Internet economy

APEC-OECD Malware Workshop, Manila, 2007

 

Return to > Information security and privacy > Security > Malware and botnets

 

Held on 22 and 23 April 2007, Manila, The Philippines

Agenda | Annotated agenda | Summary record

Malware is a general term for software code or program inserted into an information system in order to cause harm to that system or other systems, or to subvert them for use other than that intended by their owners. Malware is a tool which facilitates a range of crimes. Compromised computers, like the malware installed on them, become both components of the cyber attack system and the targets of attack. The global nature of the problem related to malware means that counter-measures must be global to be effective.

The subject of malware is one area of joint work agreed to by leaders and members of the APEC and OECD. This work is being conducted in two parts: a workshop and an analytical report.

The joint workshop took place at the APEC TEL 35 meetings in Manila, Philippines on 22 April 2007. 

It brought together government, industry, Computer Security Incident Response Teams (CSIRTs), civil society, consumers, and others who play a role in combating malware.

 

Agenda

Session 1 - Trends & Overview: Why is Malware an Important Issue?

Moderator: Keith Besgrove

Issues and problems, rate of evolution

National Computer Network Emergency Response Technical Team Coordination Center (CNCERT/CC) – China - Dr. Yuejin Du

Impact on Business

Association for Payment Clearing Services (APACS) – United Kingdom (UK) - Colin Whittaker

Impact on Government

Department of Communications Information Technology and the Arts (DCITA) – Australia
Sabeena Oberoi

Impact on Government

Ministry of Internal Affairs and Communications - Japan - Mr. MURAKAMI Satoshi
Ministry of the Economy Trade and Industry - Japan - Mr. MURANO Masayasu

Imact on consumers

Consumers Report WebWatch - Beau Brendler

Session 2: Malware in Focus

Moderator: Shamsul Jafni Shafier

Malcode

Computer Emergency Response Team / Coordination Center (CERT/CC) - Kevin Houle

Botnets

Computer Emergency Response Team for the Dutch Government (GovCERT.NL) – The Netherlands - Douwe Leguit

Who is behind malware, their capabilities and activities?

Postal and Communications Police Service - Italy - Sergio Staro

What are the challenges (all types) to combating malware?

Microsoft UK - David Pollington

Session 3: Identifying Counter Measures and Capabilities for Response to Cyber Attacks

Moderator: Keith Besgrove

Current counter-measures and responses by CERTs

Korea Internet Security Center KrCERT /CC - Jeong, Hyun-Cheol - GovCERT.nl - Douwe Leguit – panellist only

Current counter-measures and responses by anti-virus vendors

F-Secure – Finland - Patrik Runald

Current counter-measures and responses by regulators in partnershiop with Internet Service Providers (ISPs) and domain name registars

Philippine Internet Services Organization (PISO) - Horatio Cadiz

Current counter-measures and responses by law enforcement bodies, including through public private partnerships

Department of Justice (DOJ) – United States of America (USA) - Anthony Teelucksingh

Current counter-measures and responses by domain name registars

Internet Corporation for Assigned Names and Numbers (ICANN) - Paul Twomey

Case Study moderator: Graham Ingram - Australian Computer Emergency Response Team (AusCERT) – Australia

Session 4: Panel Discussion: Gaps and Challenges

Moderator: Shamsul Jafni Shafie

Panellists:

Department of Homeland Security (DHS) US Computer Emergency Readiness Team (US-CERT), USA - Josh Goldfarb
DCITA, Australia - Sabeena Oberoi
CNCERT, China - Dr. Yuejin Du
Information & Communication Security Technology Center, Chinese Taipei - Pei-wen Liu
International Telecommunications Users Group (INTUG) - Rosemary Sinclair
Outblaze Limited, Hong Kong - Suresh Ramasubramaniam
Communications Technology Labs, INTEL - Ravi Sahita

Comments and wrap up of session and day 1

Andy Purdy

Session 5: Break Out Group Discussion

Breakout group moderators:

Break Out 1: How can vendor, CERT, ISPs, domain name registrars response be improved?

APACS – UK - Colin Whitaker

Introduction provided by the Organization of Economic Cooperation and Development (OECD) - Peter Lübkert

Break Out 2: How can government policy, law enforcement and regulatory response be improved?

Department of Justice (DOJ) – United States of America (USA) - Anthony Teelucksingh

Break Out 3: How can awareness, education, and training of individuals business – in particular SMEs – and users be improved?

INTUG - Ernie Newman

Session 6: Wrap Up and General Discussion

Moderators: Shamsul Jafni Shafie and Keith Besgrove

Report by Break Out Groups moderators – suggestions for improvement - and comments from the wider workshop participants

APACS – Colin Whittaker

DOJ – USA - Anthony Teelucksingh

INTUG - Ernie Newman

Delft University - Michel van Eeten

General discussion with the audience on how to improve government policy and international frameworks for cyber response/security and final wrap-up

Andy Purdy

Conclusions of the Workshop

Shamsul Jafni Shafie and Keith Besgrove

 

 

 

Countries list

  • Afghanistan
  • Albania
  • Algeria
  • Andorra
  • Angola
  • Anguilla
  • Antigua and Barbuda
  • Argentina
  • Armenia
  • Aruba
  • Australia
  • Austria
  • Azerbaijan
  • Bahamas
  • Bahrain
  • Bangladesh
  • Barbados
  • Belarus
  • Belgium
  • Belize
  • Benin
  • Bermuda
  • Bhutan
  • Bolivia
  • Bosnia and Herzegovina
  • Botswana
  • Brazil
  • Brunei Darussalam
  • Bulgaria
  • Burkina Faso
  • Burundi
  • Cambodia
  • Cameroon
  • Canada
  • Cape Verde
  • Cayman Islands
  • Central African Republic
  • Chad
  • Chile
  • China (People’s Republic of)
  • Chinese Taipei
  • Colombia
  • Comoros
  • Congo
  • Cook Islands
  • Costa Rica
  • Croatia
  • Cuba
  • Cyprus
  • Czech Republic
  • Côte d'Ivoire
  • Democratic People's Republic of Korea
  • Democratic Republic of the Congo
  • Denmark
  • Djibouti
  • Dominica
  • Dominican Republic
  • Ecuador
  • Egypt
  • El Salvador
  • Equatorial Guinea
  • Eritrea
  • Estonia
  • Ethiopia
  • European Union
  • Faeroe Islands
  • Fiji
  • Finland
  • Former Yugoslav Republic of Macedonia (FYROM)
  • France
  • French Guiana
  • Gabon
  • Gambia
  • Georgia
  • Germany
  • Ghana
  • Gibraltar
  • Greece
  • Greenland
  • Grenada
  • Guatemala
  • Guernsey
  • Guinea
  • Guinea-Bissau
  • Guyana
  • Haiti
  • Honduras
  • Hong Kong, China
  • Hungary
  • Iceland
  • India
  • Indonesia
  • Iraq
  • Ireland
  • Islamic Republic of Iran
  • Isle of Man
  • Israel
  • Italy
  • Jamaica
  • Japan
  • Jersey
  • Jordan
  • Kazakhstan
  • Kenya
  • Kiribati
  • Korea
  • Kuwait
  • Kyrgyzstan
  • Lao People's Democratic Republic
  • Latvia
  • Lebanon
  • Lesotho
  • Liberia
  • Libya
  • Liechtenstein
  • Lithuania
  • Luxembourg
  • Macao (China)
  • Madagascar
  • Malawi
  • Malaysia
  • Maldives
  • Mali
  • Malta
  • Marshall Islands
  • Mauritania
  • Mauritius
  • Mayotte
  • Mexico
  • Micronesia (Federated States of)
  • Moldova
  • Monaco
  • Mongolia
  • Montenegro
  • Montserrat
  • Morocco
  • Mozambique
  • Myanmar
  • Namibia
  • Nauru
  • Nepal
  • Netherlands
  • Netherlands Antilles
  • New Zealand
  • Nicaragua
  • Niger
  • Nigeria
  • Niue
  • Norway
  • Oman
  • Pakistan
  • Palau
  • Palestinian Administered Areas
  • Panama
  • Papua New Guinea
  • Paraguay
  • Peru
  • Philippines
  • Poland
  • Portugal
  • Puerto Rico
  • Qatar
  • Romania
  • Russian Federation
  • Rwanda
  • Saint Helena
  • Saint Kitts and Nevis
  • Saint Lucia
  • Saint Vincent and the Grenadines
  • Samoa
  • San Marino
  • Sao Tome and Principe
  • Saudi Arabia
  • Senegal
  • Serbia
  • Serbia and Montenegro (pre-June 2006)
  • Seychelles
  • Sierra Leone
  • Singapore
  • Slovak Republic
  • Slovenia
  • Solomon Islands
  • Somalia
  • South Africa
  • South Sudan
  • Spain
  • Sri Lanka
  • Sudan
  • Suriname
  • Swaziland
  • Sweden
  • Switzerland
  • Syrian Arab Republic
  • Tajikistan
  • Tanzania
  • Thailand
  • Timor-Leste
  • Togo
  • Tokelau
  • Tonga
  • Trinidad and Tobago
  • Tunisia
  • Turkey
  • Turkmenistan
  • Turks and Caicos Islands
  • Tuvalu
  • Uganda
  • Ukraine
  • United Arab Emirates
  • United Kingdom
  • United States
  • United States Virgin Islands
  • Uruguay
  • Uzbekistan
  • Vanuatu
  • Venezuela
  • Vietnam
  • Virgin Islands (UK)
  • Wallis and Futuna Islands
  • Western Sahara
  • Yemen
  • Zambia
  • Zimbabwe