NEC has been awarded a contract to train officials from six ASEAN nations in cyber-attack defence. The contract was awarded by the Japan International Cooperation Agency (JICA). The news comes two weeks after Cyberbit won a deal with Ni Cybersecurity. The focus of that deal was to train cybersecurity staff prior to the 2020 Olympics. This deal has similar goals although its primary focus is critical national infrastructure (CNI) and governments.
According to Mr. Kazuhiko Shiraishi, General Manager, National Security Solutions Division, NEC Corporation: “The improvement of cyber security plays an important role in NEC’s provision of ‘Solutions for Society’. Going forward, we will continue these efforts by providing drills, products and services for cyber defense to a large number of organizations, including governmental institutions and critical infrastructure providers, both in Japan and internationally.”
What is NEC delivering?
NEC is delivering a three year training programme across six ASEAN nations. The countries involved are Cambodia, Indonesia, Laos, Myanmar, the Philippines and Vietnam. The first training programme runs from February 20 – March 3, 2017. It will focus on a wide range of topics from incident response to early detection of attack.
It will also include how to implement countermeasures to defeat attacks. This is not likely to include the ability to launch retaliatory attacks. It may be that there is a different and realistically more sensitive programme around that. The UK, US, EU, Russia and China have all said cyber defence countermeasures must include the threat of retaliation.
The programme will use drills similar to those developed by the Ministry of Internal Affairs and Communications in Japan. Basing the exercises on the Cyber Defence Exercise with Recurrent (CYDER) model will speed up training and skills. It means that the six ASEAN nations and Japan will be able to coordinate their responses to attacks.
While the release does not name who potential attackers are, there are two obvious threats. The first is North Korea and it is surprising that South Korea and Taiwan are not playing any part in this programme. The second is China especially as all the nations concerned are already involved in territorial disputes with China. These disputes are focused on the South China Sea, oil and gas, fishing rights and the extension of territorial boundaries.
It is interesting that Japan is extending its influence in the region by funding this programme. There is no mention of support from the US which is the biggest surprise. The US has its own concerns over the spread of Chinese influence and state sponsored hacking. It may be that it is sharing intelligence through Japan to the ASEAN countries.
That smaller countries are seeking outside help with cyber defence is no surprise. Over the next few years it is likely that other programmes like this will spring up.