The Cybersecurity and Infrastructure Security Agency (CISA) has published a fact sheet to help public- and private-sector organisations prevent and respond to ransomware attackers threatening to release sensitive information if a victim does not pay the ransom demanded.
Ransomware is malware designed to encrypt files on a device, rendering files and the systems that rely on them unusable. Traditionally, malicious actors demand ransom in exchange for decryption. Over time, malicious actors have adjusted their ransomware tactics to be more destructive and impactful. Malicious actors increasingly exfiltrate data and then threaten to sell or leak it—including sensitive or personal information—if the ransom is not paid. These data breaches can cause financial loss to the victim organisation and erode customer trust.
All organisations are at risk of falling victim to a ransomware incident and are responsible for protecting sensitive and personal data stored on their systems. This fact sheet provides information for all government and private sector organisations, including critical infrastructure organisations, on preventing and responding to ransomware-caused data breaches.
Primarily, organisations must guard against falling victim to ransomware attacks. They should maintain offline, encrypted backups of data and develop and exercise plans for responding to a ransomware attack, including how they will conduct business if critical systems have been disabled.
Internet-facing vulnerabilities must be addressed, software updated, devices properly configured and remote-desktop services should be regularly audited. Spam filters and cybersecurity-awareness training will help reduce the risk of successful phishing attacks, and carefully managing privileged accounts and employing multifactor authentication will increase cyber hygiene.
Organisations that house sensitive or personal information should have an inventory of that data and ensure access to it is limited, encrypt the data, implement physical security and consider segmenting networks to increase the data’s security.
Additionally, they should have an incident response and communications plans that include procedures for data breach response and notification. If a ransomware-caused data breach occurs, organisations should turn to their response plans by first securing their networks and stopping additional data loss.
If mitigation seems impossible, victims should take a system image and memory capture of a sample of affected devices. Logs and samples of any “precursor” malware binaries and associated observables or indicators of compromise should also be collected. Forensic evidence should not be destroyed, so victims should be sure to preserve evidence that is highly volatile in nature — or limited in retention — to prevent loss or tampering. Affected organisations must notify businesses and individuals that their data has been exposed and maybe misused.
As ransomware attacks have become rampant in the U.S., The National Institute of Standards and Technology (NIST) has also published an infographic offering a series of simple tips and tactics. As reported by OpenGov Asia, this infographic can help organisations protect against ransomware attacks and recover from them if they happen.
NIST’s advice includes:
- Use antivirus software at all times — and make sure it’s set up to automatically scan your emails and removable media (e.g., flash drives) for ransomware and other malware.
- Keep all computers fully patched with security updates.
- Use security products or services that block access to known ransomware sites on the internet.
- Configure operating systems or use third-party software to allow only authorised applications to run on computers, thus preventing ransomware from working.
- Restrict or prohibit the use of personally owned devices on your organisation’s networks and for telework or remote access unless you’re taking extra steps to assure security.
Researchers at Murdoch University’s Harry Butler Institute have partnered with a global technology leader to deliver novel ways to monitor the environment in remote locations. The monitoring technique provides a wireless solution to observe environmental conditions in areas that lack reliable networks and could pave the way for remote detection of bushfires and other potentially damaging scenarios.
The Harry Butler Institute Business Manager stated that said many remote locations in Western Australia and beyond lacked 3G and 4G internet coverage, posing a challenge for suitable communication solutions. The team has been investigating a cost-effective wireless IoT [Internet of Things] solution known as LoRaWAN, that offers low power, long range, wide area network data sensor technology. The network also succeeds alternatives such as WiFi and Bluetooth, as it doesn’t require cellular network coverage, making it ideal to reach remote areas including national parks.
A pilot program had already successfully moved data between Murdoch University’s South Street campus and the city. Two of the team’s researchers were able to move environmental data such as temperature, soil moisture and air quality data, but also demonstrated further innovation by moving images over LoRaWAN – something this network wasn’t even built for.
This innovative and efficient technology solution could provide researchers and emergency personnel the ability to monitor remote locations from anywhere, at any time. Senior Lecturer David Murray said the pilot has given researchers the confidence to pursue further technological developments to assist in the early detection of smoke and fire.
The team is now determining how cost-effective cameras can be developed to monitor bushfires using artificial intelligence models to identify the risk of smoke and fire, and by sending alerts via a LoRaWAN network, he said.
It was noted that this approach, in addition to weather sensors and low-resolution images that can be sent over the network for manual validation, could alert emergency workers to fire threats much earlier.
The network could also be deployed in other diverse scenarios including animal monitoring, with testing previously conducted at Murdoch to monitor the presence of quenda populations at its South Street campus.
The Pro Vice Chancellor of the Harry Butler Institute stated that the low-cost technology option was an exciting prospect for the future of environmental surveillance. This real-time technology could pave the way for monitoring networks not only in Western Australia but globally, he said.
LoRaWAN provides the option of overcoming limitations, saving time, money and resources and its potential environmental applications, including supporting emergency bushfire personnel and researchers monitoring vulnerable species such as quenda, will be significant.
The project further enhances the partnership between Murdoch University and the global tech leader and strengthens both organisations’ commitment to developing technology that can aid the environment and safeguard the sustainability of the planet.
Australia’s bushfire season currently lasts for 130 days a year, lengthened by almost a month in the past four decades, according to new research. Recent wildfire outbreaks across the globe have sparked concern that climate change is increasing fire incidence, threatening human livelihood and biodiversity, and perpetuating climate change.
Various climate models highlight that the prevalence and extremity of fire weather have already emerged beyond its pre-industrial variability in the Mediterranean as a result of climate change, and emergence will become increasingly widespread at additional levels of warming. Moreover, several of the major wildfires experienced in recent years, including the Australian bushfires of 2019/2020, have occurred amidst fire weather conditions that were considerably more likely due to climate change. The report notes that advances in the observation of fire and understanding of its controlling factors support the addition or optimisation of a variety of processes in models.
The first-ever Innopreneur Experience Journey co-organised by the Federation of Hong Kong Industries (FHKI) and Hong Kong Science & Technology Parks Corporation (HKSTP), aims to gather over 30 students from local secondary schools under a new programme that aims to enable their technology, creativity and new industry.
Over the four days, students will visit various companies and obtain real job experience to develop their understanding of the latest development and opportunities of new emerging industries, cultivate their passion for innovation and technology (I&T) and broaden their horizons and prepare them for further studies and future careers.
The programme has attracted 30 participating companies, which are FHKI member companies and a variety of HKSTP partner companies at Science Park and INNOPARK. The participating companies will offer executive shadowing, site visit and on-the-job experience to the students, demonstrating a concerted effort of industries in fostering future pillars.
The Kick-off Ceremony was held successfully at FHKI headquarters. The Under Secretary for Home and Youth Affairs, and corporate representatives attended the ceremony to witness the students commencing their extraordinary journey.
The FHKI and HKSTP Chairman stated that talent is an indispensable part of building up Hong Kong as an international I&T hub. HKSTP and FHKI are committed to cultivating local talent via various educational events which allow students to be exposed to I&T and related industries at an early stage and be inspired by I&T fellows and industrialists.
The Deputy Chairman one of the sponsoring companies and Chairman of the Hong Kong Innovation Foundation stated that innovation is the key to the long-term success and sustainable development of Hong Kong as our city grows into an international innovation and technology hub.
Talent development is, therefore, particularly crucial. The Hong Kong Innovation Foundation aims to provide a holistic innovation ecosystem, catering to the diverse needs of various sectors of the community. The Deputy Chairman thanked partners at the Federation of Hong Kong Industries and the Hong Kong Science Park for developing this important platform.
The Closing Graduation Ceremony, including sharing sessions of participating students and company representatives, will be held on the last day of the journey. To nurture a new generation of young talent for the I&T and industrial sectors, we hope to organise more Innopreneur Experience Journeys in future to create opportunities for students to get exposure to new emerging industries. HKSTP and FHKI will continue to join hands in bringing together people from different backgrounds and experiences, creating a diversified and vibrant I&T and industrial ecosystem in Hong Kong.
InvestHK notes that talent is a crucial factor in growing the economy, and nurturing a powerful, talented I&T generation is viewed as the priority. As such, Hong Kong is investing resources into STEM teaching and innovation in every phase of education from primary to secondary and tertiary.
The HKSAR Government and other relevant institutions have launched various funding schemes/programmes to support the I&T sector. The Innovation and Technology Fund (ITF), administrated by the Hong Kong Innovation and Technology Commission (ITC), includes different schemes to support I&T research activities; facilitate technology adoption; nurture technology talent; support technology start-ups and foster an I&T culture.
Both the Hong Kong Science and Technology Parks and Cyberport have set up individual incubation/acceleration programmes and funding schemes for assisting I&T start-ups and nurturing talent.
Other industry-specific schemes that target the I&T development of segments such as environment protection, construction, logistics, Chinese medicine and transport are being rolled out. Moreover, there are schemes tailor-designed for small-to-medium enterprises (SMEs) regarding market development and loan guarantee as far as their I&T activities are concerned.
Singaporeans, particularly those who enjoy benefiting from and contributing to the wisdom of the crowd or sharing their thoughts on government policies, will undoubtedly enjoy CrowdTaskSG, a newly created crowdsourcing web service that taps Singaporeans’ collective knowledge.
Citizens will discover many possibilities to contribute their ideas and feedback to government entities on CrowdTaskSG. Citizens can take part in various tasks, such as surveys on government policies and national identity. Citizens may also be assigned duties to test prototype items, such as new government websites, and provide comments on areas for improvement.
The portal is a one-stop shop, collecting duties from across the government and making them easily accessible to those who are interested. With their Singpass account, all Singapore citizens and Permanent Residents aged 18 and over can use the portal.
Aside from hearing people’s ideas, the procedure is intended to be enjoyable. The app’s goal is to be as enjoyable as popular online games. Users can earn virtual coins by completing activities on CrowdTaskSG and trade them for real-world rewards such as coupons.
Recognising that Singaporeans are the ultimate users of government services, agencies have begun including the public early in the workflow of product or policy production to ensure that their opinion is considered from the outset. GovTech believes that citizens are co-creators in building a strong society.
The current crowdsourcing scene may be seen as fragmented, making it difficult for Singaporeans to have an overview of all the options available, while agencies struggle to discover the correct target participants. CrowdTaskSG addresses these difficulties by consolidating all government crowdsourcing jobs on a single website.
To reach their desired demographic, agencies can also use the tailored assignment tool. For example, if they want to test how user-friendly a product is for elderly users, they may quickly screen for older volunteers.
The CrowdTaskSG team is also trying to expand the number of tasks available, such as polls and A/B testing, and is reaching out to other agencies to learn how the platform can better support their crowdsourcing initiatives.
In addition, GovTech is all about using technology to make everyone’s lives better. CrowdTaskSG is based on the idea that Singaporeans are not only people who benefit from things but also people who can make important contributions.
The agency is asking everyone in the country to help solve problems by using their knowledge and skills. They are hoping that the input and ideas of the public will be the best part of the government’s next digital product.
Meanwhile, OpenGov Asia reported earlier that more users are finding it easy to do business in their native language now that Singpass supports Singapore’s four official languages, which are English, Tamil, Malay, and Chinese. By choosing their preferred language in the app’s settings, more users can enjoy the convenience of doing transactions in their native language. It was also the job of the legal divisions and other government departments to make sure that the texts follow the rules that are already in place.
Even though the multilingual feature has been successfully released, more work needs to be done. When a spreadsheet is used to help with translations, translators can’t see how the app looks and what is being translated side by side. This can slow down translations.
Singpass is one of the eight national strategic projects overseen by GovTech that help Singapore achieve its goal of becoming a “Smart Nation.” Over 2,000 government and business sector services are accessible conveniently and securely online and in person thanks to a Singaporean resident’s digital identification.
The Ministry of Finance has announced it would develop a foundation for a modern and transparent digital financial ecosystem based on big data and open data by 2025. The initiative will be carried out under the Ministry’s digital transformation plan aimed for 2025, with orientations to 2030. It was newly signed by Finance Minister Ho Duc Phoc.
By 2030, the Ministry strives to establish a developed digital financial ecosystem with enhanced cybersecurity and efficiency. The overall objective of the plan is to accelerate digital transformation in tandem with building a sustainable, advanced, and globally-integrated national financial system. The move is expected to boost growth, enhance the resilience of the economy, and maintain macro-economic stability and financial security.
The Ministry will apply fourth industrial revolution technologies and leverage the progress that’s been made with the development of the e-government to transform the finance sector. It will offer more digital financial services to bolster the digital economy and digital society. The finance sector will play a vital role in creating, connecting, and sharing data, digitising platforms, and optimising the digital information of the government, people, and organisations.
The Ministry will cut down the number of public administrative procedures, and reform, simplify, and standardise public financial services to reduce costs and improve service quality and productivity by 2025. Accordingly, the delivery of most public administrative services will be shifted online, providing citizens with a paperless and convenient experience. The Ministry also intends to step up the implementation of the National Single Window system and the ASEAN Single Window system to facilitate trade.
Further, the Ministry has plans to set up a modern, public, and transparent digital financial platform by 2025, based on big data and open financial data. By 2030, the Ministry claimed a digital financial ecosystem will be formed in all fields, ensuring administrative effectiveness and the safety of information. Civil servants and public employees will be trained in digital skills to facilitate the process.
The rate of financial technology adoption in the country is gradually and significantly increasing. The number of subscribers of the government’s Mobile Money initiative has quadrupled since the service was launched in January this year. 67% of these subscribers reside in rural, mountainous, border, island, and remote areas.
As OpenGov Asia reported, subscribers with at least one Mobile Money transaction by the end of June exceeded 1.72 million, accounting for 97.3% of the total. Additionally, the number of households with fibre optic connections in the first half of this year increased by 9% compared to the same period of 2021 and by 17% against that of 2020. According to the Ministry of Information and Communications (MIC), the goal of having 75% of households using fibre optic services this year is achievable. Vietnam also aims to have more than 50% of the population own digital payment accounts.
In deploying Mobile Money, the government has taken advantage of existing infrastructure and data and telecommunications networks. This has reduced social costs and expanded cashless payment channels on mobile devices. Industry experts have stated that the COVID-19 pandemic highlighted the need to universalise digital payments. Regardless of an Internet connection or bank account, and with just phone numbers, users can easily make cashless transactions through their Mobile Money account. The pandemic also greatly boosted the e-commerce market, with non-cash payments accounting for 70% of total retail transactions in Vietnam last year.
While nursing education mainly consists of classroom teaching and clinical practice, face-to-face teaching and clinical placements at medical institutions have been affected as a result of the COVID-19 pandemic. Thus, to develop the training and learning experience of nursing students, a research team led by Dr Justina LIU, Associate Professor of School of Nursing, and Dr Kitty CHAN, Senior Teaching Fellow of the same school, has developed a virtual learning system “Virtual Hospital” that uses virtual reality (VR) technology to offer an innovative experiential approach to nursing education.
Virtual Hospital is the first-of-its-kind virtual learning system in Hong Kong that simulates the complex and chaotic environment of a real-life hospital ward. With a total of 11 games, the system provides five scenarios, namely “Clinical Practicum Orientation”, “Challenges of Delirium”, “Managing Multitasks”, “Prevention of Errors” and “Potential Heart Attack”.
Over 1,200 combinations of randomised situations and multiple choices make it difficult for students to predict the tasks they will be handling, while they are required to provide instant responses to multitasks and make appropriate nursing decisions through assessing a patient’s condition and interpreting their medical information.
It was noted that the majority of existing VR learning systems are skill- and procedure-focused and adopt a single patient management setting. The PolyU-developed Virtual Hospital requires students to handle multiple beds and take care of multiple patients at the same time. Unexpected incidents and clinical pitfalls are generated to test the student’s ability to apply their knowledge and prioritise nursing tasks amid various disruptions within a limited time.
Through VR experiential learning, students can improve the soft skills that are essential for their clinical practice, including situation awareness, flexibility to handle emergencies, as well as decision-making and communication skills.
Virtual Hospital allows users’ responses and decisions to be displayed on a TV monitor for group participation, while their communication with the virtual patients can be recorded for review. By answering multiple-choice questions, the student can reflect on the judgements and decisions made. In addition, the game data and the automated assessment function of the system also provide convenience for teachers in tracking students’ progress and evaluating learning outcomes.
Since its launch in January 2022, Virtual Hospital has benefited over 450 nursing students. With Virtual Hospital, students are provided with a cooperative case-based learning opportunity. Supplemented with current practice on patient simulators, it is hoped that Virtual Hospital can further help students master the skills necessary for clinical nursing and most importantly for reducing errors in actual clinical situations.
The team is pleased that the virtual learning system has received positive feedback from students, and looks forward to incorporating interprofessional and interdisciplinary elements in the future, as well as introducing the system to other nursing institutions in Hong Kong and the Greater Bay Area.
A Year-3 student from PolyU School of Nursing noted that she was impressed by the fidelity of the Virtual Hospital in terms of the environmental details. The VR learning experience strengthened her confidence in clinical practice as the system allowed every student to deal with nursing problems on their own, which helps them better prepare for the stressful work situation faced by nurses in the real clinical environment, she said.
The Cybersecurity and Infrastructure Security Agency or CISA has announced the “Protecting U.S. Elections: A CISA Cybersecurity Toolkit,” which provides state and local election officials with free services and tools to improve the cybersecurity and resilience of their infrastructure.
“I am very proud to announce another valuable resource that can help officials further reduce their cyber risk and improve their security posture,” says Jen Easterly, Director, CISA.
She added that the state and local election authorities must deal with challenges to their infrastructure daily from things like insider threats, malicious actors, and foreign involvement. This is just another tool to aid them in their continuous efforts to maintain the security and resilience of the American election processes.
CISA regularly collaborates with state and local election officials to safeguard their systems as the principal federal agency in charge of election security. In addition, CISA provides several services, information products, and other resources.
As the principal federal agency in charge of overseeing national election security, CISA has assembled a toolkit of free services and tools through the Joint Cyber Defense Collaborative (JCDC) to assist state and local officials, election officials, and vendors in enhancing the cybersecurity and cyber resilience of the U.S. election infrastructure.
The free tools, services, and resources offered by CISA, JCDC members, and other members of the cybersecurity community are included in this toolbox. These free resources were assembled by the JCDC of CISA, which collaborated with organisations from the public and private sectors, including the election community, and JCDC alliance members. The toolkit’s broad categories are arranged to assist election officials: Utilise an Election Security Risk Profile Tool created by CISA and the U.S. Election Assistance Commission to evaluate their risk; locate tools for securing voter data, websites, email systems and networks. Also, safeguard assets from assaults such as phishing, ransomware, and distributed denial-of-service (DDoS).
The most recent tool that CISA and its partners have created to aid the election community is the toolkit. To counteract the disinformation, CISA’s website provides a wealth of information and advice on topics ranging from cybersecurity to physical security for polling places and election officials.
The organisation collaborates with election authorities in all 50 states, the District of Columbia, and the territories to provide cybersecurity services, technical help, and guidance as well as to frequently share relevant and useful information and intelligence.
The following steps should be taken to create the cybersecurity baseline before employing the toolkit to handle risks, according to CISA: Use the free CISA Cyber Hygiene Services Vulnerability Scanning; prioritise patching known exploited vulnerabilities; maintain updated systems and software, adhere to best practices for password management, such as using multifactor authentication and a password manager; and create offline backups of your data.
Meanwhile, the White House Office of Science and Technology Policy (OSTP) is seeking public input on how to safely progress and adopt the Privacy-Enhancing Technologies (PETs). This can enable the future by embracing data-driven technologies like AI while safeguarding privacy.
PETs are tools that let researchers, clinicians, and anyone with permission glean insights from sensitive data without ever having access to the data itself. The fundamental value of PETs lies in their ability to keep data “hidden” from researchers while allowing analysis of that data.
It may enable new types of collaboration and norms for the appropriate use of personal information. Agencies may facilitate greater collaboration across entities, sectors, and borders to address shared concerns, so contributing to the development of solutions in areas such as health care, climate change, financial crime, human trafficking, and pandemic response.
The Philippine Space Agency (PhilSA), the Department of Science and Technology Advanced Science and Technology Institute (DOST-ASTI), and the Bangko Sentral ng Pilipinas (BSP) have begun testing satellite internet service in two rural banks in Batangas province.
“PhilSA and DOST-ASTI will process data to look at the network performance against the actual connectivity needs of the banks. Information from these reports will be utilised by BSP as we move this partnership forward,” says Ma. Victoria Gazmin-Basto, Officer-in-Charge, PhilSA Space Business Development Division.
The stated banks were previously recognised by the Department of Information and Communications Technology (DICT) as being in Geographically Isolated and Disadvantaged Areas (GIDAs), where the installation of new terrestrial networks to improve connectivity may be impractical.
The provision of technical assistance to BSP is consistent with PhilSA’s mandate of assisting other government agencies or departments, as well as the private sector, in carrying out their responsibilities using space science and technology applications and satellite data.
To collect data, a Weather and Performance Monitoring System (WPMS) equipment built by DOST-ASTI was placed up near the two banks. The WPMS includes a network performance monitoring device that is linked to the satellite internet user equipment installed at the banks.
Among other things, the device measures network metrics such as upload and download speeds, throughput, latency, and jitter. Furthermore, the WPMS includes weather stations that monitor meteorological parameters such as rain, temperature, humidity, and pressure at the same time. The obtained data will subsequently be analysed to investigate and evaluate the satellite internet service’s performance and reliability under local weather conditions.
According to Bryan Paler, Senior Science Research Specialist at DOST-ASTI, his agency encourages collaboration with PhilSA and BSP to demonstrate ASTI’s locally developed technologies in applications that benefit the Filipino people.
Aside from the WPMS, they are investigating how they may put other homegrown technologies to use, such as bridging the digital divide and promoting financial inclusion. DOST-ASTI intends to capitalise on the partnership’s benefits in the future by educating people about financial literacy.
The organisations intend to use the digital TV technology and internet infrastructure that they are constructing to teach people in the unserved and underserved areas about financial literacy in addition to doing research on the usefulness and efficiency of satellite internet services for banks. The Philippine government aims to provide rural areas with cutting-edge technology while also teaching residents how to use it for their own benefit. Out of the country’s 1,634 municipalities, 33% or 533, are still unbanked and do not have access to financial inclusion services.
The Philippines believes in satellite technology’s ability to improve connectivity in rural areas, hence increasing banks’ capacity to deliver digital financial services and encourage greater financial inclusion in unserved and underserved areas. Digital financial services such as remittances, bill payments, and opening transaction accounts, among others, would become more inclusive and accessible with improved connections in rural areas.
A Memorandum of Understanding (MoU) has been signed between PhilSA, DOST-ASTI, and BSP to encourage access to high-quality financial services enabled by internet connectivity. As transactions and services move to online platforms, this endeavour will increase digital inclusion.
Internet connectivity is recognised as a crucial enabler of financial and economic inclusion, as financial activities and services migrate to online platforms. As internet connection is increased, banks and other financial service providers will be able to better serve rural areas with additional internet-connected access points, such as automated teller machines and cash agent services.