Share This

Wednesday, October 16, 2024

Putting pressure on banks

 


Kill switch' not a cure-all | The Star

KUALA LUMPUR: The issue of whether banks should bear greater responsibility for clients losing money to online scammers is one for Parliament to decide, says Datuk Seri Azalina Othman Said.

The Minister in the Prime Minister’s Department (Law and Institutional Reform) said this may be necessary in light of the issue often raised by the public amid the nation’s move towards digitalisation.

“It is the MPs that should discuss if a more robust insurance scheme is needed for banks and financial institutions that hold our money.

“This is also because we now have a Digital Ministry as the nation heads towards digitalisation,” she said in reply to a supplementary question by Kota Melaka MP Khoo Poay Tiong in the Dewan Rakyat yesterday.

She added that the consumer himself should be careful and alert of scams.

Khoo asked if the banks should be made to bear responsibility for data breaches which result in their customers losing money to scammers.

He cited a recent complaint where a man claimed he had received a notification from a bank at 4.30am informing him of a change in the model of mobile phone used for his online transactions.

“The notification said that there would be a 12-hour cooling-off period before any transactions can proceed.

“However, in less than 12 hours, he found that his money had been transferred out of his account at about 8.30am,” said Khoo.

To this, Azalina said that she too almost fell victim to an online scam after receiving a notification at 3am.

“I was shocked that RM3,000 was transferred out of my account. Fortunately, I managed to get my money back,” she said.

Azalina advised the public to activate the “kill switch” linked to their bank accounts.

If you get a notification at 4.30am, hit the kill switch on your banking app as soon as possible,” she said.

'Kill switch' can prevent scam victims from suffering hefty ...


The kill switch is an initiative of Bank Negara which was adopted by banks on March 1 last year.

On the law against online crimes, Azalina said it could be tabled and passed during the current meeting.

She called on MPs to debate the issue when that proposed law against online crimes is tabled.

Source link

Related posts:

Red flag in credit card fraud

Tuesday, October 15, 2024

GT Exclusive: Latest report shows US cyber weapon can ‘frame other countries’ for its own espionage operations

China's National Computer Virus Emergency Response Center on Monday released its latest report on Volt Typhoon, once again exposing cyber espionage and disinformation operations conducted by US government agencies, including a US cyber weapon that can mislead investigation and frame other countries for its own cyber espionage activities. 

This is also the first time for the center to release the report in multiple languages, including Chinese, English, French, German and Japanese. 

The Monday report is the third report on Volt Typhoon released by National Computer Virus Emergency Response Center and National Engineering Laboratory for Computer Virus Prevention Technology. It further disclosed the cyber espionage operations targeting China, Germany and other countries which were launched by the US and other Five Eyes countries. 

On May 24, 2023, the cybersecurity authorities from The Five Eyes countries, 
the US, the UK, Australia, Canada and New Zealand, issued a joint cybersecurity advisory, claiming that they had discovered cluster of activity of interest associated with a "China state-sponsored cyber actor," known as Volt Typhoon, and these activities "affected networks across US critical infrastructure sectors."

On April 15 and July 8, the National Computer Virus Emergency Response Center, National Engineering Laboratory for Computer Virus Prevention Technology and 360 Digital Security Group jointly released two investigation reports disclosing the US government's narrative regarding Volt Typhoon is purely a fabrication crafted by the US. The two reports also expose how US government agencies, in order to maintain control over the so-called "warrantless surveillance rights," conduct indiscriminate monitoring of global telecommunications and internet users. This is done to enable related interest groups to gain greater political and economic benefits by fabricating nonexistent Chinese cyberattack threats. The nature of the event resembles a "house of cards" conspiratorial swindling campaign scheme targeting the US Congress and taxpayers.

"After we released the reports in April and July on Volt Typhoon, more than 50 cyber security experts from US, Europe, Asia and other countries and regions have contacted us through various ways. They believed that the US government and Microsoft have attributed Volt Typhoon to Chinese government without any concrete evidence, and they also expressed concern about the US government's fabrication of Volt Typhoon," a research fellow from the National Computer Virus Emergency Response Center told the Global Times on Monday. 

Secret weapons

The US is the world's largest arms dealer and its cyber weapon arsenal is not only large in scale, but also sophisticated in function. Previously, the National Computer Virus Emergency Response Center publicly disclosed multiple types of cyber weapons which were developed by the National Security Agency (NSA) and Central Intelligence Agency (CIA).

The Monday report unveiled information on a customized stealth "toolkit" codenamed "Marble" that the US agencies have developed to cover up their Computer Network Exploitation (CNE) operations, mislead attribution analysis and shift the blame on other countries. 

The toolkit is a framework that can be integrated with other cyber weapon development projects, assisting developers to obfuscate various identifiable strings in program code, effectively "erasing" the "fingerprints" of cyber weapon developers, according to the report.

For a long time, the US has kept pushing a "Defend Forward" strategy in cyberspace, and implement the "Hunt Forward" operations, which means to deploy cyber-war forces in the surrounding areas of adversary countries to conduct close-in reconnaissance and network penetration. In order to satisfy those tactical needs, the toolkit "Marble" was developed, said the anonymous researcher. 

The framework also has a "dirty" feature, which is the ability to insert strings in other languages at will, such as Chinese, Russian, Korean, Persian, and Arabic. This is intended to mislead investigators and defame China, Russia, North Korea, Iran, and Arab countries, said the researcher. 

By tracing and analyzing the source code and comments of "Marble" framework, researchers also found that it has been identified as a secret weapon development program, which is not allowed to share with any foreign country, starting no later than 2015. This secret weapon was tailored by US intelligence agencies for themselves, and was even kept a secret from the so-called ally countries. 

Recent findings in the report have once again highlighted who poses the greatest threat to global cyberspace security. The US government not only disregards the report but also continues to disseminate false information about Volt Typhoon, said Chinese Foreign Ministry spokesperson Mao Ning on Monday. China condemns US' irresponsible actions and urges it to immediately cease its global cyberattacks and stop using cybersecurity issues to slander and malign China, Mao said.

 'False flag' operation 

A "False Flag" is a deceptive act or operation carried out to make it appear as if it was conducted by another party. According to the report, the "Marble" framework fully exposes the indiscriminate and bottomless cyber espionage activities around the world carried out by US intelligence agencies, and their conspiracy to mislead investigators and researchers through "false flag" operations, so that to frame "adversary countries."

The anonymous researcher said that in conjunction with previous investigation findings, the hackers from US cyber forces and intelligence agencies disguise themselves like chameleons in cyberspace, pretend to come from other countries to carry out cyberattacks and espionage activities around the world, and pouring dirty water on non-ally countries of the US.

The report also noted that the "False Flag" operation is actually an important component of the US intelligence agency's "EFFECTS Operation," known as the "Online Covert Action" in the UK. The secret documents from the US and Five Eyes Alliance show that, the "EFFECTS Operation" includes two broad categories, "Information Operations" and "Technical Disruption Operations." 

The Internal documents of the US and Five Eyes Alliance clearly indicate that the implementation of this "EFFECTS Operation" must adhere to four main principles, which are "Deny," "Disrupt," "Degrade," "Deceive." And these four main principles precisely cover all the core elements of the Volt Typhoon operation, said the report.

Subsea cable tapping sites

According the top secret files of NSA, the US has been controlling the world's most important internet "choke points," such as the Atlantic and Pacific subsea cables, constructing at least seven full-traffic tapping sites. All these sites are operated by NSA, FBI and NCSC from UK. Each packet through the sites is being intercepted and deeply inspected indiscriminately, according to the report. 

The US National Security Agency is not content with merely focusing on the specific areas covered by submarine cables, and the data intercepted by these surveillance systems falls far short of meeting its intelligence needs. Therefore, the US has conducted CNE operations on specific targets located in the "blind spots" of its surveillance systems.

Top secret documents from the NSA show that the Office of Tailored Access Operation (TAO) of NSA has launched massive CNE operations around the world and implanted more than 50,000 spyware implants. Victims are mainly concentrated in Asia, Eastern Europe, Africa, the Middle East and South America. The internal documents of the NSA showed that almost all major cities in China are within the scope of NSA's operations, a large number of entities and their network assets have been compromised, said the report. 

Spying on 'allies'

The report also cites instances of the US conducting surveillance on countries such as France, Germany, and Japan. 

The anonymous researcher said US intelligence agencies have established a large-scale global Internet surveillance network, providing a large amount of high-value intelligence to the US government agencies, which offers the US government great advantage in the diplomatic, military, economic, scientific and technological fields. The US government and its intelligence agencies could put anyone on the "list" of monitoring. 

For example, from 2004 to 2012, the US carried out a long-term espionage operation against France, monitoring the movements of the French government on policy, diplomacy, finance, international exchanges, infrastructure construction, business and trade. Some important intelligence was authorized by the US to be shared with the other "Five Eyes" countries. This shows that the countries of the "Five Eyes" alliance are also beneficiaries of US espionage operations.

A 'snooper' in cyberspace

The report said that the US global Internet surveillance programs and stations are like ubiquitous "snoopers" in cyberspace and steal user data from the global internet in real time, and this eavesdropping capability has become an indispensable foundation of the US efforts to build the "Empire of Hacking" and the "Empire of Surveillance."

To maintain such a huge surveillance program, the annual funding budget is quite huge, and with the explosive growth of internet data, the demand for funding is bound to "rise." This is also one of the main reasons why the US government conspired with its intelligence agencies to plan and promote the Volt Typhoon operation, said the report.

Over the years, the US government has kept politicizing the issue of cyberattack attribution in a way that serves its own self-interests. Some companies, such as Microsoft and CrowdStrike, have been influenced by the desire to appeal to US politicians, government agencies and intelligence agencies, as well as to enhance commercial interests. They kept using a variety of names with geo-political features to describe the hacking groups in the absence of sufficient evidence and rigorous technical analyses, such as "Typhoon," "Panda" and "Dragon." 

In its last part, the report said that the international communications in cybersecurity industry is vital as the geopolitical landscape is growing increasingly complex and cybersecurity requires extensive international collaboration. 

"We look forward to seeing that all cybersecurity firms and research institutes will keep focusing on the research of cybersecurity threat prevention technology and how to provide users with higher-quality products and services, which will then keep the internet developing in a healthy way along with the progress of human society," said the report.


https://www.cverc.org.cn/head/zhaiyao/futetaifeng3_CN.pdf
https://www.cverc.org.cn/head/zhaiyao/futetaifeng3_EN.pdf
https://www.cverc.org.cn/head/zhaiyao/futetaifeng3_FR.pdf
https://www.cverc.org.cn/head/zhaiyao/futetaifeng3_JP.pdf
https://www.cverc.org.cn/head/zhaiyao/futetaifeng3_DE.pdfSource link

Related posts:

Monday, October 14, 2024

Urgent need to plug brain drain;China SMEs look to invest in Penang

Business group proposes tax breaks and work visas to retain talent

PETALING JAYA: Immediate action should be taken to stem the growing trend of skilled Malaysians seeking employment overseas, says the Chinese Chamber of Commerce and Industry of Kuala Lumpur and Selangor (KLSCCCI).

Its president Datuk Ng Yih Pyng said the brain drain is a critical issue, particularly as Malaysia continues to attract substantial foreign investments but struggles with a shortage of local talent.

Ng emphasised the need for comprehensive measures in Budget 2025 to retain skilled professionals in the country.

“Last year, Bank Negara said nearly 500,000 Malaysians, mostly skilled professionals, were working overseas.

“To become a global leader in high-tech industries, addressing this brain drain is crucial,” he said at the Associated Chinese Chambers of Commerce and Industry of Malaysia (ACCCIM) 78th annual general meeting here yesterday, which was attended by Prime Minister Datuk Seri Anwar Ibrahim.

Ng proposed introducing tax breaks and work visas as incentives to attract and retain talent within the country.

He suggested the government explore policies to encourage foreign graduates from Malaysian institutions to begin their careers here.

“By granting work visas to foreign graduates in specialised areas, we can enhance our workforce and stimulate economic growth.

“This initiative should focus on roles that are challenging to fill, ensuring our local talent are not sidelined,” he added.

Ng spoke of the potential benefits of such policies for the education sector, saying that offering career opportunities to foreign students post-graduation would make Malaysia a more attractive destination for international education.

“This strategy not only tackles the brain drain but also solidifies Malaysia’s role as a hub for skilled professionals, promoting regional cooperation and advancement during our Asean leadership,” he said.

Beyond addressing the talent shortage, he called for additional funding in Budget 2025 to support the growth of small and medium enterprises (SMEs), which are pivotal to Malaysia’s economy.

He proposed increasing grant support and creating more flexible financing options for businesses in key sectors such as manufacturing and services.

“We recommend additional funding in Budget 2025 to further drive digital integration and boost efficiency.

“Establishing clear guidelines and a proper follow-through process will ensure these grants are accessible and utilised effectively,” he added.

Ng expressed gratitude for the government’s ongoing support for SMEs, particularly through initiatives like the SME Digitalisation Grant, but stressed that more needs to be done to bolster their resilience in the face of rising costs.

“Providing tax cuts and grants to SMEs can help ease financial pressures and promote job creation.

“This will enable SMEs to invest in new technologies, expand operations, and remain competitive locally and globally,” he said.

Take immediate action to address brain drain, urges ... 

Take immediate action to address brain drain, urges Chinese Chamber of Commerce president

Related:

GEORGE TOWN: Some 50 small and medium enterprises (SMEs) from China are seeking opportunities to expand their businesses in Penang following the influx of over RM400mil into the state.

Malaysia Extra Low Voltage Association (Melvian) assistant secretary Cheah Chaw Son said that the Chinese companies want to explore opportunities in home furnishings, bio pharmaceuticals, technologies, advertising services, and eCommerces with local partners.

Melvian is an industry body that comprises companies providing ICT, audio and visual, security, and data network infrastructure solutions.

The SMEs from China are set to take part in a business matching session on Oct 22 at G Hotel to find suitable local business partners, that is being organised by Melvian

“In the first half of 2024, Penang attracted RM411.8mil in investment from China. For the past decade, Penang roped in RM13.2bil investments from China that formed 6.8% of Penang’s total foreign investments, with a 50.5% compounded annual growth rate.

“The influx of these funds into Penang attracted the companies’ attention. The Silicon Island development and the upcoming light rail transit project connecting Komtar and Bayan Lepas on the island also enhanced the state’s competitive edge as a pivotal investment hub,” he added.

Cheah is confident that Malaysia’s projected gross domestic product (GDP) growth for 2024 and 2025 will continue spur investors’ interest in the state due to the country’s robust economic health.

“The Socio-Economic Research Centre has projected that Malaysia would close the year with 5.4% GDP growth, sustaining at healthy clip of 5% in 2025,” Cheah said.

The companies would take part in a business matching session on Oct 22 at G Hotel to find suitable local business partners.

Tan Sri Tengku Razaleigh Hamzah will officiate the event jointly organised by Melvian, Small and Medium Enterprises Association, Meta Ex, and Honor Innovation Sdn Bhd.

“The event is also to commemorate 50 years of Malaysia-China Diplomatic Relations,” he said.

Related posts:


Sunday, October 13, 2024

Appreciating Asean

 

Regional togetherness: Asean’s first summits were irregular and distantly spaced. Now two summits are held regularly every year. — Bernama


Asean is a realities-grounded institution with certain strengths, which are hidden only to those who fail to appreciate them.

AS regional summits go, Asean’s has been growing by leaps and bounds. Not that this positive attribute is universally acknowledged, as is typical with Asean attributes.

Asean’s first summits were irregular and distantly spaced, and at one point even 12 years apart. Now two summits are held regularly every year, either together or spaced apart by months, with related Asean-led meetings in series.

Between summits, several hundred meetings of Asean officials are held each year to implement, oversee, and calibrate policies. The numerous meetings have prompted a misperception that Asean is merely a talkshop. 

Asean’s irregular summits proved that Asean leaders meet only when needed, as circumstances require, and not for the sake of meeting. Asean has never prioritised form over function, or ceremony over substance.

Asean is popular and successful for the common familiarity and shared comfort level leaders feel when they meet. These come only with frequent meetings forming a seamless web of mutual and reciprocal goodwill.

Critics cite the failure of the 2012 Asean Foreign Ministers’ meeting in Cambodia to issue a joint communiqué at its conclusion as a sign of weakness and inefficacy. But it takes decisiveness to opt not to issue a statement rather than produce a bland and meaningless one just for the sake of doing so.

Formal meetings are judged by how or whether they serve their purpose while in session, not by the feel good diplomatic summaries issued afterwards. As a process, Asean proceedings have seldom if ever been “full glasses”, but the uninitiated would see the “glasses” only as half-empty.

Asean’s core purpose has always been the quality of membership relations. How others see it is up to them, but this is no more than a concern for Asean’s public relations department if there is one.

Laos’ Asean chairmanship this year and its hosting of the 44th and 45th Summit over the week have predictably been scrutinised critically. A typical complaint is the seeming absence of any definitive resolution on the Myanmar impasse or the South China Sea disputes.

No annual summit is like a task force producing fail-safe solutions for outstanding issues. A small and underdeveloped Laos is already doing its best tackling the mammoth logistical and financial demands of hosting a series of international conferences at the highest official levels.

Any other country chairing Asean this year would face the same challenges. Asean makes no judgment about the economic status of members while helping less endowed members fulfil their financial obligations.

Asean is better at avoiding upheavals like Myanmar’s or war-torn Cambodia’s before its 1999 membership, than in conclusively resolving conflict that has occurred. It’s still not perfect, of course.

Asean’s record still compares favourably with the European Union’s, which failed to prevent the Kosovo and Ukraine wars. Nato (the North Atlantic Treaty Organisation) as a military alliance may mitigate these conflicts but has instead instigated and amplified the Ukraine war.

The EU and Asean were once described as the world’s most successful regional organisations, in that order, but that was before Brexit, when Britain exited the EU in 2020. No Asean country has sought to leave despite some challenges, while several countries not eligible to join have nonetheless tried.

The next and final member of Asean is Timor-Leste, the former Portuguese territory and Indo-nesian province of East Timor. It is the only sovereign nation in South-East Asia still to join Asean.

Others, from Sri Lanka and Papua New Guinea to Mongolia and Turkey, have reportedly sought Asean membership, but were never seriously considered. Timor-Leste is different not least because it is in South-East Asia, although its Asean journey has been long and challenging.

In 2006 Timor-Leste submitted a “soft application” to join, and the following year Asean signalled a “willingness in principle” to consider it. Most Asean member states endorsed its application, but not all.

Meanwhile Dili worked hard to fulfil membership requirements by acceding to Asean norms and conventions, including the Treaty of Amity and Cooperation in South-East Asia. It even introduced Asean Studies in schools, unlike most Asean countries.

Dili formally applied to join Asean in 2011, and Asean responded in 2022 with an “agreement in principle” to admit it. Membership remains a work in progress, with the Laos Summit during the week a part of that journey.

The state of the South China Sea’s multiple disputes has also been taken as a measure of Asean’s competence. Any catastrophe resulting from the disputes would be of concern to Asean as it would be to anyone else.

However, the disputes are between individual sovereign nations as neighbours and involves less than half the Asean membership. Asean is quietly confident that they can be resolved or are resolvable with time, provided there is no ulterior motive or foreign agenda at play.

Asean understands that the region has managed challenges before and wants that to continue. Anything less will not be Asean, nor will the region be sovereign.

Bunn Nagara is director and senior fellow at the BRI Caucus for Asia-Pacific, and an honorary fellow at the Perak Academy. The views expressed here are solely his own.

Related posts:

Connected by mountains and waters



What failure of 'Asian NATO' idea at ASEAN indicates: Global Times editorial

We hope that this year's leaders' meetings on East Asia cooperation serve as a reminder to all external countries: the region welcomes partners in peaceful development, but not those that create trouble and conflict.

Regional countries firmly reject Japan's daydream of an 'Asian NATO'

Japan's push for an “Asian NATO” threatens to disrupt decades of prosperity and stability in the Asia-Pacific region.

By Global Times | 2024/10/8 0:26:05
Western media have appeared to function under a consistent principle – whenever international affairs are at play, they are framed as a stage for major power rivalry. Unsurprisingly, the just-concluded ASEAN Summit was once again interpreted through the lens of US-China competition. This time, however, what was revealed was not US' diplomatic advantage, but rather its increasingly visible diplomatic predicament.