Latest news with #Denialof
Straits Times
7 days ago
- Politics
- Straits Times
S'pore vulnerabilities are no different from those of other nation: Commissioner of Cybersecurity
Find out what's new on ST website and app. Singapore's Cyber Security Agency's chief executive David Koh warned that in this realm, Singapore's vulnerabilities are no different from those of any other nation. SINGAPORE – Cyber threat levels have heightened amid geopolitical rivalries, with some states trying to coerce countries such as Singapore into taking or refraining from certain actions. Singapore's Cyber Security Agency's chief executive David Koh warned that in this realm, Singapore's vulnerabilities are no different from those of any other nation. 'Train systems can be disrupted, power plants, water systems. It will move to a new dimension, where you will encounter real world harms that will affect all of us,' he said. Mr Koh, who is also the country's first Commissioner of Cybersecurity, holds legal authority to investigate cyber threats and incidents, ensuring the continuity of essential services during cyber attacks. 'W hen we first started, the majority of threats were straightforward – web face defacements, DDoS (Distributed Denial of Service) attacks. They were a bit more like digital graffiti,' said t he former defence specialist in the armed forces, who has been CSA's chief executive from its founding 10 years ago. July 18 marks its 10th anniversary. These threats have grown in complexities as the economy grew more interconnected through the use of digital services. That meant the agency had to extend its umbrella, working with the private sector, to cover the man on the street. For instance, in 2024, the agency partnered Google to launch Google Play Protect, which blocks malicious apps once detected. Google has since introduced the feature to countries such as Brazil, India, South Africa, Philippines, Thailand and Hong Kong. Top stories Swipe. Select. Stay informed. World Trump diagnosed with vein condition causing leg swelling: White House World Trump was diagnosed with chronic venous insufficiency. What is it? Singapore 5 foreigners charged over scheme to deliberately get arrested in S'pore to sell sex drugs here Asia Appointment of Malaysia's new chief justice eases controversy over vacant top judge seats for now Singapore Driverless bus in Sentosa gets green light to run without safety officer in first for S'pore Singapore SPCA appoints Walter Leong as new executive director World US strikes destroyed only one of three Iranian nuclear sites, says new report Business Granddaughter of late Indonesian tycoon pays $25 million for Singapore bungalow Mr Koh said that such a partnership would have been unimaginable 10 years ago. Today, besides chairing the United Nations' Open-ended Working Group on cybersecurity, Singapore is also passing on its knowledge to Asean neighbors and countries such as Japan , which is in the process of passing cybersecurity laws . 'It is in Singapore's interest to support the international rules-based system, not just physical trade, but goods and services are increasingly also being transacted digitally,' he said. Countries justifiably want control of their national security, and have different tolerance levels for personal data sharing, he said, noting that interoperability can still be achieved. Singapore, Britain, Germany and Australia also co-lead the International Counter Ransomware Initiative. Singapore businesses, despite CSA advice to refuse ransomware demands, routinely cave in, according to surveys. High-profile cases in 2024 included law firm Shook Lin & Bok, the Jumbo Group and Mustafa. Recent polls by global security services firms Bitdefender and Sophos found that firms here are more likely than their global peers to keep silent on security breaches, pay up and less likely to negotiate amounts. But there are no plans to legislate ransomware reporting, which is now voluntary. 'Cybersecurity, ultimately, is a risk management issue. It is not possible for us to mandate a standard of cybersecurity for everybody. It's not a one-size-fits-all,' he said. Instead, the CSA hopes to raise reporting by working with the Singapore Business Federation to offer help to victims. With 70 per cent of companies that support the country's essential services coming from the private sector, the CSA has over the years, evolved to assist businesses on security issues and working on training and professional standards. From about 70 employees when it was started, the outfit has since grown to a headcount of around 500. Singapore was one of the first countries to establish a cybersecurity agency and one of the first to have a Cybersecurity Act, which was enacted in 2018. The US, Britain, France, Australia were other leaders in the domain then. The agency's sphere now includes scams, national threats, cyber security certifications and data security, which it works on with other government agencies, businesses and institutes of education and training. Singapore's cyber maturity ranks well compared with many countries, but the issue is how it compares with a determined attacker, he said, urging Singaporeans to play a part. 'The weakest link can be the company that doesn't patch its software, uses weak passwords, or the supplier in the supply chain who makes a mistake, who doesn't take cybersecurity seriously. It could be the employee who clicks on the phishing email, or the individual customer who comes in and has unsafe practices.' Sometimes, extra security comes with friction. 'You need to recognise that this is a trade-off between convenience and security. Sometimes, it also translates into a little bit more cost. We must be willing to pay this cost.'
Business Insider
16-07-2025
- Business
- Business Insider
Kenya records 201% surge in cybercrime as AI-powered threats escalate
Kenya is grappling with a dramatic surge in cybercrime, as the country recorded a staggering 201.7% rise in cybersecurity threats within the first quarter of 2025. Kenya recorded a 201.7% increase in cybersecurity threats during Q1 2025, reaching 2.5 billion incidents. The Communications Authority of Kenya issued 13.2 million advisories, up 14.2% from the previous quarter, to address these threats. Artificial intelligence is enabling more rapid and sophisticated cyber threats, as noted by the World Economic Forum. According to the latest sector statistics released by the Communications Authority of Kenya (CA), cyber threats skyrocketed to 2.5 billion incidents, up from 840.9 million in the previous quarter. This alarming rise is one of the sharpest in recent years and highlights growing vulnerabilities across critical sectors such as finance, telecommunications, and government systems. Spike in advisories and vulnerabilities In response, the CA issued 13.2 million cybersecurity advisories, marking a 14.2% increase from 11.6 million advisories the previous quarter. The most significant growth was observed in system vulnerabilities, which surged by 228.3% to 2.47 billion threats, compared to 752.4 million previously. These vulnerabilities include unpatched software, weak passwords, outdated encryption methods, and insecure network configurations, common weaknesses that attackers exploit to gain access. Web application attacks, targeting vulnerabilities in websites and online platforms, also rose by 11.8%, reaching 5.08 million threats. These attacks often aim to steal data, disrupt services, or gain unauthorised access. Decline in other attack types Interestingly, not all threat categories saw an increase. The report notes a decline in several traditional cyberattack methods: DDoS (Distributed Denial of Service) attacks: down by 76% Mobile application attacks: down by 51% Malware: down by 28% Brute force attacks: down by 3% The rise in cyber threats is attributed in part to the increasing sophistication of cybercriminal networks. A study by the World Economic Forum (WEF) reveals that cyberattacks now take less than four days to execute, compared to about 60 days in 2019. According to the WEF, this speed is driven by artificial intelligence (AI) technologies, which are now being used by threat actors to write code and generate more sophisticated forms of malware and ransomware. 'Threat actors are already using AI-powered language models like ChatGPT to write code,' the report states. 'Generative AI is helping even less experienced hackers create new ransomware strains, significantly increasing attack volumes.' The WEF also warns that the widespread ownership of smartphones, laptops, and tablets is creating a vast attack surface for cybercriminals. 'We expect increased use of AI by malicious actors in the near future,' the report concludes, 'making it urgent to implement stronger, more adaptive cybersecurity measures.'
The Hindu
20-05-2025
- Business
- The Hindu
Technopark-based AI platform claims to have thwarted cyberattacks during India-Pak stand-off
Prophaze Technologies, a leading cybersecurity company headquartered in the Technopark here, has claimed to have successfully neutralised a series of large-scale Distributed Denial of Service (DDoS) attacks targeting India's high-value installations during the recent stand-off with Pakistan. The AI-powered Web Application and API Protection (WAAP) platform by Prophaze, deployed across key sectors, played a vital role in countering cyberattacks aimed at disrupting major installations like airports and financial institutions, according to a statement issued by the Technopark on Tuesday. DDoS means disruption of the traffic of websites or networks with an overwhelming amount of Internet traffic, like traffic snarls. Between May 5 and 9, multiple waves of DDoS attacks were detected from globally distributed botnets with traffic volumes peaking at 85 million malicious requests within a 10-hour window on May 9, signalling a dramatic escalation in cyberthreats targeting India's critical infrastructure. Hacktivist groups such as AnonSec, Sylhet Gang (SG), and Dienet publicly claimed responsibility for attempting to take down Indian government services. Vaisakh T.R., CEO and founder, Prophaze, said, 'Despite the scale and aggression of these attacks, there was zero downtime. All systems remained operational - denying attackers the disruption they intended. The first wave hit late May 5, targeting a major Indian airport. Prophaze's threat intelligence team identified consistent track IP patterns and unusual behaviours in real time, spanning globally,' he is quoted saying in the statement. This was not the first time Prophaze safeguarded national infrastructure. In April 2023, large-scale DDoS attacks on six major Indian airports and hospitals were neutralised through Prophaze's intelligent Layer 7 mitigation systems, minimising disruption and restoring operations swiftly. Hacker group Anonymous Sudan had targeted the websites of major airports and hospitals, attempting to cause DDoS at these establishments. According to Lakshmi Das, COO & co-founder of Prophaze, this recent attack was significantly more intense than the campaign by Anonymous Sudan in 2023. Ms. Das said, 'We had already implemented proactive defences leveraging our deployments within the sector, giving us a strategic edge to respond instantly and effectively.' In this latest attack, geo-fencing, IP profiling, and behavioural analysis enabled the start-up to isolate and neutralise the latest threat in record time, the statement said. By identifying repeated fingerprinting patterns across globally distributed botnets and applying custom WAF rules with real-time anomaly detection, the platform halted the attack within hours, it said. While some regional spikes in traffic were observed across India, critical operations remained uninterrupted, especially at high-value digital entry points. Founded in 2019 and incubated by Kerala Startup Mission (KSUM), Prophaze began its journey by securing a cloud-based HR solution provided by a third-party vendor for Bank of America to meet strict compliance requirements. MS. Das said, 'Prophaze was the world's first cybersecurity product company to deliver a Kubernetes-based Web Application Firewall (WAF) to an enterprise to address real-world security threats. We've continued to push boundaries recognised as a Representative Vendor in Gartner's 2025 Market Guide for WAAP and earlier, in 2024, for API Protection as well.' The company has also built strategic partnerships with leading global technology players, including Keltron, Deloitte, and Intel. 'We aim to become India's first cybersecurity unicorn. Our mission is to build globally competitive, AI-driven security systems rooted in trust and precision,' she said. The startup has 100-plus clients across the world with a global presence in the US, Australia, West Asia, and beyond, the statement said.
Indian Express
09-05-2025
- Business
- Indian Express
India-Pakistan tensions: Nirmala Sitharaman to chair meeting with banks, financial institutions on cyber readiness
Finance Minister Nirmala Sitharaman will chair a review meeting on cybersecurity preparedness of banks and financial institutions on Friday evening, amid heightened concerns that the country's critical infrastructure could be hit by cyber attacks amid the ongoing tensions between India and Pakistan. Representatives from various public and private banks, the Reserve Bank of India (RBI), National Payments Corporation of India (NPCI), NSE, BSE, and the Indian Computer Emergency Response Team (Cert-In), among others are expected to attend the meeting. Cert-In has been coordinating with various critical sector entities to ensure their cybersecurity preparedness. The development comes as the Pakistan Armed Forces launched multiple attacks using drones and other munitions along the entire Western Border of India on Thursday night while also resorting to numerous ceasefire fire violations (CFVs) along the Line of Control in Jammu and Kashmir. The Indian Army said that the 'drone attacks were effectively repulsed and befitting reply was given to the CFVs'. The Pakistani escalation came a day after India carried out targeted strikes on nine sites in Pakistan and PoK. On May 7, The Indian Express had reported that following 'Operation Sindoor,' agencies and organisations which are in charge of India's critical infrastructure, such as the Power Ministry, financial institutions including banks, and telecom operators were asked to be on 'high alert' after having faced a number of cyber attacks following the Pahalgam terror attack last month. 'There have been some DDoS attacks on some infrastructure, but we have contained them. Now we are on high alert because such attempts will certainly be made,' a senior government official had said earlier. A DDoS (Distributed Denial of Service) attack is a cyberattack where an attacker overwhelms a website, server, or network with malicious traffic from multiple sources, making it slow or inaccessible to legitimate users. The Indian Express had reported on Wednesday that soon after news about Operation Sindoor broke, social media platforms such as X were flooded with misinformation related to India's strikes on nine sites in Pakistan and Pakistan-occupied Kashmir (PoK). The ministries of IT and Information and Broadcasting sprung into action and decided that the government will dip into its legal powers of blocking any content or account they feel is propagating misinformation related to the strikes. On Thursday, social media platform X said that it received executive orders from the Indian government requiring the company to block over 8,000 accounts in India, including those belonging to 'international news organisations and prominent X users'. It said that falling foul of the executive orders could subject the company to potential penalties including significant fines and imprisonment of its local employees. Soumyarendra Barik is Special Correspondent with The Indian Express and reports on the intersection of technology, policy and society. With over five years of newsroom experience, he has reported on issues of gig workers' rights, privacy, India's prevalent digital divide and a range of other policy interventions that impact big tech companies. He once also tailed a food delivery worker for over 12 hours to quantify the amount of money they make, and the pain they go through while doing so. In his free time, he likes to nerd about watches, Formula 1 and football. ... Read More Aanchal Magazine is Senior Assistant Editor with The Indian Express and reports on the macro economy and fiscal policy, with a special focus on economic science, labour trends, taxation and revenue metrics. With over 13 years of newsroom experience, she has also reported in detail on macroeconomic data such as trends and policy actions related to inflation, GDP growth and fiscal arithmetic. Interested in the history of her homeland, Kashmir, she likes to read about its culture and tradition in her spare time, along with trying to map the journeys of displacement from there. ... Read More
Indian Express
07-05-2025
- Politics
- Indian Express
Govt acts on online misinformation on Operation Sindoor; power infra, banks on ‘high alert' over cyberthreats
The ministries of IT and Information and Broadcasting are 'constantly monitoring' content being uploaded to social media platforms for misleading content related to the aftermath of 'Operation Sindoor' to issue takedown orders, and have sensitised social media platforms to block any content that is unlawful, a senior government official told The Indian Express. Agencies and organisations which are in charge of India's critical infrastructure, such as the Power Ministry, financial institutions including banks, and telecom operators are also on 'high alert' after having faced a number of cyber attacks following the Pahalgam terror attack last month. 'There have been some DDoS attacks on some infrastructure, but we have contained them. Now we are on high alert because such attempts will certainly be made,' the official said. A DDoS (Distributed Denial of Service) attack is a cyberattack where an attacker overwhelms a website, server, or network with malicious traffic from multiple sources, making it slow or inaccessible to legitimate users On Wednesday afternoon, during a meeting between officials from the two ministries, there was acknowledgement that social media platforms like X were flooded with misinformation related to India's strikes on nine sites hitting terrorist infrastructure in Pakistan and Pakistan-occupied Kashmir (PoK). It was decided that since the situation was evolving with people making varied claims online, the government would have to closely monitor such content, and also dip into its legal arsenal of prohibiting such content from spreading. In times of uncertainty, online disinformation campaigns often act as a strategic ploy to capture the narrative war. Such campaigns—which have become routine now on social media platforms that have been unable to curb the sheer number of misleading content on their sites—have been used in previous and ongoing conflicts as well, such as the Israeli strikes on Gaza, and Russia's invasion of Ukraine. From visuals of unrelated air strikes and incorrect claims of retaliation, to even footage lifted from video games — as India carried out Operation Sindoor in the early hours of Wednesday, social media platforms like X became the battleground for online disinformation campaigns in a bid to mislead people. The Press Information Bureau's (PIB's) fact check unit has fact checked several viral claims related to the airstrikes which were being made online. One such post contained a letter written by a scientist at DRDO about an alleged failure in BrahMos missile components. The fact check unit clarified that no such scientist works at DRDO and the letter is fake. Several old visuals showing a crashed aircraft were also circulating online with the claim that Pakistan recently shot down an Indian Rafale jet near Bahawalpur during the ongoing Operation Sindoor, which the PIB unit has deemed to be fake. The government has advised users of social media platforms to exercise restraint. 'Don't trust and share unverified information. Check official sources from the Government of India for accurate information,' the IT Ministry said in multiple posts on social media platform X. Post the Pahalgam terror attack, the government had banned 16 Pakistani YouTube channels, including some leading channels such as Dawn News, Samaa TV, Ary News, and Geo News, for disseminating provocative and communally sensitive content, and false and misleading narratives and misinformation against India, its Army and security agencies.
