APCERT celebrated her 10th Anniversary
In the annual general meeting (AGM) held this year in Brisbane, Australia, the Asia Pacific Computer Emergency Response Team (APCERT) celebrated its 10th anniversary. Founding members gathered on stage to celebrate this occasion. HKCERT was a founding member of APCERT in 2003.
In fact, an Asia Pacific Computer Emergency Response Group existed long before 2003. When Hong Kong started the preparation work to establish its response team in 2000, we started to search for international and regional groups that we could talk to so as to understand the services of a computer emergency response team. We found that there was an “Asia Pacific Security Incident Response Coordination Working Group (APSIRC-WG)” that “promotes the exchange of ideas and expertise on Internet security incident handling” and “encourages AP countries to establish their own Incident Response Team”. The working group was formed under the Asia Pacific Networking Group (APNG) and the website was hosted in SingCERT (www.singcert.org.sg/apsirc/) – (refer to photo). We were surprised to note that Hong Kong was also a member of the working group, even before HKCERT was formed!
According to the website, the working group was initiated during an APNG seminar in Singapore in December 1997 and the first meeting was held in February 1998 during the APNG general meeting in Manila, the Philippines. A draft charter was discussed and the version 1 of the charter was released in October 1998. The chairs of the working group were ChaeHo Lim of KrCERT/CC and Suguru Yamaguchi of JPCERT/CC.
That was the time before APCERT. APSIRC represented both the name of the Working Group, as well as the name of an “Asia Pacific Security Incident Response Conference”
The era of APCERT began in 2002 when JPCERT/CC invited major incident response teams in the region to participate in the APSIRC Conference in Tokyo in March that year.
During the main meeting held on 26th March, participating teams agreed to form an Asia Pacific CERT Task Force (APCERTF) and to ask for the support from the Asia-Pacific Economic Cooperation Telecommunications & Information Working Group (APEC TEL WG). A working group was formed to further discuss the organization structure and to prepare a proposal to be submitted to APEC TEL WG. A proposal that covered the mission, membership and organization structure was prepared in July 2002. The document was not approved until the teams met again in Taiwan in early 2003.
In February 2003, an APSIRC Conference was held in Taipei in conjunction with the annual APRICOT Conference. In addition to the conference sessions on the first day (24th February), a closed session was held on the second day (25hth February) to conduct the first general meeting of APCERT. During the general meeting, the name of the group – Asia Pacific Computer Emergency Response Team (APCERT) was confirmed. The policy and procedures of APCERT were discussed and approved (the first version of the Operational Framework, election procedure, etc.). The first Steering Committee members and the Chair were also elected during the occasion. Refer to the photo below on the participants of this important meeting – all those appeared in this photo are regarded as Fathers (and Mothers) of APCERT.
The name of the group, the members of the group, and even the procedures governing the group has changed a lot since 1997. One thing that did not change throughout these years is the emphasis on coordination and cooperation. Security incident handling requires the coordination and cooperation of teams in different economies, sharing and exchanging information, and assisting each other in tackling incidents and making the Internet safe. It is with this important goal that teams find it valuable to join APCERT, coordinating with other teams in the same region. The APCERT will definitely contribute to the safe Internet environment for the next 10 years, and beyond.