Information Technology

Cisco and National University of Singapore (NUS) have teamed up to launch a “corporate laboratory” to drive research development in five key areas, including artificial intelligence (AI), cybersecurity, and healthcare. The partners have pledged an investment of SG$54 million ($40 million) over five years. Called the Cisco-NUS Accelerated Digital Economy Corporate Laboratory, the research facility is located at the university’s Kent Ridge campus and is supported by National Research Foundation Singapore (NRF), according to a joint statement released Friday. The lab would employ more than 100 researchers, analysts, engineers, and students, and work on 15 research projects. Scholarships also would be awarded to doctoral students involved in such projects.

Singapore puts budget focus on transformation, innovation

After tilting last year’s budget towards ’emergency support’ in light of the global pandemic, Singapore’s government will spend SG$24 billion ($18.1 billion) over the next three years to help local businesses innovate and build capabilities needed to take them through the next phase of transformation.

Read More

The research facility aimed to deliver 17 new products and services as well as 12 “improved” offerings in areas such as AI, healthcare, supply chain, urban infrastructure, and cybersecurity, It also would look to partner with at least 100 Singapore-based companies to use and finetune the developed technologies. Apart from AI, security, and healthcare, the la’s research would encompass urban infrastructure and future workforce and productivity. Amongst other objectives, research efforts would aim to explore the use of machine learning to scale customer service operations for large enterprises, develop an intelligent infrastructure for hospitals and healthcare at home, and improve productivity through understanding how employees learn and identifying skillsets needed in future workforce. Researchers, for instance, would develop AI algorithms to improve search, extraction, and knowledge learning from data collected in workplace environments. In healthcare, researchers would look to equip hospitals with “distributed and coordinated” intelligence to improve operational and clinical efficiencies. “These technologies are key not just in relation to successful digital transformation of businesses, but also to efforts of governments across the world as they look to digital adoption to improve citizen services,” NUS and Cisco said. “This is especially critical right now as companies and countries prepare for a post-pandemic future where digital-first interactions, a hybrid workforce, and smart urban infrastructure are likely to become ubiquitous.”

They added that cybersecurity would underpin such developments and enable businesses and governments to protect critical information infrastructures against malicious attacks. “Digital transformation is an inevitable direction for businesses and societies, and this has been accelerated by the COVID-19 situation. We need to be nimble and innovative to reap the benefits of digitalisation,” NUS President Tan Eng Chye said, adding that the university’s key research capabilities included data sciences, AI, and optimisation.Cisco’s Asean president Naveen Menon said: “Over the past 18 months, we have seen the role technology has played in keeping the world running as we grappled with the pandemic. As we prepare for a post-pandemic future, one thing is clear — technology will be central to every aspect of businesses and governments, and their interaction with consumers and citizens. In this digital-first era, building local innovation capabilities that deliver globally relevant solutions will be critical to the success of countries.”The lab is jointly led by Cisco Singapore’s co-innovation center manager Jeremy Lim and NUS’ Department of Electrical and Computer Engineering faculty member and associate professor Biplab Sikdar.RELATED COVERAGE More

Image: Getty Images
Australia’s plan to force social media users to identify themselves could damage people, harm international relations, and even breach human rights obligations, according to participants in a media roundtable on Friday. The Morrison government’s recent rush to identify users is based on the assumption that this would reduce online abuse. But according to Kara Hinesley, Twitter’s public policy director for Australia and New Zealand, there are few reasons to think it would work. “The concerns around anonymity in this current debate have been over-simplified, and system design changes cannot solve social problems without actual social change,” Hinesley said. “It’s not clear that anonymity is the primary driver of abusive and antisocial behaviour online. It’s even less clear that requiring government identification for social media would do anything to fix the situation. “I want to emphasise — I cannot emphasise this enough — a tech solution cannot fix the social problem.” Twitter organised the roundtable in conjunction with Digital Rights Watch, whose executive director, Lucie Krahulcova, was even more critical. Krahulcova is “incredibly frustrated” by this question of pursuing people when they’re anonymous online. It’s been her “extensive experience” that law enforcement isn’t particularly interested in pursuing people who libel, malign, harass, or commit similar crimes online.

“They’re not actually very excited about enforcing [existing laws] on behalf of women, people of colour, and historically I think there’s plenty of evidence of that in Australia,” Krahulcova said. “When we are speaking now about an attack on anonymity, it is because white men are uncomfortable with the criticism they get online. And that’s not just politicians, it’s also certain reporters and kind of sports stars and stuff. It is precisely because this societal group of privilege is frustrated with criticism,” she said. “None of these people were upset when Yassmin Abdel-Magied was bullied basically off the internet for having a controversial opinion.” Anonymity is a ‘critical tool’ for individual protection According to Hinesley, removing anonymity “could damage the people who rely on anonymity and pseudonymity online”, and those people are many. She and other panellists listed groups such as journalists protecting whistleblowers and other sources; people exploring their sexuality or gender identity; ethnic or religious minorities exploring their heritage; people escaping domestic violence and other abuses; human rights defenders; dissidents; and artists. “Anonymity can be a form of protection and a critical tool for people… Evidence is overwhelmingly pointing to anonymity bans being ineffective,” Hinesley said. According to Dr Emily van der Nagel, a social researcher at Monash University, “using a real name is not as straightforward for a lot of people online”. “Separating real names from social media profiles and usernames is an essential strategy for compartmentalising contexts, and for getting the most out of social media,” she said. Indeed, names even have the potential to signal which audience we’re communicating with. Think of the different dynamics of the full name, the nickname, the stage name, or even no name at all. “We know that real name policies and mandatory identity verification, they don’t make the internet safer or kinder,” van der Nagel said. “Instead, they damage attempts to contextualise our communication, forge the kinds of connections that matter on social media, and get in the way of us experiencing the kind of joy that’s possible in these spaces.” These issues are explored further in van der Nagel’s doctoral thesis, Social Media Pseudonymity: Affordances, Practices, Disruptions [PDF] and other academic writing. Anonymity is part of the right to freedom of expression Anonymity and pseudonymity are not only important, but they’re “guaranteed by human rights law”, according to law professor David Kaye, a former United Nations special rapporteur on the Promotion and Protection of the Right to Freedom of Opinion and Expression. “There’s a history of more or less explicit recognition that freedom of expression includes the freedom to speak, to seek, receive, impart information and ideas anonymously,” he said. This understanding is built on article 19 of the International Covenant on Civil and Political Rights, to which Australia is a signatory. “Anonymous speech, certainly in the development of democratic societies, has been essential to public debate. It’s been essential to individual human development in repressive societies,” Kaye said. “Undermining anonymity has rarely been shown to be necessary in the circumstances, and has often been shown to be a kind of interference based on illegitimate purposes, for example, a desire to find out who’s criticising you.” Kaye believes that anonymity and the confidentiality of communications are currently under threat everywhere. “It’s under threat in democratic societies. It’s under threat in authoritarian ones. There tend to be different reasons for that threat, but it’s very much under threat,” he said. “Australia’s proposals, I think, go beyond what we’ve seen in most rule of law-oriented societies.” Australia is of course the only major democracy that lacks a bill of rights. As Krahulcova noted, Australia’s policies are already being “mentioned in paperwork” in Europe and in the US, and she worried about the potential repercussions. “I worry that the approach that the Australian government is taking is actually just incredibly reckless. It’s not just bad policy. It’s reckless,” she said. “Australia needs to have a serious think about the system that it’s putting out into the world.” Last month Twitter outlined its views on regulating social media in a position paper, Protecting The Open Internet: Regulatory principles for policy makers [PDF]. “The Open Internet is global, should be available to all, and should be built on open standards and the protection of human rights,” it said. “Content moderation is more than just leave up or take down. Regulation should allow for a range of interventions, while setting clear definitions for categories of content.” Regulations should also protect competition, choice, and innovation, rather than entrenching the existing platforms, Twitter said. Related Coverage More

Yesterday afternoon, South Australia’s Department for Infrastructure and Transport confirmed that mySA Gov accounts were compromised through a cyber attack. mySA Gov is the South Australian government’s online platform and app that provides residents with single account access for the state’s services, such as checking into a venue or completing transactions for vehicle registration. The department said hackers accessed these accounts as account holders used the same or a similar password for their mySA Gov account as they had used for their account with an unrelated website. The hackers then used the passwords they had obtained from the unrelated website to access a number of mySA GOV accounts. The department did not provide details about the unrelated website. According to the ABC, 2,601 mySA Gov accounts were accessed in the attack, with 2,008 of them containing registration and licensing information. The department became aware of the breach on Tuesday, and has since blocked people from logging in if compromised passwords are used. It has also notified affected accountholders by email of the potential access to their account. The department said there was “no evidence of any unauthorised transactions” on the impacted accounts.

“It is strongly recommended that when choosing a new password for their account, customers do not use a password that has been previously used or is currently being used for any other accounts,” the Department for Infrastructure and Transport said in a statement. “This is timely reminder to all mySA Gov account holders and South Australians more generally to always set complex passwords and do not use the same password for more than one account.” As details could have been accessed by an unauthorised third party, the department has also encouraged all affected account holders to change their driver’s licence number by attending a Service SA Centre. Related Coverage More

The US State Department is continuing its offensive against ransomware groups, announcing an up to $10 million reward for any information “leading to the identification or location of any individuals holding key leadership positions in the DarkSide ransomware variant transnational organized crime group.”State Department spokesman Ned Price added that there is a $5 million reward “for information leading to the arrest and/or conviction in any country of any individual conspiring to participate in or attempting to participate in a DarkSide variant ransomware incident.””The DarkSide ransomware group was responsible for the Colonial Pipeline Company ransomware incident in May 2021, which led to the company’s decision to proactively and temporarily shut down the 5,500-mile pipeline that carries 45 percent of the fuel used on the East Coast of the United States,” Price said. “In offering this reward, the United States demonstrates its commitment to protecting ransomware victims around the world from exploitation by cyber criminals. The United States looks to nations who harbor ransomware criminals that are willing to bring justice for those victim businesses and organizations affected by ransomware.” The financial rewards are part of the Transnational Organized Crime Rewards Program and the State Department noted that it has paid $135 million in rewards since it was created 1986. The news of the rewards comes just one day after the cybercriminals behind the BlackMatter ransomware — a rebranded version of DarkSide — said they were closing shop due to increased pressure from law enforcement. In messages obtained by a member of the vx-underground group, the prolific BlackMatter ransomware group said that due to “certain unsolvable circumstances associated with pressure from the authorities (part of the team is no longer available, after the latest news) — project is closed.”

“After 48 hours the entire infrastructure will be turned off, allowing: Issue mail to companies for further communication [and] Get decryptor. For this write ‘give a decryptor’ inside the company chat, where necessary. We wish you all success, we were glad to work,” the group said in messages on its website. The message did not explain what “news” caused the closure but the last two weeks have featured dozens of stories and incidents that reflect an increasingly precarious environment for the group. The group attacked multiple agricultural companies after rebranding under the BlackMatter name but cybersecurity company Emsisoft created a decryptor that was able to help many victims of the ransomware. US Cyber Command and a foreign government conducted a successful disruption operation on the REvil ransomware group while officers from Europol arrested the Ukrainian group behind the MegaCortex, Dharma and LockerGoga ransomwares last week. Emsisoft threat analyst Brett Callow wondered whether the former Darkside/BlackMatter affiliates who reportedly lost millions due to the gang’s ineptitude would be tempted by the rewards offered by the State Department.”Given the right motivation, cybercriminals would happily throw each other under the bus — and they all know that. And cash is absolutely the right motivation,” Callow said. “The reward will create even more distrust in the criminal underworld, and that will make it harder for the gangs to operate. This is a very smart move from the US.” More

Cyber safety vendor NortonLifeLock on Thursday published its second quarter financial results, reporting double-digit revenue growth and its eighth consecutive quarter of sequential customer growth.Additionally, NortonLifeLock shareholders voted on Thursday overwhelmingly to support the company’s proposed merger with Britain’s Avast PLC. NortonLifeLock’s non-GAAP diluted EPS was 43 cents on revenue of $695 million, up 11%.
NortonLifeLock
Analysts were expecting earnings of 42 cents per share on revenue of $695.3 million.The company’s direct customer count in the quarter came to 23.3 million, up 2.6 million. Its customer count has grown every quarter since it was separated from Symantec, the enterprise security business that was purchased by Broadcom in late 2019.”When we became a standalone company, we said our focus is to make cyber safety available to as many people as possible,” CEO Vincent Pilette said to ZDNet. “There are 5 billion internet users, not all of them consciously protected against cyber criminality… When you sum up people who consciously paid for cyber safety, we have less than 5% penetration. And so it’s a long journey for us, and we’re excited to go and tackle that big problem.”To grow its customer base, NortonLifeLock six months ago acquired Avira, which offered a freemium model, with the idea to make freemium versions of all of NortonLifeLock’s products available to all Internet users. In August, the company announced its proposed merger with Avast, which would significantly expand NortonLifeLock’s geographic footprint. 

In the meantime, NortonLifeLock reported Q2 bookings of $681 million, up 7%. Direct average revenue per user was $8.85, up from $8.80 the prior quarter and down from $9.10 a year prior. While the pandemic has driven up consumer awareness about cybersecurity, Pilette said that at this point, “our  goals came down a little bit closer to normal,” with more seasonality driving sales. After a slower summer, Pilette said the company saw September finish on a “very strong note,” indicating the interest in cyber safety is still growing.  For the third quarter, the company is expecting revenue in the range of $695 million to $705  million. Non-GAAP EPS is expected to be in the range of 42 cents to 44 cents.NortonLifeLock also said Thursday its board of directors has declared a quarterly cash dividend of $0.125 per common share to be paid on December 15.

Tech Earnings More

Fortinet handily beat Wall Street estimates on Thursday, reporting a strong third quarter growth thanks to an expansion in business from the Asia-Pacific region.Fortinet delivered third quarter revenue of $867.2 million, up 33% from a year ago. For the third quarter, Fortinet’s non-GAAP earnings of $0.99 a share were above expectations. Wall Street was expecting Fortinet to report third quarter earnings of $0.94 a share on revenue of $809.9 million.Fortinet CEO Ken Xie said the company was pleased with its Q3 because they exceeded $1 billion in quarterly billings for the first time in their history. “Additionally, Gartner again recognized our Secure SD-WAN solution as a Leader in the 2021 Magic Quadrant for WAN Edge Infrastructure while placing highest in its ability to execute,” Xie said. “The total addressable market for network security is rapidly expanding from the data center outward to the local and wide-area networks, to the work-from-anywhere environment and to the cloud. We are focused on leveraging our ASIC-supported security fabric platform across this expanding total addressable market to drive better than industry average long-term growth for Fortinet.”Product revenue was up more than 50% compared to Q3 2020 at $337.1 million. Service revenue was $530.1 million for the third quarter of 2021, an increase of 24.1% compared to the same quarter of 2020.

The company was able to increase the revenue it brought in from APAC, growing it to $193.9 million, a 43.2% year over year change. For the fourth quarter, Fortinet is projecting revenue between $940 million and $970 million with non-GAAP earnings between $1.10 and $1.15 a share.  For 2021, Fortinet is projecting revenue of $3.32 billion to $3.35 billion with non-GAAP earnings of $3.85 to $3.95 a share.In Q4 2020, the company updated its FortiOS operating system with more than 300 new features including Zero Trust Network Access capabilities and tools to better secure networks and proliferating end points.Fortinet announced in March that it was investing $75 million in router maker Linksys as part of a “strategic alliance” aimed at securing work from home networks.Ahead of the earnings call, the company announced that it was combining its portfolio of zero trust, endpoint, and network security solutions under the “Fortinet Security Fabric,” banner.”Empowering users to move seamlessly between different work environments has critical implications for maintaining user productivity as well as security,” said John Maddison, EVP of Products and CMO at Fortinet. “Cybercriminals have been quick to exploit the expanded attack surface and security gaps created by this shift in work patterns to get a foothold into the corporate network. Today’s enterprise organizations require work-from-anywhere security that is as flexible and dynamic as today’s business demands. Fortinet is the only vendor capable of delivering unified security built for the Work-from-Anywhere Era that seamlessly adapts based on a user’s environment and risk profile.”

Tech Earnings More

Cybersecurity company Proofpoint released a new report on Thursday highlighting an increase in call center-based cyberattacks, noting a variety of scams perpetrated by threat actors stealing almost $50,000 per attack in some instances. Proofpoint researchers Selena Larson, Sam Scholten and Timothy Kromphardt said their company sees thousands of telephone-based cyberattacks each day, with most falling into two different categories. Some use fake call centers to steal a victim’s money and others use call centers to spread malware that can be used in other attacks. “The attacks rely on victims to call the attackers directly and initiate the interaction. Email fraud supported by call center customer service agents is prolific and profitable. In many cases, victims lose tens of thousands of dollars stolen directly from their bank accounts,” the researcher’s wrote.”One uses free, legitimate remote assistance software to steal money. The second leverages the use of malware disguised as a document to compromise a computer and can lead to follow-on malware. The second attack type is frequently associated with BazaLoader malware and is often referred to as BazaCall. Both attack types are what Proofpoint considers telephone-oriented attack delivery (TOAD).”Proofpoint researchers tied the activity to people working in the Indian cities of Mumbai, Kolkata and New Delhi. Cybercriminals use specific lures as a way to legitimize their scams, including presenting themselves as “Justin Bieber ticket sellers, computer security services, COVID-19 relief funds, or online retailers, promising refunds for mistaken purchases, software updates, or financial support.”The attacks start when victims are sent an email with a phone number that will connect them to a “customer service” official who is actually a cybercriminal. 

Other scams begin with fake emails for costly Amazon or PayPal invoices that urge the victim to contact the cyberattackers as a way to dispute the charge. Once the scam call center is called, victims are walked through the process of downloading malicious files or tools like AnyDesk, Teamvier and Zoho that give cyberattackers remote access to a device. Some scammers even ask victims to simply enter their bank account information in order to get refunds, according to Proofpoint. “In malware focused attacks like BazaCall, the invoice lures are often more elaborate, including themes such as Justin Bieber concerts, lingerie, and fake movie sites. The victim is directed to a malicious website where they are told to download a document to facilitate a refund, but instead are infected with malware,” the researchers explained.”Once the attackers have obtained access to the device, they can access banking, email, and other private accounts or download follow-on malware including ransomware. By leveraging attack chains that require a lot of human interaction, threat actors can bypass some automated threat detection services that only flag on malicious links or attachments in email.”
Proofpoint
As a way to learn adversary tactics, researchers with the cybersecurity company went along with one scammer as they walked them through the attack. Some of the attackers posed as ticket sellers for the upcoming 2022 Justin Bieber world tour and upcoming The Weeknd concerts. The scammers even play Bieber’s music while victims wait to speak to a representative, according to Proofpoint. The cyberattacker asked a Proofpoint analyst to visit a malicious website as a way to dispute a charge related to the concerts. Once the malicious file is downloaded, the cyberattacker hung up the phone. Unwanted scam calls have become a major issue for many Americans, some of whom get dozens of scam calls each week. The Proofpoint report cites a Truecaller report that found 60 million Americans lost $29.8 billion between 2020 and 2021 due to these calls. Sherrod DeGrippo, vice president of threat research and detection at Proofpoint, told ZDNet that threat actors are getting creative with their lures, noting that fake receipts for Justin Bieber tickets or a firearm purchase are attention-grabbing enough to trick even the most vigilant email recipient. “Should you respond in an attempt to dispute the charges, what follows is an elaborate infection chain that requires significant human interaction and takes victims down the rabbit hole of the worst possible fake customer service experience imaginable — one that ultimately steals your money or leaves behind a malware infection,” DeGrippo said. “Most successful cyberattacks require some form of human interaction to succeed, like clicking on a malicious link or opening an attachment. But what’s really interesting about these emails is how high they raise the bar, requiring victims to be far more proactive by actually initiating a phone call with the threat actors. It’s a bold, yet ultimately profitable attack.”Netenrich principal threat hunter John Bambenek said call center fraud is not new and has been used successfully in the past to try to lend credence to cybercriminal scams. But he explained that this specific technique doesn’t scale and said it’s “not uncommon for defenders to call these numbers to tie up the time of the attackers.” More

Apple software head Craig Federighi, unsurprisingly, has come out against Europe’s proposal to tear down Apple’s iOS walled-garden and allow sideloading of apps, which is possible on Android but discouraged by Google. Why? Malware, according to Federighi, who used his speech at the Web Summit conference in Lisbon, Portugal, about online privacy to contrast Android’s malware problem with that of Apple’s iOS. He highlighted that third-party data on malware attacks on different platforms including iOS, Android and Windows showed that attacks on iOS “barely registered”. By contrast, there were five million attacks on Android per month. “But there’s never been this widespread consumer malware attack on iOS. Never.” the Apple exec said. “Why is this? The single biggest difference is that other platforms allow side loading. Sideloading would mean downloading software directly from the open internet or from third-party stores, bypassing the protections from the App Store.”With sideloading those extra protections are undone. There’s no human app review and no single point of distribution for sideloaded apps. The floodgates are open for malware.”Apple is facing a mounting challenge in Europe, the US, Asia and Australia over its control over app distribution — it is by design a gatekeeper in terms of the apps installed on the iPhone, iPad and Apple Watch. 

Federighi’s claims aren’t a new angle from Apple; last month it published a paper arguing that if Europe forced Apple to allow sideloading it would turn iPhones “into ‘pocket PCs,’ returning to the days of virus-riddled PCs.”Apple was railing against Europe’s proposed Digital Services Act (DSA) and the Digital Markets Act (DMA), which would mandate tighter controls on online content and impose new rules for “gatekeepers” — like Apple, Google and Amazon — to help foster competition and improve interoperability between mobile platforms. Apple claimed that even if the EU’s proposal was limited to allowing apps to be installed from third-party app stores — as Android allows but Google actively discourages — this would increase malware due to insufficient reviews. To make his point, Federighi quoted from Europol’s advice to “only install apps from official app stores”. “Companies should only permit the install of apps from official sources on those mobile devices that connect to the enterprise network.”But Apple’s paper and Federighi’s comments come after the European Commission (EC) in April informed Apple of its preliminary view that Apple had distorted competition in the music streaming market as it abused its dominant position for the distribution of music streaming apps through its app store.”The investigations concern, in particular, the mandatory use of Apple’s own proprietary in-app purchase system and restrictions on the ability of developers to inform iPhone and iPad users of alternative cheaper purchasing possibilities outside of apps,” the EC said.    More