Security at APNIC

Security at APNIC

APNIC’s vision is for a global, open, stable, and secure Internet. APNIC plays an important role in Internet infrastructure security by:

• Sharing global security best practice information with APNIC Members and building regional security capacity through training and technical assistance
• Supporting Members’ efforts to maintain network security through resource certification and DNSSEC
• Supporting the creation of CERT/CSIRTs in the Asia Pacific to strengthen the community’s ability to mitigate security incidents
• Coordinating with the Asia Pacific security community, including the law enforcement community, to enhance mutual understanding and share views from the numbers community.

Other services from the Security Community

Good cybersecurity is a shared responsibility. APNIC does not provide the following services:

1. Take-down requests – APNIC has no mandate to take enforcement action on network abuse but can help you find network operator contacts so that issues can be raised directly.
2. Surveillance or security monitoring – APNIC does not have the capabilities to track criminals or threat actors.
3. Remediation of vulnerabilities on Member infrastructure (for example, unpatched servers or hacked computers). Members are responsible for managing their own infrastructure.
4. Prevention of spam, phishing, ransomware, network intrusion, malware or DDoS attacks.
   
   However, here are some resources that may help you:
   
   
   • ShadowServer Foundation
   • Team Cymru
   • Anti Phishing Working Group (APWG)
   • Contact the resource owner, especially the Incident Response Team (IRT) contact to get information about network administrators in organizations responsible for receiving reports of network abuse activities
   • In some cases, you may want to get the assistance of local Law Enforcement Agencies (LEAs).
   • Contact Computer Emergency Response Teams in the Asia Pacific or elsewhere in the world.