Because there’s so much money to be made from attacks against businesses, today’s cybercriminals are highly skilled and very well-funded… and that makes them an even bigger threat to enterprises.
Cybercriminals are running efficient organizations that have the resources to develop increasingly sophisticated threats that can:
• Defraud enterprises
• Steal valuable intellectual property
• Disrupt day-to-day business operations
• Steal confidential information about customers
• Hold businesses to ransom – by encrypting and ‘locking up’ essential data
The country has established the Indonesian Aviation Sector Computer Security Incident Response Team (IAS-CSIRT) to strengthen cybersecurity. The team will report to the Ministry of Transportation’s Director General of Air Transportation.
To anticipate system vulnerabilities, identify opportunities for bad actors to exploit, and reduce the risk of cyber incident threats, the aviation sector required a dedicated cybersecurity team. The CSIRT will regularly publish information on vulnerabilities, security, and new technology trends. The team is also prepared to face various escalating challenges. Members of the CSIRT will be trained through cyber drills and workshops.
The team is in charge of receiving, reviewing, and responding to cyber incident reports and activities with the function of providing reactive services by performing incident coordination, incident triage, and incident resolution.
During the IAS-CSIRT inaugural speech, the Deputy for Cybersecurity and Economic Cryptography of the National Cyber and Crypto Agency (BSSN), Markos, said that the aviation industry increasingly relies on digital technology for flight operations, ground services, communications navigation and surveillance, airport infrastructure, air traffic management, and supply chain.
Therefore, cybercrime prevention and management are crucial for many parties, including aviation service providers. F. Budi Prayitno, the Director of Aviation Security at the Ministry of Transportation, outlined the importance of cyber defence since cybercrime has resulted in considerable losses across sectors. “Effective cyber-crime prevention and management necessitate the collaboration of various cyber security stakeholders who already have a CSIRT,” said Budi. The BSSN contributed to the formation of the IAS-CSIRT.
Markos hopes that the IAS-CSIRT will be able to collaborate, synergise, and share information with various stakeholders and other cybersecurity constituencies in Indonesia, particularly in the handling and recovery of cyber incidents.
BSSN wants other sectors to form a CSIRT as well. The IAS-CSIRT was established for the first time (IIV) following the issuance of Presidential Regulation 82 of 2022 concerning the Protection of Vital Information Infrastructure. Sector IIV prioritises the CSIRT because it manages various strategic information assets related to community survival, national stability, and sovereignty.
Before the inauguration, BSSN signed a memorandum of understanding (MoU) and cooperation agreement with state-owned Aviasi Wisata Indonesia (InJourney Group) to support the tourism industry. In addition, cooperation on information protection and electronic transactions intends to improve the quality of information protection and electronic commerce.
The agreement’s scope includes information and communication technology security, the use of electronic certificates to improve electronic transaction security, the improvement and development of human resources, the exchange of information, and cybersecurity campaigns and literacy.
At the signing ceremony, the Head of the National Cyber and Crypto Agency (BSSN), Hinsa Siburian, emphasised the importance of synergy and collaboration to recover the Indonesian aviation and tourism industry through a reliable and safe digital transformation.
Furthermore, between January and November 2022, BSSN detected over 1.14 million traffic anomalies across all InJourney Group assets. BSSN said the most anomalies were discovered in August, with 235,742 events.
The collaboration is expected to make digital information transactions and exchanges more secure and leak-proof. The rapid advancement of digital technology presents an opportunity for Injourney to gain trust and confidence in the Indonesian tourism industry. However, as a result, it must be balanced with maximum data, information, and electronic transaction security.
The Counter Ransomware Task Force (CRTF), which was formed to bring together Singapore Government agencies from various domains to strengthen Singapore’s counter-ransomware efforts, has issued its report.
Singapore’s efforts to promote a resilient and secure cyber environment, both domestically and internationally, to combat the rising ransomware threat are guided by the recommendations in the CRTF report.
According to David Koh, Commissioner of Cybersecurity, Chief Executive of CSA and Chairman of the CRTF, ransomware poses a threat to both businesses and individuals. Economically, socially, and even in terms of national security, it can be detrimental. Both internationally and across domains, ransomware is a problem.
“It requires us to collaborate and draw on our knowledge in a variety of fields, including cybersecurity, law enforcement, and financial supervision. It also necessitates that we work with like-minded international partners to identify a common problem and develop solutions,” David explains.
He exhorts businesses and individuals to contribute as well, strengthening the nation’s overall defence against the ransomware scourge.
Cybercriminals use malicious software known as ransomware. When ransomware infects a computer or network, it either locks the system or encrypts the data on it. For the release of the data, cybercriminals demand ransom money from their victims.
A vigilant eye and security software are advised to prevent ransomware infection. Following an infection, malware victims have three options: either they can pay the ransom, attempt to remove the malware, or restart the device.
Extortion Trojans frequently employ the Remote Desktop Protocol, phishing emails, and software vulnerabilities as their attack vectors. Therefore, a ransomware attack can target both people and businesses.
The ransomware threat has significantly increased in scope and effect, and it is now a pressing issue for nations all over the world, including Singapore.
The fact that attackers operate internationally to elude justice makes it a global issue. Ransomware has created a criminal ecosystem that offers criminal services ranging from unauthorised access to targeted networks to money laundering services, all fed by illicit financial gains.
Singapore must approach the ransomware issue as a cross-border and cross-domain problem if it is to effectively combat the ransomware threat.
Other nations should adopt comparable domestic measures to coordinate their financial regulatory, law enforcement, and cybersecurity agencies to combat the ransomware issue and promote international cooperation.
Three significant results were the culmination of the CRTF’s work. For government agencies to collaborate and create anti-ransomware solutions, they first developed a comprehensive understanding of the ransomware kill chain.
Second, it examined Singapore’s stance on paying ransom to cybercriminals. Third, for the government to effectively combat ransomware, the CRTF suggested the following policies, operational plans, and capabilities under four main headings:
Pillar 1: Enhances the security of potential targets (such as government institutions, critical infrastructure, and commercial organisations, especially small and medium-sized businesses) to make it more difficult for ransomware attackers to carry out successful attacks.
Pillar 2: To lower the reward for ransomware attacks, disrupt the ransomware business model.
Pillar 3: To prevent ransomware attack victims from feeling pressured to pay the ransom, which feeds the ransomware industry, support recovery.
Pillar 4: Assemble a coordinated international strategy to combat ransomware by cooperating with international partners. Singapore should concentrate on and support efforts to promote international cooperation in three areas that have been identified by the CRTF: law enforcement, anti-money laundering measures, and discouraging ransom payments.
The appropriate government agencies will take the recommendations of the CRTF under consideration for additional research and action.
The Ministry of Information and Communications (MIC) announced it would roll out Internet advertising management measures at a conference in Hanoi earlier this week. Participants at the event discussed how advertising in cyberspace has become the norm. Domestic and foreign firms choose it because it is easier to access customers and it offers flexible costs and larger reach. However, the limited management of ads poses potential risks to the safety of brands, the Ministry has said.
According to a press release by MIC, ad agents affirmed that without the cooperation of cross-border platforms in modifying algorithms to filter and censor content, ad violations will remain rampant. The Ministry will penalise agents and brands that cooperate with platforms that do not fall in line with MIC regulations. On the other hand, the Ministry will support ads on domestic and foreign digital platforms that comply with domestic laws, MIC’s Deputy Minister, Nguyen Thanh Lam, noted. This will protect brands and build a healthy, safe, and fair ad business environment.
The Ministry will also increase inspection and clampdown on violations of Internet ads activities, he said. Cross-border ad firms that fail to comply with Vietnam’s laws will not be allowed to operate in the country. MIC has also generated a Whitelist consisting of licensed e-newspapers, magazines, general information websites, and social media. Other websites, registered accounts, and information channels are also in the pipeline for the list, the release said. The list will be publicised on the portals of the Ministry and Authority of Broadcasting and Electronic Information. Ad service providers, agents, and brands were also urged to use the list for their work.
Nearly 80% of the population in Vietnam are digital consumers, as OpenGov Asia reported earlier in October. Over the past year, the average contribution of e-commerce to total retail has continued to grow at 15%. Higher than growth in India (10%) and China (4%), with an online-to-total retail share of 6%. Now that the world is in the post-pandemic stage, regional consumers are prioritising an integrated shopping experience, combining online and in-person services. During the ‘discovery’ phase of their shopping, 84% of Vietnamese shoppers use the Internet to browse and find items. This is a period when they use more platforms than ever before, with the dominance of the e-commerce market accounting for 51% of online spending.
At the same time, social networking sites account for nearly half of online discoveries, including images (16%), social media videos (22%), and related tools such as messaging (9%). These tools were paramount channels for 44% of survey respondents. Consumers’ openness to interaction and experimentation has also led to behavioural changes, with 64% of respondents saying they have interacted with a business account in the past year. As customers seek more engagement, the content creation economy is able to grow exponentially.
In the context of digital consumption, Vietnamese users switch brands more often and increase the number of platforms they use to find a better value, with 22% of online orders made on various e-commerce platforms. The number of online platforms Vietnamese consumers use has doubled from 8 in 2021 to 16 in 2022. Therefore, it is important to put in place proper ad regulations as Internet usage grows.
The Cyberspace Administration of China (CAC) announced a new certification for personal information protection and implementation. The office has decided to implement such certification to enhance its information protection capabilities and to promote the rational processing of personal information.
The certification implementation follows the Personal Information Protection Certification Implementation Rules. The implementation rules clarify that personal information processors must comply with the requirements of GB/T 35273 Information Security Technology Personal Information Security Specifications. The rules outline requirements for on-site audits, the evaluation and approval of certification results, post-certification supervision and certification time limits.
Organisations engaged in personal information protection certification work need approvals to carry out activities. The regulation applies to every personal information processor that carries out private information collection, storage, use, processing, transmission, provision, disclosure, deletion and cross-border processing activities.
The State Administration for Market Regulation and the State Internet Information Office decided to implement personal Information protection certification. The step is relevant to provisions of the Personal Information Protection Law of the People’s Republic of China (‘PIPL’). The body requires the Specifications for Security Certification of Cross-Border Processing of Personal Information for cross-border personal information processing.
The latest versions of the standards include technical verification, on-site audit, and post-certification supervision. In addition, the certification body shall clarify the requirements for certification entrustment materials, including but not limited to the basic materials of the certification client, the certification power of attorney, and relevant certification documents.
To get certified, an organisation must submit certification entrustment materials according to the certification body’s requirements and the certification body shall give timely feedback on whether it is accepted after reviewing the materials.
The materials are then used for determining the certification plan, including the type and quantity of personal information, the scope of personal information processing activities, information on technical verification institutions, etc., before notifying the organisation seeking certification.
The CAC stated certification is valid for three years. An organisation must submit a certification commission within six months before the expiration of the validity period. The certification body shall adopt the method of post-certification supervision and reissue new certificates to those that meet the certification requirements.
Violations, cheating, and other behaviours that seriously affect the implementation of the certification on the certification client or personal information processor will cancel the certificate. Therefore, certification bodies shall adopt appropriate methods to implement post-certification supervision to ensure that certified personal information processors continue to meet certification requirements. The certification body comprehensively evaluates the post-certification surveillance conclusions and other relevant information. If the evaluation is passed, the certification certificate can continue to be maintained.
The organisation shall actively cooperate with the certification activities. During the validity period of the certification certificate. If the name and registered address of the certified personal information processor, or the certification requirements, certification scope, etc., change, the certification principal shall submit a change entrustment to the certification body.
When changes happen, the certification body must evaluate the change in entrustment materials. The result will determine whether the body can approve the change. If technical verification or on-site audit is required, the body shall conduct technical and on-site audits before the change is approved.
When a certified personal information processor no longer meets the certification requirements, the certification body will promptly suspend or revoke the certification certificate. The certification principal can apply for the suspension and cancellation of the certification certificate within the validity period of the certification certificate.
The Vietnam Information Security Association (VNISA) surveyed 135 organisations and enterprises in Vietnam on ensuring information security. One out of every four organisations and businesses have had their systems interrupted or attacked in 2022, while 76% of organisations and businesses lack sufficient staff for information security.
The information was revealed by former Deputy Minister of the Ministry of Information and Communications (MIC), Nguyen Thanh Hung, who is chair of VNISA, during a plenary session at an international workshop during the Vietnam 2022 Information Security Day.
The survey found that 58% of organisations have doubts about technology and 47% about security holes. Around 68% of organisations and businesses said they still don’t have enough money to invest in information security annually. At the workshop, Tran Dang Khoa, the Deputy Head of the Authority of Information Security, said that in the last 11 months, the agency has recognised, warned, and instructed companies on how to handle 11,212 cyberattacks. The number of information systems in accordance with the new levels accounts for 54.8%. One of the key tasks of the agency in 2023 is submitting information to the Prime Minister for the issuance of a directive on legal compliance and security.
The workshop was sponsored by MIC and organised by VNISA and MIC and addressed “safe” digital transformation. MIC’s Deputy Minister, Nguyen Huy Dung, stated that ensuring safety in cyberspace is the task of all agencies, units, and people. Dung stressed that digital transformation is a national long-term programme. It means bringing people’s and businesses’ activities into a digital environment. It is necessary to protect more than 3,000 information systems of the state’s agencies, as well as activities in cyberspace of nearly one million businesses, five million business households, 26 million households, and 100 million people.
Dung noted that ensuring safe cyberspace and safety for organisations and people in cyberspace is the responsibility of all agencies, organisations, and people, with the principle ‘like cyberspace, like the real world’. The agencies in charge of certain fields in real life will also be in charge of those fields in the virtual environment, he said.
In October, Prime Minister Pham Minh Chinh issued Directive No. 18/CT-TTg on accelerating the implementation of activities to respond to cybersecurity incidents in Vietnam. The directive states that the government will pay more attention to reviewing, detecting, and fixing vulnerabilities and weaknesses. It will proactively monitor and detect any network information insecurity risks to promptly handle incidents. It will strictly implement regulations on reporting online information security incidents.
As OpenGov Asia reported, the directive describes cybersecurity as an important, cross-cutting pillar in the creation of digital trust. Its promotion will protect the country’s prosperous development in the digital era as the country attempts comprehensive national digital transformation. Chinh urged stakeholders to thoroughly grasp the contents of the Directive and devise measures to address and timely handle cybersecurity incidents. Stakeholders include ministers and heads of ministerial-level agencies, among others.
The Second Minister for Trade and Industry, Tan See Leng, and the Republic of Korea (RoK) Minister for Trade, Dukgeun Ahn, have signed the Korea-Singapore Digital Partnership Agreement (KSDPA).
Under the agreement, the two sides will work to establish digital trade rules and norms to promote interoperability between digital systems. This will enable more seamless cross-border data flows and build a trusted and secure digital environment for businesses and consumers. A government press release wrote that KSDPA will also deepen bilateral cooperation in new emerging areas such as personal data protection, e-payments, artificial intelligence, and source code protection.
The Ministers also signed a memorandum of understanding (MoU) on Implementing the Korea-Singapore Digital Economy Dialogue, which will act as a platform to promote digital economy collaboration between industry players and academic experts from both sides. The MoU is part of bilateral efforts to develop cooperative projects to implement the KSDPA. Key features of the KSDPA include:
Facilitating end-to-end digital trade
Electronic Payments (e-payments): The two sides will adopt transparent and facilitative rules (e.g. encouraging open Application Programming Interfaces (APIs)) to promote secure cross-border e-payments.
Paperless Trading: Singapore and RoK will accept electronic versions of trade administration documents to support the digitalisation and seamless exchange of key commercial documents.
Open Government Data: Both countries will ensure that government data will be publicly available in a machine-readable and open format, with easy-to-use and freely available APIs.
Enabling trusted data flows
Cross-border Data Flows (including for financial services): Businesses in Singapore and RoK will be allowed to transfer information, including those which are generated or held by financial institutions, across borders if the requisite regulations are met and with adequate personal data protection safeguards in place.
Prohibiting Data Localisation: The two nations will establish rules against data localisation requirements so that businesses can choose where their data is stored and processed, and their cloud technology of choice.
Facilitate trust in digital systems and participation in the Digital Economy
Artificial Intelligence (AI): The countries will promote the adoption of AI governance and ethical frameworks that support the trusted, safe, and responsible use of AI-based technologies.
Cryptography: Neither country will require the transfer of or access to private keys and related technologies, as a condition of market access.
Source Code Protection: To ensure software developers can trust the market within which they operate and ensure that source code is protected, neither country will require the transfer of, or access to, source code as a condition of market access. This includes the algorithm expressed in the source code.
Online Consumer Protection: The two sides will adopt laws that guard against fraudulent or deceptive conduct that causes harm to consumers engaged in online commercial activities.
Small and Medium Enterprises Cooperation: Singapore and RoK will promote jobs and growth for SMEs. They will also encourage their participation in platforms that help link them with international suppliers, buyers, and other potential business partners.
Digital Identities: The countries will promote interoperability of digital identity regimes, which can lead to reliable identity verification and the faster processing of applications. This will enable businesses and consumers to navigate the digital economy with ease and security.
The National University of Singapore (NUS) School of Computing recently hosted the inaugural Critical Infrastructure Defence Exercise (CIDeX), which was organised by the Digital and Intelligence Service (DIS). Over 100 people from the DIS and 16 other national agencies working in the Critical Information Infrastructure (CII) sectors took part in the cyber defence exercise.
The largest Operational Technology (OT) Critical Infrastructure defence exercise, CIDeX is supported by the Cyber Security Agency of Singapore (CSA), iTrust/SUTD, and the National Cybersecurity R&D Laboratory (NCL).
CIDeX is designed to train and strengthen the Whole-Of-Government (WoG) cyber capabilities to detect and address cyber security threats to Information Technology (IT) and OT networks that control the operations of critical infrastructure.
Over the course of the two days, members of the Blue Teams, which included individuals from the national agencies acting as cyber defenders, guarded the exercise’s digital infrastructure, which included an enterprise IT network and three OT testbeds that replicated a water treatment plant, a water distribution plant, and a power grid system, from real-time simulated cyber-attacks launched by a composite Red Team made up of DIS and CSA personnel.
Attacks on the IT network and OT testbeds were included in exercise scenarios. These attacks included poisoning the water treatment plant, stopping water distribution, and cutting off the power supply—all of which intended to disrupt operations and have a negative impact on the way of life. By using cyber tools to track, identify, and block Red Team cyberattacks, participants improved their technical knowledge and intuition for defending cyber networks.
In order to strengthen and perfect their cyber defence competencies prior to the exercise, the participants completed a three-day hands-on training course at the Singapore Armed Forces (SAFexpanded )’s Cyber Defence Test and Evaluation Centre (CyTEC) at Stagmont Camp.
Alongside the exercise, Defence Cyber Chief (DCC) Brigadier-General (BG) Edward Chen and CSA’s Deputy Chief Executive (Development), Gaurav Keerthi, inked a Joint Operations Agreement (JOA) between the DIS and CSA. A framework for collaboration and cooperation in joint operations and capability development is established by the CSA-DIS JOA, which will help create a secure national cyberspace.
The DIS is aware of the need of cultivating close cooperation with CSA and other national agencies in safeguarding Singapore’s cyberspace, according to BG Edward, who emphasised the need for close partnership in securing Singapore’s cyberspace.
He acknowledged that the Joint Operations Agreement between the CSA and the DIS is a significant step in broadening their alliance and institutionalising their existing collaboration in areas like joint cyber training. They give the national cyber defenders a forum to practise together and improve their capacity to defend Singapore’s critical infrastructure systems by cooperating on massive cyber exercises like CIDeX.
Furthermore, CSA’s Deputy Chief Executive Gaurav remarked that cybersecurity is a collaborative effort, and the CSA welcomes the Digital and Intelligence Service to this team. The CSA has a long history of collaboration on national cyber defence with MINDEF/SAF.
Exercises like CIDeX guarantee that everyone is ready for cyber crises and emergencies. The CSA-DIS Joint Operations Agreement confirms SAF’s sustained assistance for Singapore’s cyberspace defence.
OpenGov Asia recently reported that the DIS had been launched by the Service of the Singapore Armed Forces (SAF). As the SAF’s fourth military service or branch, it is responsible for defending the nation from evolving and intricate digital and electronic threats in cyberspace.
The SAF’s existing command, control, communications, computers, and intelligence (C4I) and cyber capabilities are combined and integrated into DIS, according to the Ministry of Defence (MINDEF). DIS consists of a Service Headquarters (HQ), a Digital Ops-Tech Center, four Commands, and a few Joint and Cyber Staff departments.