Share This

Showing posts with label Internet. Show all posts
Showing posts with label Internet. Show all posts

Sunday, 11 August 2024

No banking on hacked phones

 


PETALING JAYA: Customers with compromised devices will be temporarily restricted from accessing banking apps as banks in Malaysia roll out a feature that detects high-risk malware and suspicious remote access.

In a statement yesterday, the Association of Banks Malaysia (ABM) and Association of Islamic Banking and Financial Institutions Malaysia (Aibim) said the feature, called malware shielding, will be embedded within the banks’ native mobile banking apps.

Both organisations stated that the feature is designed to prevent unauthorised transactions, protect customers’ funds, and shield them from malware scams.

“It will essentially alert or block customers from conducting banking activities on compromised devices,” said the statement. 

Banks that have enabled the feature on their mobile banking apps include Alliance Bank, AmBank, Bank Muamalat, Bank Simpanan Nasional, CIMB Bank, HSBC Bank, Maybank, MBSB Bank, OCBC Bank, Public Bank, RHB Bank, Standard Chartered, and UOB Bank.

“Emphasising customer privacy, malware shielding is only activated upon the customer launching the mobile banking app and does not run in the background 24/7,” said ABM chairman Datuk Khairussaleh Ramli in the statement.

He added that customers’ banking information and personal data will remain confidential.

Bank Negara governor Datuk Seri Abdul Rasheed Ghaffour said the fight against online scams is a shared responsibility, welcoming the move by banks to enhance online banking apps with added security features.

“This helps to create a more secure banking environment for all Malaysians. We also urge members of the public to remain vigilant against requests to download apps from unofficial sources,” he added.

Customers are advised to reach out to their banks’ 24/7 fraud hotline for assistance should they encounter a temporary restriction.

When contacted, National Cyber Security Agency (Nacsa) chief executive Dr Megat Zuhairy Megat Tajuddin said the measure is well-suited to address specific challenges faced by users in Malaysia as cyber threats are becoming increasingly sophisticated and prevalent.

“In 2023, 40% of the total incidents monitored by the National Cyber Coordination and Command Centre (NC4) were malware-related. In 2024, up until June, the NC4 handled 34% of incidents related to malware,” Megat Zuhairy said.

While the temporary restriction is regarded as an important preventive step, Megat Zuhairy said its effectiveness is also dependent on users.

“They need to adhere to recommended cyber hygiene practices such as to only download apps from official platforms and avoid performing online activities through unsecured WiFi networks,” he said.

Malaysia Cybersecurity Community rawSEC chairman Ts Tahrizi Tahreb said the malware shielding technology could potentially prevent several types of banking malware that are used by hackers to infiltrate devices and perform unauthorised financial transactions.

“Some of them include Cerberus which can mimic legitimate banking app interfaces to capture user credentials and one-time passwords through overlays and screenshots,” he said.

Tahrizi added that another type of malware called Gustuff has been known to target over 100 banking apps and can automate bank transactions on compromised devices.

“These malware types often exploit vulnerabilities in mobile banking applications, making them prime targets for shielding technologies,” he said.

Malaysia Cyber Consumer Association (MCCA) said the initiative represents a proactive approach to addressing the growing threat of cyberattacks on financial systems.

“However, MCCA also emphasises the importance of implementing this feature with caution, transparency, and a strong focus on user education,” its chairman Siraj Jalil said.

He added that the criteria used to define a “compromised device” must be transparent and precise.

“The effectiveness of such a solution hinges on its ability to accurately identify compromised devices without generating false positives. A significant number of false positives could lead to legitimate users being locked out of their banking apps, causing unnecessary frustration and potential financial disruption.

“If users find themselves frequently locked out of their apps, they might resort to using web-based banking solutions, which may not be as secure as the mobile apps, or they could turn to unofficial methods to bypass the restrictions, further exposing themselves to risks,” said Siraj.

Tahrizi said banks can further enhance security and customer protection by implementing some additional measures.

“Banks should regularly test their apps through application security testing (AST) and infrastructure security testing (IST). All identified issues should be tracked, with priority given to remediating critical and high vulnerabilities,” he added.

Customers also need to be constantly reminded of the latest potential online scam attempts.

“Ongoing education and awareness of safe mobile banking practices, such as recognising phishing attempts and avoiding suspicious downloads, can empower customers to protect themselves, and this is a very effective first line of defence,” he said.

Source link 

Related posts:

THE FIGHT AGAINST CYBERCRIME IN FINANCIAL SERVICES


EXCLUSIVE On top of the scams list: Beating the cheats

 


Friday, 29 March 2024

Malaysia's internet still not quite up to speed

 


Group push for higher broadband standards amid new regulations


PETALING JAYA: New regulations are set to take effect on April 1 to enhance the overall quality of wireless broadband services, with telcos required to deliver a minimum download speed of 7.7mbps.

But with the regulatory body, Malaysian Communications and Multimedia Commission (MCMC), saying that the product offerings of telcos to users will not be affected, meaning that plans below 7.7Mbps will not change after April 1, consumer and other groups have countered to say that the aim should be to improve user experience.

Federation of Malaysian Consumers Associations (Fomca) vice-president and legal adviser Datuk Indrani Thuraisingham said the download speed of 7.7mbps set is not good enough as Malaysia aims to be one of the top AI hubs in the region.

“We need to compare ourselves with other neighbouring countries to ensure that we will be able to compete,” she said when contacted yesterday.

ALSO READ : ‘Current mobile plans not affected by new standard’

Malaysian Association of Standards Users (Standards Users) secretary-general Saral James Maniam said the existing Mandatory Standards for Quality of Service (MSQoS) aims to safeguard consumer interests and ensure optimal wireless broadband services, while the updated one focuses on further enhancing Internet service quality across the country.

“The new MSQoS mandates an average download speed of at least 7.7Mbps, compared with the existing requirement of 2.5Mbps for mobile and 25Mbps for fixed wireless access.

“The standards will ensure the providers comply to prioritise quality and potentially invest in upgrades to meet the new standards,” she said.

After conducting a comparison of Internet download speeds in Malaysia, Singapore, Thailand, Vietnam and Indonesia, she said she found that “Malaysia can do much better”.

She said Singapore currently has among the fastest mobile download speeds at 264.15Mbps while its fixed broadband download speed is at 263Mbps.

“Singapore leads with the fastest speeds in both categories. Thailand and Vietnam have moderate speeds. Malaysia must maintain a speed that is at least comparable to that of Indonesia’s and 7.7Mbps is very low,” she added.

Saral James said MCMC will monitor compliance with the new minimum standard and penalties might apply for non-compliance, highlighting the importance of adhering to the new standards.

“There is a transparency needed on how the compliance will be monitored,” she said, adding that it would be better if users also monitor their download speeds.

“The question is what is the application available for the consumer to check and report?” she asked.

Malaysia Cyber Consumer Association president Siraj Jalil said it is important for service providers to give a clear baseline on minimum download speed.

“This will be good for users; if they understand what is their right, their awareness will increase. The authorities should also from time to time measure the service providers’ services,” said the head of the body which focuses on educating users on digital technology,

Consumers Association of Penang’s (CAP) education officer NV Subbarow said it is the duty of the government to provide the best facilities to consumers.

“Consumers are paying the charges they are requesting. The service providers must ensure and strictly follow the new ruling,” he said.

Source

Related stories:

Students lament cheaper mobile plans with crawling speeds

‘Current mobile plans not affected by new standard’

SMART bridging Sarawak’s digital divide

‘Sabah Internet still has big room for improvement’

Related posts:

Internet Speed in Asia, Telekom Malaysia Not so broadband but a chore !

Malaysia's Broadband Plans Not Up to Speed Yet


Friday, 28 July 2023

Musk’s Starlink lands in Malaysia

Just landed: Starlink announced its arrival in Malaysia with a photo of its electronic phased array antenna set against a backdrop of the Petronas Twin Towers in Kuala Lumpur. — @Starlink/Twitter


PETALING JAYA: Starlink’s satellite-based broadband service is now available in Malaysia, following the Prime Minister’s virtual meeting with Elon Musk on July 14.

This makes Malaysia the 60th country to be served by the Musk-owned satellite constellation.

The service, which doesn’t come with a contract, requires users to self-install the hardware and purchase the starter kit.

Customers can try out its service for 30 days and return the hardware for a full refund if they are not satisfied with it.

In an announcement on July 20, Communications and Digital Minister Fahmi Fadzil said that Malaysia issued the licence to allow Starlink to provide Internet services locally.

He added that the government is prepared to cooperate with satellite communication firms such as Starlink to achieve 100% Internet coverage in populated areas.

However, Dr Sean Seah, Malaysian Space Industry Corporation (Masic) pro tem deputy president, is concerned that Starlink’s entry could put local companies at a disadvantage.

"Furthermore, currently Malaysia has achieved more than 96% nationwide Internet connectivity coverage (Malaysia Stats Dept 2022) with services from Malaysian companies without Starlink."

"Chances must be given to local companies that have invested billions, before bringing in Starlink to compete with them," he said.

He also claimed that Malaysia may be exposed and risks being under "surveillance" or "profiling" by Starlink satellites, adding that they are also "not owned, controlled, or regulated" by Malaysian regulators and law enforcement, and Starlink has been given a "special exemption" to operate in Malaysia as a 100% foreign-owned entity.

"This may lead to national sovereignty issues," Seah said in a statement.

Starlink’s Starlink Kit comes with an electronic phased array antenna with a base suited for ground installation, a WiFi router and cables.

The standard version, which Starlink recommends for “residential users and everyday Internet applications” costs RM2,300.

The high-performance kit, which is priced at RM11,613, is recommended for “power users and enterprise applications”.

Starlink claimed that the high-performance kit offers improved weather resistance, three times better speeds at temperatures above 35°C and better visibility, especially in areas with unavoidable obstructions.

Starlink’s Internet plan offers up to 100Mbps (megabits per second) download speed and costs RM220 monthly.

Customers will also have to pay an additional RM100 for shipping and handling fees, with delivery times expected to be between one and two weeks.

Datuk Seri Anwar Ibrahim held a discussion with Musk on July 14, welcoming the company’s decision to invest in Malaysia, which includes launching Tesla EVs and Starlink.

In an online report, Anwar said that he has ordered 40 Starlink sets for schools, colleges and universities.

Source link

Related posts:

Malaysia on right track to be EV power house

Wednesday, 22 February 2023

How to prepare for cyber risks


Minimising the chances of attacks Cyber threats are evolving and escalating at an alarming rate for asset-intensive industries such as the energy sector.

ARE organisations only concerned with undertaking the right measures to mitigate cyber risk after they have been cyberattacked?

This may be the case in most situations but the more important question to ask is – what are the cybersecurity controls that should be considered by organisations?

The answer is straightforward – the controls that have the biggest impact on reducing the likelihood or the impact of a successful cyberattack.

Cyber risk is generally defined as the threat to the system, the system’s vulnerability and the resulting consequences. 

Therefore, to successfully protect information technology (IT) and operational technology (OT) systems, companies must understand the tactics, techniques and procedures (TTPS), which threat actors use to achieve their desired objective.

Here are several examples of well documented cyberattacks on critical national infrastructure over the past two decades:

In 2010, arguably, the most sophisticated cyberattack was executed on an Iranian uranium enrichment facility that exposed the weakness of cybersecurity controls and vulnerability of OT environments.

The STUXNET worm was designed specifically to target these environments which allowed the threat actor to exploit and disrupt production operations causing downtime and business impact.

STUXNET was the eureka moment for the energy and manufacturing industries that OT environments can be breached and what impact it can have on their business, human lives, environment and economies.

Unfortunately, it was also an eureka moment for threat actors too. OT cyberattacks surged rapidly and suddenly the attack techniques from threat actors, in terms of creativity and smartness of achieving their malicious objectives, evolved since then.

In 2015, Ukraine was hit by another massive cyberattack that shut off power at 30 substations and left millions of people without electricity for up to six hours. SCADA equipment was rendered inoperable and power restoration had to be completed manually, which further delayed restoration efforts.

So how was this achieved – must have been very sophisticated? Actually, not.

Spear phishing was used to introduce the Blackenergy malware that exploited the macros in excel-based documents on computer systems at the plants. Meaning that the threat actors did nothing different than using known TTPS for cyberattacks on IT environments.

The same exploitation tools were used to find user credentials to escalate their privileges to move laterally in the network or to send malicious commands to disrupt plant operations.

The 2015 cyberattack seemed like an experiment as barely a year later the Ukraine Power Grid was attacked again and this time the capital city Kiev went dark, breakers tripped in a large number of substations.

However, this time the threat actors also jammed the utility’s call centres to prevent customers from reporting the outage by launching Telephone Denial of Service (TDOS) attack.

The approach was more sophisticated as the threat actors directly manipulated the SCADA systems using CRASHOVERRIDE – the first known malware specifically designed to target the power grids directly around the globe with the ability to wipe or delete files, disable processes like malware protection and even the software from OT vendors.

This was another eureka moment – national power grids are not safe from threat actors either.

One of the most concerning cyberattacks was in 2017 where the TRITON malware targeted the specific safety critical Programable Logic Controller’s (PLCS) in the Middle East. The function of these PLCS is to protect plants and people from disasters caused by mechanical failure.

In 2018, advanced persistent threat attacks on industrial environments continued to rise, and industrial espionage increased.

After 2019, there was a drastic increase in ransomware activities in OT environments including the manufacturing, water treatment and pipeline industries.

Recently, Cybersecurity and Infrastructure Security Agency launched the Cross-sector Cybersecurity Performance Goals as a prioritised subset of IT and OT cybersecurity practices, aimed at meaningfully reducing risks to critical national infrastructures and the community it supports.

These cybersecurity controls are not meant to be the only considerations for organisations. The purpose is to form the foundation to protect IT and OT infrastructures against cyberattacks as part of the defence-in-depth cybersecurity strategy.

These are some of the logical first steps to consider:

User account security

User accounts are generally one of the first gateways for threat actors to gain access to the network to establish a foothold and move laterally. On the surface, this may seem simple but maintaining user account security hygiene has been a long-standing challenge for many organisations.

Here are the suggested foundational controls that should be considered:

> enable the detection of unsuccessful user login attempts

> change all default passwords and implement multi-factor authentication

> update the minimum password strength > separate user and privilege accounts > enforce unique user credentials (not just email addresses as commonly used)

> revoke the credentials of departing employees.

Device security

Device security are measures taken to secure computing devices (hardware and software) from cyber threats but also to maintain service continuity.

Here are the suggested foundational controls that should be considered:

> approval process for new hardware and software deployment

> the disablement of macros by default > maintaining an up-to-date asset inventory

> prohibiting the connection of unauthorised devices

> documenting device configurations.

Data security

The purpose is to protect sensitive and confidential data from unauthorised access, theft, loss and destruction.

Here are the suggested foundational controls that should be considered:

> strong and agile encryption

> enable log collection

> secure storage of the said logs.

Governance and training

A strong governance structure is a key success factor for any cybersecurity strategy and operations to manage cyber risks effectively and to ensure adequate protection of data and systems.

Here are the suggested foundational controls that should be considered:

> appointment and empowerment of a single leader to be accountable for cybersecurity

> a single leader to be responsible for Ot-specific cybersecurity

> basic cybersecurity training for all employees and third parties

> OT specific cybersecurity training for OT managers and operators

> establish an effective relationship between IT and OT cybersecurity to improve the response effectiveness for OT cyber incidents.

Vulnerability management

To reduce the likelihood of threat actors exploiting known vulnerabilities in IT and OT systems, the following foundational controls should be considered:

> mitigate known vulnerabilities

> gather vulnerability intelligence by security researchers and enable the researchers to submit discovered weaknesses or vulnerabilities faster

> blacklisting of exploitable services on the Internet

> limit OT connections to public Internet > conduct third-party validation of control effectiveness.

Supply chain/third party

To ensure the integrity and reliability of supplier products and services the following foundational controls should be considered:

> establish supplier cybersecurity requirements

> immediate disclosure of known cybersecurity incidents and vulnerabilities to enable rapid response.

Detection, response and recovery

Here are the suggested foundational controls that should be considered:

> capability to detect relevant threats and TTPS

> a comprehensive response and recovery plan (including appropriate back-ups) in place helps organisations be prepared for the inevitable security incidents that will occur and ensures that they have the processes and resources in place to minimise the impact and recover effectively.

Network segmentation

Network segmentation reduces the likelihood of threat actors accessing the OT network after compromising the IT network and vice versa.

Here are the suggested foundational controls that should be considered:

> segment IT and OT networks

> segment safety critical systems form other systems

> segmentation of temporarily connected devices

> segmentation of wireless communications

> segmentation of devices connected via untrusted networks/internet.

Email security

By implementing effective email security measures, organisations can reduce the risks from common email-based threats and ensure the confidentiality and integrity of email communications.

Here are the suggested foundational controls that should be considered:

> Email encryption

> Email account authentication

> and email filtering.

In conclusion, cyber threats are evolving and escalating at an alarming rate for asset-intensive industries such as the energy sector.

Strengthening the cybersecurity foundations are imperative to build a defence-indepth model that would reduce the chances of cyberattacks and safeguard IT and OT environments.

By JACO BENADIE Jaco Benadie is partner, Ernst & Young Consulting Sdn Bhd. The views expressed here are the writer’s own. 

Source link

 

Related:

 

Exclusive: Hacker group with members from Europe, North America found to have launched cyberattacks against China

Chinese cybersecurity experts have exposed a hacker group, with its core members coming from Europe and North America, which has been launching sustained cyberattacks against China as its primary target, posing a serious threat to the country's cybersecurity and data security, the Global Times learned from a Beijing-based cybersecurity lab on Sunday. 

 

 

Related posts:

 

THE FIGHT AGAINST CYBERCRIME IN FINANCIAL SERVICES

China captures powerful US NSA cyberspy tool

 

Tuesday, 14 February 2023

Lies, racism and AI: IT experts point to serious flaws in ChatGPT

 


 ChatGPT may have blown away many who have asked questions of it, but scientists are far less enthusiastic. Lacking data privacy, wrong information and an apparent built-in racism are just a few of the concerns some experts have with the latest 'breakthrough' in AI. — Photo: Frank Rumpenhorst/dpa

BERLIN: ChatGPT may have blown away many who have asked questions of it, but scientists are far less enthusiastic. Lacking data privacy, wrong information and an apparent built-in racism are just a few of the concerns some experts have with the latest 'breakthrough' in AI.

With great precision, it can create speeches and tell stories – and in just a matter of seconds. The AI software ChatGPT introduced late last year by the US company OpenAI is arguably today's number-one worldwide IT topic.

But the language bot, into which untold masses of data have been fed, is not only an object of amazement, but also some scepticism.

Scientists and AI experts have been taking a close look at ChatGPT, and have begun issuing warnings about major issues – data protection, data security flaws, hate speech, fake news.

"At the moment, there's all this hype," commented Ruth Stock-Homburg, founder of Germany's Leap in Time Lab research centre and a Darmstadt Technical University business administration professor. "I have the feeling that this system is scarcely being looked at critically."

"You can manipulate this system"

ChatGPT has a very broad range of applications. In a kind of chat field a user can, among others, ask it questions and receive answers. Task assignments are also possible – for example on the basis of some fundamental information ChatGPT can write a letter or even an essay.

In a project conducted together with the Darmstadt Technical University, the Leap in Time Lab spent seven weeks sending thousands of queries to the system to ferret out any possible weak points. "You can manipulate this system," Stock-Homburg says.

In a recent presentation, doctoral candidate and AI language expert Sven Schultze highlighted the weak points of the text bot. Alongside a penchant for racist expressions, it has an approach to sourcing information that is either erroneous or non-existent, Schultze says. A question posed about climate change produced a link to an internet page about diabetes.

"As a general rule the case is that the sources and/or the scientific studies do not even exist," he said. The software is based on data from the year 2021. Accordingly, it identifies world leaders from then and does not know about the war in Ukraine.

"It can then also happen that it simply lies or, for very specialised topics, invents information," Schultze said.

Sources are not simple to trace

He noted for example that with direct questions containing criminal content there do exist security instructions and mechanisms. "But with a few tricks you can circumvent the AI and security instructions," Schultze said.

With another approach, you can get the software to show how to generate fraudulent emails. It will also immediately explain three ways that scammers use the so-called "grandchild trick" on older people.

ChatGPT also can provide a how-to for breaking into a home, with the helpful advice that if you bump into the owner you can use weapons or physical force on them.

Ute Schmid, Chair of Cognitive Systems at the Otto Friedrich University in Bamberg, says that above all the challenge is that we can't find out how the AI reaches its conclusions. "A deeper problem with the GPT3 model lies in the fact that it is not possible to trace when and how which sources made their way into the respective statements," she said.

Despite such grave shortcomings, Schmidt still argues that the focus should not just concern the mistakes or possible misuse of the new system, the latter prospect being students having their homework or research papers written by the software. "Rather, I think that we should ask ourselves, what chances are presented us with such AI systems?"

Researchers in general advocate how AI can expand – possibly even promote – our competencies, and not limit them. "This means that in the area of education I must also ask myself – as perhaps was the case 30 years ago with pocket calculators – how can I shape education with AI systems like ChatGPT?"

Data privacy concerns

All the same, concerns remain about data security and protecting data. "What can be said is that ChatGPT takes in a variety of data from the user, stores and processes it and then at a given time trains this model accordingly," says Christian Holthaus, a certified data protection expert in Frankfurt. The problem is that all the servers are located in the United States.

"This is the actual problem – if you do not succeed in establishing this technology in Europe, or to have your own," Holthaus said. In the foreseeable future there will be no data protection-compliant solution. Adds Stock-Homburg about European Union data protection regulations: "This system here is regarded as rather critical."

ChatGPT was developed by OpenAI, one of the leading AI firms in the US. Software giant Microsoft invested US$1bil (RM4.25bil) in the company back in 2019 and recently announced plans to pump further billions into it. The concern aims to make ChatGPT available to users of its own cloud service Azure and the Microsoft Office package.

"Still an immature system"

Stock-Homburg says that at the moment ChatGPT is more for private users to toy around with – and by no means something for the business sector or security-relevant areas. "We have no idea how we should be deal with this as yet still immature system," she said.

Oliver Brock, Professor of Robotics and Biology Laboratory at the Technical University Berlin, sees no "breakthrough" yet in AI research. Firstly, development of AI does not go by leaps and bounds, but is a continuing process. Secondly, the project only represents a small part of AI research.

But ChatGPT might be regarded as a breakthrough in another area – the interface between humans and the internet. "The way in which, with a great deal of computing effort, these huge amounts of data from the internet are made accessible to a broad public intuitively and in natural language can be called a breakthrough," says Brock. – dpa    

By Oliver Pietschmann, Christoph Dernbach

Source link

 

Related posts:

 

  H ow Scientists Predict Where Earthquakes Will Strike Next The pair of earthquakes that hit Turkey and Syria this week left the region .
 
  OpenAI, which Elon Musk helped to co-found back in 2015, is the San Francisco-based startup that created ChatGPT. The company opened Ch...
 

 Microsoft is rolling out an intelligent chatbot to live alongside Bing’s search results, putting AI that can summarise web pages, synthesis...

Monday, 7 November 2022

China's cyberspace whitepaper highlights cooperation, 'fundamentally different' from US' proposition

 

 cyberspace Photo:VCG 

China's State Council Information Office issued a white paper titled "Jointly Build a Community with a Shared Future in Cyberspace," which is fundamentally different from the US' earlier release "Declaration for the Future of the Internet," as China advocates that cyberspace is the common home of humankind instead of creating division and confrontation by ideology.

The Office released the white paper during a news conference on Monday morning in Beijing, which introduces the achievements of China's Internet development and governance practices over the past decade and puts forward the Chinese proposition of building a community with a shared future in cyberspace.

As problems of unbalanced development, unsound rules and unreasonable order in the cyberspace are becoming increasingly prominent and cyber hegemony poses a new threat to world peace and development, effective solutions and joint efforts are needed to address the problems, officials said.

China's white paper is fundamentally different from the US and its partners' joint release "Declaration for the Future of the Internet," said Qi Xiaoxia, director general of the Bureau of International Cooperation of the Cyberspace Administration during Monday's news conference.

The "Declaration for the Future of the Internet" attempts to impose its own standards on others, draw ideological lines in the cyberspace, draw "small circles," create division and confrontation and violate international rules, Qi said. These actions have seriously undermined the unity of the internet family and affected the stable development of the global internet.

In the US' vision, it has abandoned multilateral platforms such as the UN and is keen to form various exclusive cliques instead, in an attempt to draw ideological lines and undermine the global rules of Internet governance by touting its unilaterally-defined principles, trying to create an exclusive bloc in the name of democracy, Chinese Foreign Ministry spokesperson Zhao Lijian said in May.

Instead, China advocates openness, cooperation, tolerance and mutual understanding, he said.

"We believe that cyberspace is the common home of humankind, and that the future of cyberspace should be in the hands of all countries in the world, not by a single country or a few countries."

China advocates that the UN play the role of the main channel in the international governance of cyberspace, and that the international community adhere to the principles of common consultation, construction and sharing, strengthen cooperation and jointly develop international rules for cyberspace, Qi said.

China is willing to deepen cooperation with countries around the world, promote the reform and construction of the global internet governance system, she said.

However, contrary to China's vision of mutual benefit, there are many restrictions on the development of Chinese companies in some countries while they are actively exploring the international market.

"Chinese enterprises have carried out international research and development cooperation, and provided a large number of safe, reliable, high-quality and inexpensive products and services to the world, which are widely welcomed," Qi said.

"Chinese enterprises have actively fulfilled their corporate social responsibility and provided a large number of employment opportunities for the countries and regions where they operate."

Qi pointed out that the reason is clear for the development restrictions of some Chinese enterprises including Huawei in overseas market.

"On the pretext of 'national security,' certain countries have abused export control measures to maliciously block and suppress Chinese enterprises, which undermines the legitimate rights and interests of Chinese enterprises and causes serious disruptions to the stability of the global industrial supply chain," she said.

The Chinese government opposes politicization of technical issues and abuse of state power to suppress and curb other countries' enterprises by any means in violation of market economy principles and international economic and trade rules, said the white paper.

Besides, Qi denied that China's cybersecurity build-up would affect foreign companies' operations in China.

"Such worries are totally unnecessary," Qi said, responding to a question raised by a foreign reporter. "What is foreseeable is that China's open door will only get wider."

Data show that the number of foreign-funded enterprises in China has exceeded 1 million, which shows that foreign enterprises are very confident in China's business environment. The Chinese government has always been committed to creating a market-oriented, rule-of-law business environment, encouraging more enterprises to operate and develop in accordance with the law, and treating both Chinese and foreign enterprises equally, Qi said. 

Source link

RELATED ARTICLES
 

 Related posts:

 

  Mengtian lab module successfully launched. Graphic: Xu Zihe/GT China Space Station completes T-shape basic structure assembl...
 
  GPS / China says BeiDou navigation satellite system is completely function now      Live: China issues The White Paper on China's Be...

Tuesday, 2 August 2022

Scammers getting smarter now and so should we

 

 

Scammers keep getting bolder and bolder with their extortion methods. From impersonating landlords to illegal debt collection tactics, there is no shortage of ways scammers will try to separate you from your money. Be aware of these five red flags when getting on the phone, checking your email, or using social media. This can help you avoid getting trapped in a conversation with a scammer in the first place.

 

Whether it’s through email, text, phone calls or direct messages, scams seem to be everywhere on the internet. Not all scams are obvious and many specifically target small business owners. Learn how to recognize a scam, protect your business and know what to do if you become a victim of a scam.


Being forearmed with knowledge is key to not falling prey to well-trained scammers

 Arm yourself with knowledge to identify a swindler

RIGHT before my eyes, I witnessed my friend falling for a classic Macau scam over the phone.

The call from a “government official” had him hooked. Frantically, I gestured to my friend to end the call but he was like a man possessed.

Someone on the other end of the line, claiming to be a government official, informed my worried friend that he had been implicated in a crime of sorts and the only way to escape the consequences was to transfer his money into a “safe account”.

After 45 minutes on the phone, he sent RM5,000 to one such bank account, and this happened on his pay day!

Recalling the incident, my friend said the caller was so convincing and believable that it was hard to cut the line.

This incident came to mind when the long arm of the law finally caught up with Tedy Teow, the founder of MBI (Mobility Beyond Imagination) well-known for its superlative money-making scheme.

He was detained in Thailand about a week ago and is believed to be wanted for questioning over several money-laundering cases in a few countries.

From what I could tell, the news failed to generate much interest on the ground, especially in Penang where the scheme used to have a large number of followers.

It could be that many of his victims were resigned to the fact that their money was as good as gone, even though Teow got arrested.

I have many acquaintances who put money into MBI. A few earned some returns. Most did not.

Now, it is “successful” Macau scams that are dominating the chatter in coffeeshops, offices, watering holes and messaging groups.

Indeed, teachers, engineers, doctors and even a politician were among the prized scalps of these so-called officers from banks or government and law enforcement agencies.

In May, a businessman from Port Dickson with a net worth of over Rm100mil lost a record Rm21mil in one such scam after he allegedly revealed his bank Transaction Authorisation Code (TAC) numbers to a “bank official”.

A sizeable number of scam victims were retirees who lost their hard-earned savings.

As pointed out in one news report, these scammers actually go through a month-long boot camp conducted by professional trainers before they are sent out for con jobs.

Psychology, negotiation skills, the art of persuasion, they learn it all.

They go through gauntlets of role-playing, with one being the “victim” and the other the scam caller, all under the watchful eyes of the trainers.

It has become challenging these days for lawmen to outfox the syndicates which have members even sitting for exams before being certified competent enough to man scam call centres.

And now we hear of increasing cases of dubious bank transfers: money being unknowingly transferred out of savings and fixed deposit accounts after victims were said to have downloaded phone apps.

Protect yourself by not downloading apps from dubious sites!

Then there are the online lovers to whom the lonely give their money even though they have never met face to face.

For those not in the know, this actually happens gradually.

First, the amounts asked for are small. These are quickly returned with a small but appreciable profit. Only after trust is established will the scammer ask for the big amounts.

The situation has never been more urgent as there are still victims who fall prey to such tactics almost on a daily basis.

If you get a call from a scammer, stay calm and rightfully hesitate when asked to reveal your personal banking and user login details.

In the course of a true fraud investigation, government and law enforcement agencies will not transfer calls among themselves. Bank Negara will not transfer your calls to Bukit Aman and vice versa, and never call back the number that was given.

Remember, the police will never threaten to arrest you over the phone; they prefer to do it face to face.

And if it’s a pre-recorded message, just hang up.

Most importantly, if you are a law-abiding citizen who has done nothing wrong, there is indeed nothing to fear. 

By TAN SIN CHOW

sctan@star.com.my
              
 
Related posts:
 
CLICK TO ENLARGE Entrepreneur, philanthropist, get-rich-quick ‘hero’ wanted in M’sia and China He lorde