19th Iteration of ASEAN Cyber Emergency Response Team (CERT) Incident Response Drill Tests CERT’s Preparedness Against AI-Enabled Cyber Attacks

Published on 17 Oct 2024

ASEAN CERT Incident Drill 2024

The Cyber Security Agency of Singapore (CSA) organised the 19th iteration of the ASEAN CERT Incident Drill (ACID) held on 15 and 16 October 2024. This was held in conjunction with the Singapore International Cyber Week 2024, Asia-Pacific’s most established cybersecurity event.

An annual drill hosted by Singapore since 2006, ACID tests incident response procedures and strengthens cybersecurity preparedness and cooperation among CERTs in ASEAN Member States and ASEAN Dialogue Partners.  This year’s ACID is held in a hybrid format with the Singapore CERT (SingCERT) stationed at the newly launched ASEAN Regional CERT located at the ASEAN-Singapore Cybersecurity Centre of Excellence.

Themed “Navigating the Rise of AI-Enabled Cyber Attacks”, this year’s ACID was chosen against the backdrop of the multifaceted application of Artificial Intelligence (AI) technology for attack and defence. The threat of AI-powered cyber-attacks is escalating, as malicious actors increasingly leverage AI to assess targets and develop techniques to evade detection mechanisms, compromising organisational security. Through email injects, this year’s drill simulates similar tactics employed by threat actors, such as the use of AI to develop malware and AI-generated phishing messages.

This year’s ACID includes a Tabletop Exercise (TTX) developed and moderated by SingCERT. In the TTX, scenario injects were provided for participants to discuss how they would respond to them, giving participating CERTs the opportunity to share information on their incident response processes, best practices to identify areas for further improvement and enhance their operations planning capabilities.

The 19 CERTs that participated in this year’s ACID provided feedback that the drill and TTX enhanced participants’ capabilities and exposed their teams to new incident response scenarios and analysis techniques. Participants also feedbacked that the drill and TTX highlighted the threats posed by emerging technologies such as Artificial Intelligence, allowing the teams to practice responding to a diverse range of relevant scenarios.

 

 


 

Report a Cybersecurity Incident

SingCERT encourages the reporting of cybersecurity incidents as it enables us to better understand the scope and nature of cyber incidents in Singapore. This will enable us to issue alerts or advisories on relevant threats, and assist a broader range of individuals and organisations.
Report Incident