Cyber threats evolve at a fast pace with malicious cyber criminals becoming increasingly sophisticated and better organised. In mitigating cyber threats, it is imperative for countries to have adequate tools and resources to amongst other:
- capture information about specific threats targeting the country
- aggregate and disseminate relevant incident data for a more effective response
In collaboration with IMPACT, ITU proposes two such tools
AWARE that can assist Member
States in building capacity in cybersecurity. These tools can also be deployed independently or as part of the National CIRT. Furthermore, to facilitate the timely availability of relevant cyberthreat reports to ITU Member states, ITU has partnered with leading global players namely Symantec and Trend Micro. Click here to access these reports.
Honeypot Research Network (HORNET)
is a strategically deployed sensors network feeding real-time intelligence to help countries enhance their readiness against cyber threats. HORNET sensors are decoy servers or systems setup to be an easier prey for intruders but with minor system modifications so that their activities can be logged or traced.
The sensors are used to capture information such as malware and network attacks to better understand attackers’ behaviour. In addition to information on the global cyber threat landscape, deploying HORNET in a country’s network provides it with more country specific information on threats and enables it to better understand the threats is facing and the types of mitigation efforts to be put in place.
This service is available to Member States through
Option 1: Installation of a sensor in the country to enhance coverage of the global HORNET. The Member State will be given access to its country’s global dashboard together with monthly country level reports. This service is provided at minimal cost to the country and requires very limited maintenance.
Option 2: A subscription based access to the entire global dashboard with all country reports.
Option 3: A customised project based installation of 5 sensors in the country with the local hosting of the database.
Abuse Watch Alerting & Reporting Engine (AWARE)
is designed to assist the Computer Incident Response Teams (CIRTs) in enhancing the incident response function. It provides the means to collect data from various abuse feeds, process the events and send out aggregated reports to be disseminated to relevant agencies/organisations for appropriate actions.
This service is available to Member States through a yearly subscription.
A demonstration of HORNET and AWARE services can be made at the request of a Member state.