JICA Overseas Technical Training "Cyber Defense Exercise" for Indonesia, Cambodia and the Philippines

Jakarta (January 22, 2025), starting from January 20, 2025, JICA Overseas Technical Training^*1 "Cyber Defense Exercise" is currently being held in Jakarta, which is attended by participants from Indonesia, Cambodia, and the Philippines.
In this training, the participants were divided into 2 (two) groups, namely the Red team/team of instructors who has the task to attack the system built in virtual space by employing methods commonly used in the real world. The second group is the Blue team/participant team, which has the task to protect the system. Through this combination of exercises, participants are expected to gain practical system defense skills. The Red Team training is designed to train instructors who can design, build and implement future exercises in their respective countries. Meanwhile, the Blue Team training is designed to improve defense skills against cyber attacks developed by the Red Team. The training is conducted in cooperation with JICA's technical cooperation for cybersecurity^*2 for Indonesia, Cambodia, and the Philippines.

(1) Training Schedule
Red Team : January 20 to January 31, 2025.
Team Blue : February 24 to February 27, 2025 (Indonesia only)
*Implementations for Cambodia and the Philippines are scheduled from March.

(2) Objective
The goal of this training is to enhance the security of information systems and networks in each country and region by strengthening cybersecurity measures in Indonesia, Cambodia, and the Philippines. Specifically, it aims to design the cyber attack/defense exercise and to train those practitioners, thereby strengthening the technical capabilities of each country and building a sustainable security system.

(3) The Red team members consist of 8 participants from Indonesia, 5 participants from Cambodia, and 4 participants from the Philippines. In these three countries, JICA's technical cooperation on cybersecurity is ongoing.

(4) Two exercise scenarios that will be practiced in this training is as follows:
- Scenario 1: A web service that is subjected to cyberattacks and database information leaks.
- Scenario 2: A targeted attack on a company or organization's intranet resulting in the leakage of confidential information to the outside world.

Today, our society is highly dependent on digital technology. Last year, a cyberattack on Indonesia's National Data Center (PDN) disrupted the immigration system and led to failures in several government agencies. In recent years, the risk of cyberattacks and information leak has increased alongside our growing reliance on information and communication technologies (ICT). Cyberattacks can significantly impact citizens' lives, cause substantial economic disruption, and pose threats to national security.

In addition, as cyberspace threats are constantly changing and it is difficult to realize a completely secure cyberspace, it is important for each country to enhance its ability to respond autonomously to changing cyber risks, in other words, to increase the resilience of cyberspace. At the same time, cyberspace can no longer be protected by the efforts of a single country alone. It is necessary to realize stable development of the international community by promoting cooperation among countries to build a free, fair, and regionally secure cyberspace. This Overseas Technical Training Program supports developing countries to jointly tackle common issues and achieve collective self-reliance through mutual exchange and sharing of technology, knowledge, and experience.

*1) Overseas technical training Overseas technical training refers to training programs for technical trainees conducted in countries outside of Japan. This training is classified into two categories:
1. Third-Country Training: This type of training is organized in a third country and is supported by Japan's development cooperation efforts between developing nations.
2. Local In-Country Training: This training is specifically designed for the nationals of the country where the training is taking place.

The training mentioned in this press release falls under the category of "third-country training."

*2) Introduction for JICA's technical cooperation for cybersecurity (only in Japanese)
Indonesia: https://www.jica.go.jp/oda/project/1701288/index.html
Cambodia: https://www.jica.go.jp/oda/project/202005894/index.html
Philipine: Individual Expert on Cybersecurity Capacity Development