The Government Technology Agency (GovTech) and Cyber Security Agency (CSA) successfully ended the second Government Bug Bounty Programme (BBP) that they have successfully concluded.
These findings were released at the side-lines of the Singapore International Cyber Week 2019.
This second BBP held from 8 to 28 July 2019. This programme is a part of the Government’s ongoing efforts for building a protected and strong Smart Nation.
It includes the use of traditional procedures of vulnerability assessment and penetration testing, which allows the government to understand its defence systems and compare it against those of the global and local community of researchers and white hats.
The programme spanned across nine Internet-facing government ICT systems and digital services which possess high user touchpoints:
- MyInfo (Govtech)
- OneMap website and mobile (Singapore Land Authority)
- MASNET (Monetary Authority of Singapore)
- MAS corporate website (Monetary Authority of Singapore)
- Parents Gateway (Ministry of Education)
- SGWorkPass mobile (Ministry of Manpower)
- Check Work Pass Status e-Service (Ministry of Manpower)
Highlights of programme
- Four “high severity” vulnerabilities identified out of 31 proven vulnerabilities
- Remaining 27 were “medium” or “low” vulnerabilities
- 290 local and overseas cybersecurity researchers and white hat hackers were involved
- 70 participants from Singapore, with 30 of them having participated in the first Government BBP
- US$25,960: total bounty paid out
- Seven out of top 10 award recipients of the second BBP were Singaporeans
- “spaceraccoon”- the top white hacker is a Singaporean who found nine vulnerabilities and as been awarded US$8,500 in bounty
Based on the success in detecting vulnerabilities, the Singapore Government will be rolling out a third BBP in November 2019. This programme will be focused on expanding to more government ICT systems and digital services.
Vulnerability Disclosure Programme
In line with this, a Vulnerability Disclosure Programme (VDP) was launched by GovTech, on 1 October, on the HackerOne platform. HackerOne is the top e-hacker-powered pen testing and bug bounty platform.
GovTech has invited members of the public to detect and report the discovery of vulnerabilities found in all government internet-facing web-based and mobile applications.
VDP was established by GovTech to promote the prompt reporting of suspected vulnerabilities in IT services, systems, resources and/or processes which could pose threats to Government internet-accessible applications.
First Government BBP
The first Government BBP was carried out from 27 December 2018 to 16 January 2019.
The Bug Bounty programme was launched with the objective of strengthening Singapore’s defence networks and systems, which present an attractive target for malicious cyber activity. Selected white hat hackers from around the world invited to test MINDEF’s Internet-facing systems for vulnerabilities (or “bugs”) in return for rewards.
The programme facilitated by HackerOne, a reputable international bug bounty company.
A total of 264 white hats from around the world participated in this programme, including participants from Canada, Egypt, India, Ireland, Pakistan, Romania, Russia, Singapore, Sweden, and the United States.
There were 100 from the local white hat community and 164 (including 57 of the top 100 ranked white hats in HackerOne’s network) from HackerOne’s network of about 175,000 international white hat hackers.
34 participants submitted 97 vulnerability reports, of which 35 reports were deemed valid. The bounty amounts paid out ranged from US$250 to US$2,000. The total bounty pay-out was US$14,750.
The top overall white hat participant is Shivadagger, a local researcher. He reported nine unique vulnerabilities, receiving a total bounty of US$5,000, which is about one-third of the total bounty pay-out. He received US$2,000 for one of the high-severity bugs, and between US$250 and US$750 for his other validated bugs.
The University of South Australia and the South Australian Institute of Sport (SASI) have joined forces to establish a top-notch sports research and education facility in Mile End, focusing on high-performance sports.
The new cutting-edge complex integrates essential sports and educational resources to aid athletes in reaching peak performance, offer university students hands-on, industry-focused learning, and provide research-based solutions for sports in South Australia. The new SASI will share a location with the National Centre for Sports Aerodynamics, UniSA Sports Science Hub, SA Athletics Stadium, and Netball SA Stadium at Mile End.
The global sports technology market was valued at US$12.17 billion in 2021 and is projected to grow at a CAGR of 19.6% from 2022 to 2030. With the growing demand for data-driven decision-making and operations in sports events, the sports tech industry is expected to experience significant growth due to the increased adoption of data analytics, IoT, and social media integration in various sports.
The demand for technology-based solutions in the sports sector is driven by a focus on enhancing audience engagement and entertainment, and the digitisation of stadiums. The market has seen growth with increased investments by organisations in adopting advanced technologies for monitoring player performance and fan engagement.
The UniSA Sports Science Hub provides UniSA sports science students with real-world learning opportunities, the chance to work with top industry professionals and elite athletes, and a well-rounded education for a successful career.
UniSA Vice Chancellor Professor David Lloyd states the new facility will offer dynamic, connected learning experiences for students. He stated that the new UniSA Sports Science Hub offers exceptional potential for enhancing research, education, and commercial partnerships with SASI and other sports industry partners located at the same site.
Coaches and health professionals will collaborate to conduct innovative research to better equip athletes for competition. The UniSA Sports Science Hub boasts state-of-the-art facilities and expertise to provide top-notch education, training, and research, benefiting South Australia’s sports industry both now and in the future.
The new UniSA Sports Science Hub, the only one of its kind in the Southern Hemisphere, features specialised teaching and research areas such as exercise classrooms, biomechanics labs, exercise testing gear, and an environmental chamber.
The new facility aims to inspire children to participate in sports, allowing them to reap the physical, mental, and social benefits. To motivate the children, South Australia’s athletes representing the state on a global level need access to top-notch facilities, and this project will provide them for the long term. The new SASI-UniSA partnership demonstrates South Australia’s sports industry’s innovative and pioneering spirit.
The Minister for Recreation, Sport and Racing emphasised that the new facilities will motivate future generations to participate more in sports and physical activity. She added that some of South Australia’s greatest athletes developed their talent in Adelaide at SASI. When these and other remarkable athletes excel, future generations are motivated, leading to an increase in sports and physical activity participation.
The Minister also said that as sports institutes worldwide adopt advancing technology for a competitive advantage, the cutting-edge SASI facility will maintain South Australia’s leadership in sports performance and research, aid staff and athletes, and enable more young athletes to pursue their athletic aspirations. Works are set to commence in early 2023, with the project expected to be completed by mid-2024.
The government released Presidential Regulation Number 132 of 2022 About the National Electronic-Based Government System Architecture to close corruption loopholes and improve government services to the people through integrated digital transformation (SPBE).
The National SPBE Architecture is vital for carrying out government business processes correctly and eliminating redundant government business processes to improve public services. The National SPBE design, according to Mahfud, is also projected to decline the repetition of ICT applications and infrastructure and increase information security.
“Integrated digital transformation can ultimately close the gaps in corruption in the service process and the use of state funds. The implementation provides quick, accurate, and transparent monitoring,” said Mahfud MD, Coordinating Minister for Political, Legal, and Security Affairs, at a Ministerial Level Coordination Meeting discussing the Acceleration of Implementation of National SPBE at the Coordinating Ministry for Political, Legal, and Security Affairs.
The coordination meeting also reviewed the integration of the SPBE architecture’s development of the Information Technology-Based Integrated Criminal Justice System (SPPT-TI). The consolidation will involve digitalisation and the standardisation of the quality of national digital services.
SPBE’s position as a catalyst in speeding national development necessitates synergy from numerous initiatives stipulated in the National Medium-Term Development Plan for 2O2O-2O24. It would also assist the unification of government services through an interoperable data and information-sharing system in compliance with the One Data Indonesia strategy.
Furthermore, the Coordinating Minister for Political, Legal and Security Affairs stated that cross-sectoral cooperation in the fields of Politics, Economy, Maritime Affairs, and Investment, as well as Human Development and Culture, was needed to ramp up the coordination of the national programme between government agencies.
“Each Coordinating Ministry is responsible for advancing SPBE implementation in the ministries/agencies under its management,” he explained.
On a separate occasion, the Ministry of Administrative Reform and Bureaucratic Reform (PANRB) convened a working session with members of the National Electronic-Based Government System Coordination Team (SPBE). The session covered a variety of issues, including efforts to accelerate the implementation of a digital government that is clean, effective, visible, and responsible.
E-catalogue is another effort to promote efficiency and minimise corruption which will digitally document government procurement transaction procedures.
Digitisation of government administration is one technique for developing an effective bureaucracy. The state civil apparatus (ASN) must move away from routine and toward a creative culture to improve people’s happiness. To be adopted, however, digitalisation must have genuine repercussions or implications on poverty reduction rates and investment growth.
Meanwhile, the Philippines has made a similar effort to prevent corruption by implementing Integrated Financial Management Information Systems (IFMIS) (IFMIS). The Public Financial Management Committee (PFMC) has authorised an integrated solution for transparent tracking of public money disbursements and appropriations.
BTMS is an important IFMIS component. The system is a web-based, completely automated, and centralised database that will help generate crucial information on all areas of government financial operations and function as an online ledger where transactions are documented in real-time from purchase to payment.
The government believes that the digital transformation initiative and convergence hub can improve government system performance. The system will deliver real-time and consolidated reports, improve company efficiency and system resilience, and prevent corruption.
On the other hand, Thailand’s government intended to produce a law document that will enable anti-corruption organisations, to prohibit illegal online transactions and cybercrime. Furthermore, to improve access to public information, the Ministry of Digital Economy and Society (DES) has accelerated the development of a technological infrastructure system to support people’s use and reduce inequities in obtaining information via computer networks or online.
They also enacted the Personal Data Protection Act B.E. 2019 to safeguard the personal information (PDPA). The Personal Data Protection Regulation and Cross-Border Data Transfer are defined in the statute designed to protect private data rights. As a result, it is critical to retain citizens’ interest and safety in the internet environment.
Prof. Zhang Li from CUHK’s Mechanical and Automation Engineering Department has created multi-functional small machines using three wetting traits of ferrofluids. These machines not only show improved deformation abilities but also offer various motion modes, expanding possibilities for miniature soft machines in biomedical applications.
The results of the research were published in Nature Communications and highlighted on its “Applied physics and mathematics” Editor’s Highlights site.
Amoeba-inspired soft machines that can change shape dramatically, split and join, have the potential for real-world use. These systems show promise for biomedical applications such as targeted drug delivery, minimally invasive surgery, cell transplantation, and medical catheters.
Utilising ferrofluid soft machines
Small magnetic soft machines are commonly made by combining hard magnetic particles with soft matter like hydrogels. However, their limited ability to deform makes it hard for them to move through narrow spaces like small lumens that have openings smaller or equal to the machine’s size. Thus, there is a need to discover new materials for building miniature soft machines with improved capabilities.
Prof. Zhang collaborated with Prof. Carmel Majidi from Carnegie Mellon University to create diverse soft machines using the three wetting properties of ferrofluids and their ability to change shape. These machines can perform multiple functions.
Ferrofluid is a liquid composed of tiny ferromagnetic/ferrimagnetic particles suspended in a fluid. In low-wetting states, a magnetic field can control the ferrofluid’s movement and shape, allowing it to perform various actions like stretching, jumping, rotating, tumbling, kayaking, wobbling, splitting, merging, and adapting to complex terrain. Ferrofluid droplets can also be transformed into liquid capsules to transport cargo through narrow passages like bile ducts.
Advantages of constructing small soft machines using various wetting traits of ferrofluids
Ferrofluid droplets in a high-wetting state can serve as arrays of artificial liquid cilia and move rhythmically like microbial cilia under the influence of an external magnetic field. This makes it possible to control the transport of biological fluids, like pumping blood. In a total wetting state, the droplets can form artificial liquid skins and adhere to inanimate surfaces, giving them the ability to control these objects.
The research team will concentrate on controlling substrate-wetting to switch between adsorption and detachment of ferrofluid “skin.” The use of stimulus-responsive fluids in soft machines enhances functionality and adaptability and opens new opportunities for the creation of miniature smart soft robots.
The research is funded by the Hong Kong Research Grants Council (RGC), the ITF project backed by the HKSAR Innovation and Technology Commission (ITC), the Croucher Foundation Grant, Chow Yuk Ho Technology Centre for Innovative Medicine, and the CUHK T Stone Robotics Institute.
The authors express gratitude to the Multi-Scale Medical Robotics Centre at the Hong Kong Science Park and the SIAT-CUHK Joint Laboratory of Robotics and Intelligent Systems for their support.
The global nanotechnology market was worth US$ 1.76 billion in 2020 and is expected to grow to US$ 33.63 billion by 2030, with a CAGR of 36.4% from 2021 to 2030. Nanoscience and nanotechnology deal with the study of nanoparticles and devices used across various scientific fields such as chemistry, biomedicine, mechanics, and materials science. The nanotechnology market covers the manufacture and use of physical, chemical, and biological systems and devices, ranging in scale from individual atoms or molecules to 100 nanometers.
President Ferdinand R. Marcos Jr. has authorised the expansion of online visa applications for Chinese, South Korean, Japanese, and Indian visitors. The act on e-visa renewal aims to attract those countries’ tourism markets.
According to Communications Secretary Cheloy Garafil, Marcos delivered the command during a meeting with the Private Sector Advisory Council’s (PSAC) Tourism Sector members at Malacaan Palace in Manila.
During the discussion at Malacaan Palace, PSAC asked Marcos to include Indian nationals in the visa-on-arrival programme and the e-visa request. The suggestion was made to help the government achieve its economic goals, particularly in the country’s critical sectors. As a result, only Taiwanese, Chinese, Indian, South Korean, and Japanese citizens are eligible for VoA and e-visa.
DICT Secretary Ivan John Uy indicated that several connectivity issues with the other jurisdictions that will use the Philippine e-visa platform must be worked out.
“It will take at least a semester to establish the capability because there is so much anti-fraud element that has to be merged with the platform and the many countries that will be connected with the infrastructure and the transactions,” Garafil added, referring to Uy’s comments.
Enrique Manalo, Secretary of Foreign Affairs (DFA), who was present at the conference, revealed that his office is already engaging with the Department of Information and Communications Technology (DICT) to provide the necessary preparations for the e-visa.
Meanwhile, Manalo added that the DFA has a programme for some Chinese nationals who qualify for visa-on-arrival. Other foreign nationals, such as Americans, Japanese, Australians, Canadians, and Europeans, may be granted a 14-day visa upon arrival, according to Garafil.
According to figures from the Presidential Communications Office, the Philippines hosted around 2.65 million visitors from February to December 2022, including 2.02 million foreign tourists and 628,445 Filipinos living abroad (PCO).
According to Garafil, the latest figure is higher than the 163,879 visitor arrivals projected for 2021 but fewer than the 8.26 million pre-pandemic average. The Department of Tourism (DOT) anticipates 4.8 million visitor arrivals in 2023, generating PHP2.58 trillion in income.
Marcos urged that the DICT embrace India’s offer to use its visa application system. The PSAC also issued “short-term” strategic recommendations, such as improving airport infrastructure and operations, promoting tourism investments, and administering the national brand or image.
She also noted that the PSAC had proposed a Value-Added Tax (VAT) Refund Programme for international tourists by 2024, as well as the elimination of the One Health Pass (OHP) or the obligation of only one form for health, immigration, and customs. The group also advocated for the “automatic” inclusion of travel tax in all airline tickets and the removal of outmoded airport advisories and loudspeaker announcements.
The Bureau of Immigration (BI) began an online visa waiver project in December to improve legal services for tourists. The programme is aimed at short-term visitors to the country. They can extend their stay for another 30 days by submitting an online application.
In January, the Philippines Bureau of Immigration (BI) plans to modernise and automate immigration-related transactions at their international airports. To improve passenger service, the bureau seeks to modernise and automate all immigration-related processes, including tourist visa extensions, online visa waiver applications, and e-payments.
Previously, the agency implemented electronic transactions and payments for immigration applications, the eTravel system and a collaborative effort of multiple border management organisations. The BI director emphasised the importance of his administration’s priorities.
The urgencies include anti-corruption, digital transformation, national security, rightsizing, and employee empowerment. He also sees a need to expand immigration’s role in national security, follow the president’s lead in increasing the bureau’s personnel complement, and promote employee welfare.
U.S. Air Force has incorporated the KingFish Agile Combat Employment game as the capstone exercise for Air Mobility Command’s Rapid Global Mobility Course 3 (RGMC 3). The 423rd Training Squadron of the United States Air Force Expeditionary Operations School at Joint Base McGuire-Dix-Lakehurst incorporated KingFish ACE within the RGMC 3.
The game allows students to understand ACE and Multi-Capable Airmen’s ideas better and more tangibly so that they can picture, learn from, and comprehend. The first training to use the KingFish ACE game instructed 32 students from 19 different Air Force speciality codes across nine geographic areas, including two wing command chiefs.
“Having Airmen from various Air Force speciality codes work together in teams pushes them to think broadly and outside the confines of their normal military career,” said Tech. Sgt. Emesh Fernando, 423rd TRS instructor. “An emphasis is placed on ACE ideas while reinforcing the four tenets of RGM: airlift, aerial refuelling, air mobility support, and aeromedical evacuation.”
Students receive courses on quick global mobility from AMC’s subject matter specialists over five days. They interact with instructors to understand how the fundamental competencies of rapid global mobility connect to allow AMC and the Joint Force to manoeuvre. The skills learned are then applied to scenario-based educational challenges.
Throughout the coursework, the Airmen learn mission design and delivery elements. They prepared mission briefs, load planning concepts, addressing specific capabilities, host-nation limiting factors, working together as a team, and organising team dependencies while maintaining flexibility to act on often incomplete information.
“Our instructors and curriculum are focused solely on developing and utilising strong, war-ready Airmen and airbase weapons systems that will conquer in any fight,” expressed Lt. Col. Robert Switzer, commander of the 423rd TRS.
As a prerequisite for acceptance into RGMC 3, each student must finish the RGMC 1 and RGMC 2 courseware. All Air Force members can enrol in RGMC 1 and RGMC 2. Trainees can access these courses’ details in the myLEARNING AMC. Personnel who wish to attend RGMC 3 are nominated for enrolment by their wings.
Col. Troy Pierce created the game to highlight a model scenario within the U.S. Indo-Pacific Command area of operations and employs the ACE paradigm, which prioritises deployment to remote regions with nimble teams that leave small footprints. To be effective, each group must comprehend the linkages between task, threat, capabilities, and timing of a pacing challenge enemy.
“The true advantage of this capstone is its capacity to have Airmen think from an MCA perspective on future missions concerning the pace issue highlighted in the newest National Defence Strategy,” Fernando added. “We are not just playing a game or connecting themes mentioned. We are focusing on generating discussions and motivating a change in how we have thought about operations overseas. We must better train Airmen for the next battle and prepare our students to think about future operations, particularly in the INDOPACOM theatre.”
The United States Army has embraced gaming by deploying a small tactical e-sport unit. Apex, Rocket League, Overwatch, Call of Duty, and Halo are the five titles that the U.S. Army Esports Team concentrates on. Typically, the Army’s esports team has over a hundred members. This group is known as the at-large team. Most of the pro gamers train and compete on their own time at their home station. They also compete regularly to determine who will be placed on contending teams. Apex and Rocket League are the only two titles with local players.
The esports squad might engage with a wide variety of people, some of whom may have yet to consider joining the Army since they aim to become esports athletes. It demonstrates that the Army will assist in achieving people’s ambitions.
CSIRO, Australia’s national science agency, is helping small to medium-sized businesses in the mining and mining equipment, technology and services sectors by offering a free online course that provides expertise and support for research and development.
Innovate to Grow is a 10-week online programme offered by CSIRO that is designed to help eligible small to medium-sized businesses in the mining and mining equipment, technology and services sectors that are in the early stages of engaging in R&D or pursuing a new idea. It will be guided by experienced researchers and innovation experts who will help participants to examine their technical or business challenges, explore R&D opportunities, and develop actionable business and funding plans.
Upon completion of the Innovate to Grow programme, participants may be able to access facilitation support through CSIRO to connect with research expertise nationally and may also be eligible for dollar-matched R&D funding.
The SME Collaboration Manager for CSIRO stated that the programme is designed to assist small-medium businesses in understanding the process of engaging in R&D by providing them with information on how to access funding, mentoring and a highly connected network through research organizations and industry peers.
The Innovate to Grow programme targets Australian companies with less than 200 employees, and currently is offered at no cost to participants. In this way, it is hoped that some of the barriers that smaller enterprises face when they have an idea they would like to pursue can be removed.
Upon completion of the Innovate to Grow programme, participants will have received assistance in defining their goals, developing a business case for R&D with the help of a university or CSIRO, and preparing a funding proposal.
Participants will also benefit from the expansion of their professional networks through connection with their peers in the cohort, sector-specific mentors, and CSIRO which has the world’s largest mineral resources R&D capability.
One company that manages the Australian Premium Iron Joint Venture participated in the Innovate to Grow program in 2021. The Principal Scientist at the firm stated that the company participated in the Innovate to Grow program as a way to refresh their knowledge about engaging with research organisations, identifying available funding options and preparing for partnerships with organisations like CSIRO or universities.
The mining industry faces many challenges, and it requires multiple elements to come together to achieve success. CSIRO plays a vital role in supporting research and development goals for the industry, he said.
The global smart mining market is projected to grow from roughly US$9.3 billion in 2019 to about US$23.5 billion by 2027, at a CAGR of 16.3% during the forecast period 2020-2027.
Smart mining is a process that uses advanced technology, information and autonomy to improve safety, reduce operational costs, and increase productivity for mine sites. Companies in the mining industry are focusing on increasing productivity by implementing advanced software and solutions. It also includes the use of remote-controlled robotic equipment for mineral and metal extraction known as telerobotic mining, which reduces the risks for miners.
The COVID-19 pandemic has had a negative impact on the global smart mining market, primarily due to the disruption of international trade, prolonged lockdowns and restrictions in construction, mining, and maintenance activities worldwide.
The Ministry of Youth Affairs and Sports has launched a mobile application for the Khelo India Youth Games 2022. The app gives participating athletes, coaches, support staff, parents of athletes, and officials from all states participating in the Games access to information about the competition, through a single platform. This is the first time that a dedicated application has been launched for the Khelo India Youth Games.
The App has a dedicated athlete login and supports the athlete right from the time of their registration into the games, through the entire course of the Games. The app gives the athlete a chance to check if their verified documents have been uploaded before the start of the Games. According to a government press release, this will ensure greater transparency for athletes in the registration process. The application is available both for Android and Apple phones and can be downloaded free of cost.
As the athlete registers for the games and arrives at the Games venues in Madhya Pradesh, they can check the status of the issuance of their sporting kits, the hotel where they will stay, transportation plan for athletes to and from the venue, as well as have important contact numbers where athletes can connect in case of an emergency. Further, to ensure that athletes have immediate responses to queries raised by them during the Games, a chatbot has also been created. For sports fans, the application gives access to match schedules, medal tally, addresses of Games venues, and the photo gallery.
The Khelo India Youth Games are held every year. They are national-level multidisciplinary grassroots games held in January or February for two categories: under-17 years school students and under-21 college students. This year, the Games will be held in Bhopal from 30 January to 11 February. The competition has been divided into twelve different verticals, including developing state-level Khelo India centres, talent identification and development, sports for women, and the promotion of sports amongst people with disabilities.
The government has launched several applications and online services to promote athletics. For instance, the National Anti-Doping Agency (NADA) launched the National Anti-Doping Agency app. It provides athletes with a one-stop solution for all anti-doping-related information. The app helps athletes understand anti-doping rules and regulations and provides a platform for athletes to report any potential anti-doping violations.
The Ministry of Youth Affairs and Sports launched the Fit India App to encourage people to adopt healthy and active lifestyles. The app provides offers a range of features such as fitness challenges, workout routines, health tips, and a record of daily physical activity. The app also provides users with a dashboard that helps them track their progress and set goals for themselves. Its age-appropriate fitness protocols, approved by the World Health Organisation (WHO), test the fitness level of the user. Based on the results of the fitness tests, the app gives users a fitness score that tells them how fit they are and then further suggests activities to improve their health and fitness level.