partnership Against Cyber Terrorism (IMPACT). This initiative was announced by the Prime Minister of Malaysia during WCIT 2006. IMPACT will serve as a platform to allow governments and private sectors of the world to exchange notes and ideas, as well as to facilitate the sharing of skills and best practices, with the ultimate objective of combating these constantly evolving cyber threats. It was also pointed out that South-East Asia Regional Center for Counter- Terrorism (SEARCCT) is primarily focusing on capacity building and public awareness programs in counter terrorism and so far 31 courses have been conducted including 3 courses on cyber-terrorism. Presently, the Malaysian Government is enhancing strong cooperation between business organizations and user communities globally, strengthening cross border enforcement and sharing of digital evidence pertaining to cyber terrorism, improving cooperation amongst national CERTs and promoting established information security standards and certifications. (Annex 8)

Session IV: Presentations by Private Sector organizations (Focus: Cyber security

trends and protection strategies)

  1. e-Bay India Pvt. Ltd. presented E-commerce perspective wherein they covered agenda, introduction to E-commerce, why E-commerce, growth in India, trend in Internet fraud, eBay’s trust and safety strategy and sensible precautions for online shopping etc. They also presented a phishing case study. (Annex 9)
  1. Korea Information Security Agency of Republic of Korea gave a presentation on Internet Security Activity in Korea, and highlighted on malicious code trends in Korea, KISC’s job domain, case study, international incidents drill, and epilogue where they have presented modes for the effective countermeasures such as enchancing CERT to include the role of Network Emergency response team and strengthening international cooperation based on consensus for monitoring, record keeping, information sharing. It also suggested the “train the trainer program” to prevent IT Divide to be a Security Divide. (Annex 10)

Session V: Country presentations (Focus: Cyber security - trends and protection strategies)

  1. The Philippines gave a presentation on the strategy in securing Philippine cyberspace through effective governance to ensure stability of national cyber or information infrastructure and to acquire the capability to provide defence and offence against cyber attacks. The following key programs are being developed to strengthen, ensure and promote cyber security.

·  A program to establish a Favorable Cyber Security Legal Regime.

·  A Cyber Security Awareness Program

·  A Cyber Security Training Program

·  A Cyber Security Threat and Vulnerability Reduction Program

·  A Cyber Security Incident Response and Consequent Management System

·  A program to establish national and international coordinating mechanisms

(Annex 11)

  1. Thailand’s initiatives and challenges in cyber crime was the topic of the presentation which included the efforts being taken by them by setting up Cyber Crime Prevention and Suppression Committee and Cyber Inspector and Monitoring Unit. These committees are primarily responsible for web-site monitoring and preventing cyber abuse, reducing access to inappropriate content web-sites, tracing and collecting evidence to prosecute cyber criminals and building up a clean cyber community. Consequently, a number of projects have been initiated by them including the establishment of regulations and registration procedures and the development of new software for the better use of computers etc. Furthermore, Thailand is in the process of proposing to setup ThCERT, a full-fledged Government body, which would become the national focal point in addressing cyber crimes within, as well as with other foreign counterparts. (Annex 12)
  1. USA representative presented US cyber security readiness with an overview of US National Plan, National Cyber Risk Management, Risk Mitigation/Security Compliance and way forward/areas of co-operation. It was informed that Government’s key cyber roles for cyber preparedness, infrastructure with regard to response, recovery and protection includes cyber law enforcement and intelligence, cyber security co-ordination among the states, consumer protection and cyber fraud prevention and information security guidelines. Public and private partnership as an essential component to cyber security was also emphasized. It was also outlined to seek international co-operation for law and enforcement to enact sufficient laws. Standards and best practices, training and education, R & D, long term planning and improvements and law enforcement co-operation were some of the proposed areas of co-operation. The US recently ratified the convention on cybercrime. The US believes firmly that the convention, which is international in scope, is the best model for countries that seek to harmonize national cybercrime laws. (Annex 13)
  1. Bangladesh in its country presentation showed the role of Ministry of Science and ICT and Bangladesh Computer Council. Government initiatives in promotion of national ICT policy, HRD training for IT persons, development of IT infrastructure and E-Governance were also presented. An ICT Act is going to be enacted, which will cover Electronic Transaction and cyber crime protection issues. Bangladesh has legalized the lawful interception in communications. Bangladesh is taking initiatives to form an ICT Emergency Response Team jointly with Ministry of Science & ICT, Ministry of Home Affairs, Ministry of Defence etc. (Annex 14)

Session VI: Country Presentations and Presentations by Private Sector organizations (Focus: Cyber security - trends and protection strategies)