LAST week, the Zambia Information and Communications Technology Authority (ZICTA) on behalf of Government hosted the first-ever cyber drill for Africa which attracted 18 countries.
The cyber security which ran from September 29 to October 1, 2014 in Livingstone was organised in collaboration with the International Multilateral Partnership against Cyber Threats (IMPACT) and the International Telecommunications Union (ITU) – the UN Agency that oversees the Information Communication Technology sector in the global community.
In 2007, the ITU launched the Global Cyber-security Agenda (GCA) which is a framework for international cooperation aimed at enhancing confidence and security in the information society. The framework has since fostered initiatives such as the Child Online Protection and establishment of National Computer Incident Response Teams (CIRTs) through its partnership with IMPACT â€“ an international organisation based in Malaysia and currently hosting the GCA.
In Zambia, a CIRT was set up in 2012 to provide the nation with the capability to â€œwatch and warnâ€ of undesirable events occurring in cyberspace and the capacity to respond to incidents. The Zambian CIRT also provides a single point of contact for addressing cyber security incidents on behalf of the Zambian government. The establishment of the CIRT consequently increases the number of reported computer security incidents and identified vulnerabilities, and it also provides a platform for authorities and law enforcement agencies to collaborate.
The purpose of the Livingstone cyber drill for the African region, was to assist partner countries and their national CIRT in improving their capability to detect, identify and mitigate cyber security incidents.
ITU-IMPACT has in the recent past, been conducting regional Applied Learning for Emergency Response Teams (ALERT) cyber drills, the latest one being this one for Africa which consisted a one-day workshop and two days of practical hands-on exercises for the participants.
The objectives of the cyber drill for Africa were;
? To enhance communication and collaboration among participating partner countries.
? To build capacity and improve the incident response capabilities of participants.
? To gauge and improve the preparedness of member states in the identification, response, prevention and resolution of computer incidents.
Both local and international speakers presented and discussed issues that included Cybersecurity in Zambia, Enhancing Regional and International Cooperation, Briefing on Global Cybersecurity Index (GCI), Forensics Investigations, Cybersecurity Overview in Africa, Mitigating Cyber Threats: Intellium Case Studies, among other topics.
This was followed by a two-day attack-simulation in a controlled environment. Various scenarios to simulate real world cybersecurity incidents were presented to the participants by the facilitators from IMPACT, NUIX, and Intellium.
Every scenario was structured to consist of a storyline to provide the background of the incident to as well as sample evidence that the participants analysed and used to subsequently, recommend threat mitigation actions or strategies to prevent the incident from recurring. The scenarios included unauthorised access and file modification of the system, web server data collection, external hacking analysis, external hacking and malware analysis.
The countries which participated in the actual drill included Angola, Somalia, Botswana, South Africa, Burundi, Tanzania, Ivory Coast, Togo, GhanaÂ Â Â ,Uganda, Kenya, Malawi, Senegal Zimbabwe and Zambia. A few only participated in the workshop.
The cyber drill provided a platform for incident handlers from various African countries to come together, collaborate, communicate and enhance their incident handling skills. It was a great honour for Zambia to host the first cyber drill for Africa and it is our hope that the initiative grows to greater heights as nations join together in the fight against cyber-crime.