This is the welcoming address that I delivered at the opening session of APRICOT-APAN 2011 in Hong Kong on February 21, 2011:
Dr [Vint] Cerf, Dr [Ya-Qin] Zhang, Permanent Sec [Elizabeth] Tse, our honored guests from all around Asia Pacific and the world, and locally from Hong Kong, welcome to the opening session of APRICOT-APAN 2011 in Hong Kong.
This year, APRICOT (Asia Pacific Regional Internet Conference on Operational Technologies) is returning to Hong Kong for the first time since 1997, and for the first time, APAN (Asia Pacific Advanced Network) is held concurrently with APRICOT, bringing together the plumbers and engineers behind the net with the heaviest and most innovative users from the industry as well as the research and development community.
APRICOT-APAN is important for Hong Kong. As i said, this is the second time APRICOT was held in Hong Kong, and our Internet industry and community has come a long way since 1997. This event, APRICOT-APAN I hope will emphatically reaffirm Hong Kong's role as an Internet hub of Asia and indeed the world, and in fact an especially unique and important role as a gateway for China, the country with the largest Internet population today.
APRICOT-APAN is a two week event, and we are already into our second week. Last week, we held a series of very successful and well attended technical workshops in Hong Kong Cyberport, our Workshops Sponsor, and we thank Cyberport for their support, and this morning we already held a special section on DNSSEC the DNS Security Extensions, and now, we are reaching yet another climactic point with this keynote section with Dr Vint Cerf, Chief Internet Evangelist of Google one of the fathers of the internet, and Dr Ya-Qin Zhang, Corporate Vice President of Microsoft and Chairman of Microsoft Asia Pacific R&D Group.
But for a conference about innovative and ground breaking use of the internet technologies, how can I not tell you about the network infrastructure that we have set up for this event? For the first time for a conference of similar nature and scale in this venue, we have set up a network running up to 100 Gbps connecting you to the internet outside, enabling the live webcast and remote participation for many of our sessions, and we have set up 70 wi-fi access points all around the conference meeting rooms and 12 of them are serving you from right here in this room. And possibly for the first time in this facility, we have both IPv4 and IPv6 running on this network. I was joking with our crew that maybe we should leave the setup behind, and it will be a great showcase for this facility. We will send a bill to the convention center later :)
But seriously, if you have a chance to stop by the exhibits outside, please look for a little glass room that we have set up with racks of equipment with blinking lights that actually run the network here that you are using. Our IT infrastructure team made up of volunteers has been working day and night throughout the last weekend putting it up, and so many kudos for them for their great effort!
A few words about ourselves, Internet Society Hong Kong. At ISOC HK, we believe the Internet is for everyone, and we all can make a difference, that's why we like to say, don't ask what the internet can do for you, ask what you can do for the internet. And with this principle in mind, we have been and will continue to focus our attention on promoting the adoption of new technologies and standards, such as IPv6 and DNSSEC, and the protection of a healthy and free environment for the Internet to grow and expand, including participating and even driving locally and regionally the policy issues that affect how users use the Internet every day. And, we welcome all of you in Hong Kong to join us.
Last but not least, I want to thank all our sponsors and supporting organizations, although there are really too many for me to name one by one. But in particular, let me thank our co-hosts, the Hong Kong Internet Exchange, Hong Kong Internet Service Providers Association, and the Joint Universities Computing Center. Our host fibre broadband service sponsor, PCCW, our Diamond Sponsor, Cisco. And our Platinum Sponsor, APNIC, and all our other sponsors and supporting organizations, thank you very much!
Established on 20th February 2001, HKCERT is celebrating our 10th anniversary. In this challenging decade, the Internet has changed tremendously, and so did the security threats and the work of HKCERT. We have dedicated the coming issues of our newsletter to review our achievements and deficiencies, and to look forward to developing better in the future.
In the first article of this series, we have invited Mr. Charles Mok, the former Chairman of the Hong Kong Internet Service Providers Association to give his views. Mr. Mok witnessed the birth and growth of HKCERT. As an independent party who cares a lot on the development of CERT in Hong Kong, his views on the development of HKCERT in the past and in the future are thought provoking.
Happy Birthday, HKCERT! Time certainly flies when it comes to the Internet, but it was almost just like yesterday, looking back at how the Internet community in Hong Kong lobbied for the formation of our own CERT (computer emergency response team) in the earlier years of the Internet in Hong Kong.
Back in the last millennium, Internet service providers in Hong Kong, organized under the Hong Kong Internet Service Providers Association (HKISPA), has spent a few years lobbying hard to the Government for funding support to create a CERT in Hong Kong, fully realizing that we were among the last economy in Asia to have one. First, we were told that the CERT should not be run by commercial and competing ISPs. Fine, we ISPs went looking for academic collaboration, and we were told that would be too academic. We squandered a couple of years wondering what the Government really wanted to do, while viruses of the day ran rampant in Hong Kong, causing havoc on their ways.
Finally, the Hong Kong Productivity Council (HKPC) stepped up and made its proposal to the Government to operate the CERT, supported by the HKISPA and others, and the Internet community in Hong Kong would be eternally thankful for HKPC’s stepping up to the plate. Over the years, through various funding droughts and uncertainties, HKCERT under HKPC has continued to provide exemplary services to our industry and the public. That was the last ten years, and Hong Kong was truly lucky not to have encountered any truly devastating security incident or disruptive episode for our Internet.
Changing needs
But times have been a-changing. Gone were the days of looking after firewalls and watching out for viruses that simply went about deleting your files from your PCs. Today, malwares are not only more powerful but they are more malicious, penetrating firewalls and bypassing detection by security software, and hiding under the skins of our computers, quietly hijacking our resources to cause more damages elsewhere on the net. Greater reliance on search engines, social networks and online financial transactions has made our daily lives and businesses much more susceptible to losses of all kinds, not the least of which involving our personal data privacy.
Such new development of Security 2.0 certainly calls for a new thinking in response – the CERT 2.0.
From passive to proactive – More and more CERTs around the world are funded to proactively provide services to clean up malware buried stealthily inside servers and computers in order to prevent them from bringing down a country’s network, rather than passively waiting for the victims to call for advice.
From response to research – Instead of passively making responses to threats, CERTs are funded to work closely with researchers to investigate local patterns of threats, and bridging the latest research findings with ISPs, web hosting companies and domain name registries in the frontline.
We need HKCERT 2.0
For many years, I have been urging the Government to do what many others have done, that is, to conduct proactive network monitoring to collect intelligence, to find out any emerging patterns of security threats, rather than waiting to respond when it has already happened. However, the Government seems content to only adopt such proactive approach during “major events,” such as the Olympics or East Asian Games. It is as if the perpetuators only do bad things when there is a big thing going on. Of course, this mentality is grossly inadequate by any measure.
A minimalist HKCERT is no longer sufficient for Asia’s World City, and the region’s Internet hub, as we position ourselves to be. HKCERT 2.0 must be funded and governed in a sustainable manner to conduct more research and testing and proactive network monitoring for new trends of threats, as well as providing active advice and guidelines to the industry and the public. More efforts must also be placed on education and public awareness, covering not only how to counter attacks, but to prevent leakages of data from the inside out.
I congratulate HKCERT and HKPC for a great ten years with excellent performance for Hong Kong under limited resources. I look forward to its continued contribution to Hong Kong and the IT sector in the next ten years and more!