OECD Home › Internet › Internet economy › APEC-OECD Malware Workshop, Manila, 2007
Return to > Information security and privacy > Security > Malware and botnets
Held on 22 and 23 April 2007, Manila, The Philippines
Agenda | Annotated agenda | Summary record
Malware is a general term for software code or program inserted into an information system in order to cause harm to that system or other systems, or to subvert them for use other than that intended by their owners. Malware is a tool which facilitates a range of crimes. Compromised computers, like the malware installed on them, become both components of the cyber attack system and the targets of attack. The global nature of the problem related to malware means that counter-measures must be global to be effective.
The subject of malware is one area of joint work agreed to by leaders and members of the APEC and OECD. This work is being conducted in two parts: a workshop and an analytical report.
The joint workshop took place at the APEC TEL 35 meetings in Manila, Philippines on 22 April 2007.
It brought together government, industry, Computer Security Incident Response Teams (CSIRTs), civil society, consumers, and others who play a role in combating malware.
Session 1 - Trends & Overview: Why is Malware an Important Issue?
Moderator: Keith Besgrove
Issues and problems, rate of evolution
National Computer Network Emergency Response Technical Team Coordination Center (CNCERT/CC) – China - Dr. Yuejin Du
Association for Payment Clearing Services (APACS) – United Kingdom (UK) - Colin Whittaker
Department of Communications Information Technology and the Arts (DCITA) – Australia
Sabeena Oberoi
Ministry of Internal Affairs and Communications - Japan - Mr. MURAKAMI Satoshi
Ministry of the Economy Trade and Industry - Japan - Mr. MURANO Masayasu
Consumers Report WebWatch - Beau Brendler
Session 2: Malware in Focus
Moderator: Shamsul Jafni Shafier
Computer Emergency Response Team / Coordination Center (CERT/CC) - Kevin Houle
Computer Emergency Response Team for the Dutch Government (GovCERT.NL) – The Netherlands - Douwe Leguit
Who is behind malware, their capabilities and activities?
Postal and Communications Police Service - Italy - Sergio Staro
What are the challenges (all types) to combating malware?
Microsoft UK - David Pollington
Session 3: Identifying Counter Measures and Capabilities for Response to Cyber Attacks
Moderator: Keith Besgrove
Current counter-measures and responses by CERTs
Korea Internet Security Center KrCERT /CC - Jeong, Hyun-Cheol - GovCERT.nl - Douwe Leguit – panellist only
Current counter-measures and responses by anti-virus vendors
F-Secure – Finland - Patrik Runald
Philippine Internet Services Organization (PISO) - Horatio Cadiz
Department of Justice (DOJ) – United States of America (USA) - Anthony Teelucksingh
Current counter-measures and responses by domain name registars
Internet Corporation for Assigned Names and Numbers (ICANN) - Paul Twomey
Case Study moderator: Graham Ingram - Australian Computer Emergency Response Team (AusCERT) – Australia
Session 4: Panel Discussion: Gaps and Challenges
Moderator: Shamsul Jafni Shafie
Panellists:
Department of Homeland Security (DHS) US Computer Emergency Readiness Team (US-CERT), USA - Josh Goldfarb
DCITA, Australia - Sabeena Oberoi
CNCERT, China - Dr. Yuejin Du
Information & Communication Security Technology Center, Chinese Taipei - Pei-wen Liu
International Telecommunications Users Group (INTUG) - Rosemary Sinclair
Outblaze Limited, Hong Kong - Suresh Ramasubramaniam
Communications Technology Labs, INTEL - Ravi Sahita
Comments and wrap up of session and day 1
Andy Purdy
Session 5: Break Out Group Discussion
Breakout group moderators:
Break Out 1: How can vendor, CERT, ISPs, domain name registrars response be improved?
APACS – UK - Colin Whitaker
Introduction provided by the Organization of Economic Cooperation and Development (OECD) - Peter Lübkert
Break Out 2: How can government policy, law enforcement and regulatory response be improved?
Department of Justice (DOJ) – United States of America (USA) - Anthony Teelucksingh
Break Out 3: How can awareness, education, and training of individuals business – in particular SMEs – and users be improved?
INTUG - Ernie Newman
Session 6: Wrap Up and General Discussion
Moderators: Shamsul Jafni Shafie and Keith Besgrove
Report by Break Out Groups moderators – suggestions for improvement - and comments from the wider workshop participants
APACS – Colin Whittaker
DOJ – USA - Anthony Teelucksingh
INTUG - Ernie Newman
Delft University - Michel van Eeten
General discussion with the audience on how to improve government policy and international frameworks for cyber response/security and final wrap-up
Andy Purdy
Conclusions of the Workshop
Shamsul Jafni Shafie and Keith Besgrove
Follow us
E-mail Alerts Blogs