Connect with us

NEWS

Strengthening ICT supply chain resilience is everyone’s business

December 13, 2021 2:22 p.m.

By Genie Sugene Gan, Head of Government Affairs, Asia-Pacific, Kaspersky

NotPetya, WannaCry, ShadowPad, and Sunburst may or may not be household names, but these malware, and many more, have unleashed significant harm on the world.

Recently, one such instance of malware was used to attack an IT services company based in Dublin, which supplies security software to scores of large cybersecurity contractors. Working through the company, hackers infected hundreds of its clients worldwide with ransomware, and demanded USD 50,000–5 million from each business in exchange for the decryption key.

Earlier this year, another attack hit an American IT software company, and subsequently infiltrated nine U.S. federal agencies, including the Office of the President, and the Treasury and Commerce Departments.

What these attacks have in common is their modus operandi: hackers targeted software vendors or IT companies to gain backdoor access to their clients’ systems, infecting hundreds and thousands of systems in one go.

This is perhaps how “supply chain” got its name – each part of the process stream is inevitably linked to another. When one part gets affected, a domino effect soon follows. 

The Problem 

ICT supply chain cyberattacks are on the rise – the European Union for Cybersecurity estimates a four-fold growth in attacks in 2021 compared to 2020. The risk is compounded as vulnerabilities can be introduced at any phase of the ICT life cycle: from design – through development, production, distribution, acquisition and deployment – to maintenance.

The impact of these breaches is also set to grow, given the increasing interconnection of IT systems across organizations, sectors and countries. In a 2019 survey by Gartner, 60% of organizations reported working with more than 1000 third parties.

Upon successful infiltration, cybercriminals enjoy free rein to conduct cyber espionage, steal data and intellectual property, or extort money through ransomware attacks, which have been on the rise. From 2019 to 2020, the number of Kaspersky users encountering targeted ransomware – malware used to extort money from high-profile targets such as corporations, government agencies, and municipal organizations – increased by 767%.

While the impact on governments and enterprises may feature more prominently, the wider public is not spared. An attack on a grocery chain could force the temporary closure of scores of supermarkets, or a virus may be unleashed on millions of PC users through a software update (as, for example, occurred in the ShadowHammer3+1 attack, which Kaspersky detected and promptly mitigated in 2019). Taking it further, the compromise of systems providing healthcare or public utilities may disrupt the provision of these essential services. And these are the very day-to-day things that affect individuals like you and me. 

Early Responses

Recognizing the risks and impact of supply chain cyberattacks, more countries are taking action. Since 2020, national cybersecurity strategies were either released or updated across Asia-Pacific, including in Singapore, Malaysia, Australia and Japan. Other countries, like Vietnam, India and Indonesia, are soon expected to release their own national strategies or implementation details too.

But when it comes to ICT supply chain resilience, the solution is more complex in view of the multitude and range of stakeholders involved. Some governments have intervened, with a focus on protecting the ICT supply chains of Critical Information Infrastructure (CII):

  • In 2018, the U.S. Department of Homeland Security established the ICT Supply Chain Risk Management Task Force, a public-private partnership to develop consensus on risk management strategies to enhance global ICT supply chain security. The Task Force has released guidelines on the sharing of supply chain risk information, and risk considerations for managed service provider customers.
  • The Australian Cyber Security Centre also published guides this year for businesses to identify cybersecurity risks associated with supply chains, and to manage these risks.
  • The Cybersecurity Agency of Singapore announced that it will shortly launch a CII Supply Chain Programme for stakeholders to adhere to international best practices and standards for supply chain risk management.

The Way Ahead

The global nature of ICT supply chains necessitates a stronger, coordinated response at every level.

Globally, countries and International Organizations (e.g., INTERPOL, the UN, ASEAN, Europol) have taken steps to tighten cooperation and share best practices:

  • Multilateral platforms – Today, the United Nations Group of Governmental Experts and Open-ended Working Group are platforms that can be used by countries to develop consensus around cyber processes and norms. Conferences such as the UN Internet Governance Forum provide further opportunities to discuss at the working level: in 2020, Kaspersky together with our partners organized a workshop to discuss the need and ways to develop assurance and transparency in global ICT supply chains.
  • Bilateral partnerships – Countries around the region, including Vietnam, India, Japan, Singapore, China and South Korea, have committed to MOUs on various aspects of cybersecurity – an important step in making progress domestically and globally.

While each of these platforms plays an important role in building consensus, exchanging knowledge and best practices, and harmonizing standards, moving forward, it is imperative to have more targeted conversations on global ICT supply chain resilience, given the wide-ranging types of actors and impact involved globally.

Nationally, governments must continue to drive nationwide efforts to establish a baseline level of cybersecurity across sectors through laws, regulations, guidelines, training requirements and awareness building. The examples above provide a sense of some of the measures undertaken by governments. 

Given the integrated nature of ICT supply chain resilience, there is a particular need to develop core principles (e.g., security-by-design), technical standards and legislative/regulatory frameworks to ensure a consistent level of cybersecurity and accountability across stakeholders. Self-assessment tools can also be published in addition to facilitate implementation.

Individually, everyone is responsible for ensuring our collective cybersecurity. Naturally, businesses that develop products and maintain systems must lead the way. 

At Kaspersky, we believe that transparency in the components within and connections across software supply chains is the best way to ensure the integrity and trustworthiness of our digital infrastructure. Our commitment to this principle is evidenced by our Global Transparency Initiative, where, among other things, we: 

  • Welcome third parties to review our source code. More recently, we made it easier for our partners and the public to understand what is inside our products by providing a software bill of materials – a list of all the components, information about them, and the relationships between them. 
  • Practice responsible vulnerability disclosure, and have on many occasions, alerted IT companies regarding vulnerabilities in their systems, averting several potentially significant cyberattacks.

Cybersecurity is everyone’s business because our collective cybersecurity is only as strong as that of the weakest link among us. To remain ahead of the game, a holistic approach involving all stakeholders is required. We must look beyond playing catch-up and reacting to cyberthreats. It is imperative to take a long-term approach in designing the cybersecurity ecosystem, which includes building a strong talent pipeline to meet the needs of CERTs, forensic analysis teams, and IT departments, and designing CII that is secure-by-design. 

The ideas above are by no means an exhaustive list, but hopefully, they provide an idea of where to begin – together – in view of the long way that lies ahead of us.

NEWS

Niantic, NBA, NBPA team up for NBA All-World

June 29, 2022 7:31 p.m.

NEW YORK — Niantic announced a partnership with the National Basketball Association and the National Basketball Players Association to create an original augmented reality mobile game: NBA All-World. 

NBA All-World is a first-of-its-kind game that will place NBA fans into the real-world metaverse.  

NBA All-World is a free-to-play officially licensed geolocation basketball game where players can find, challenge, and compete against today’s NBA ballers in their neighborhoods, then recruit them to their team before proving themselves on the court.  

“NBA All-World represents an industry first in sports games, as an original, real-world AR game that will appeal to casual and core NBA fans alike,” said Marcus Matthews, Senior Producer at Niantic. 

“We’re creating and designing a game that empowers players to represent where they’re from and showcase the culture of their neighborhood.” 

“Through our partnership with Niantic, NBA All-World will provide fans across the globe the opportunity to fully immerse themselves into the energy and excitement of the NBA,” said Matt Holt, Head of Consumer Products at the NBA. 

“Evident in the name of the game itself, we look forward to engaging with our fans around the world through this captivating experience.” 

“NBA-All World gives us the opportunity to bring NBA players into Niantic’s real-world metaverse, opening up paths for fans to interact with them in a new way,” said Josh Goodstadt, EVP of Licensing for THINK450, the innovation engine of the NBPA.

“Niantic has proven experience building games that encourage engagement in local communities, and having our players integrated into NBA All-World adds to that immersion.” 

Additionally, NBA All-World will embrace the fashion of the NBA, with users having the ability to outfit players in the game with custom apparel.  

Players can sign-up to be notified when NBA All-World is available in their country by visiting NBAAll-World.com. 

Those who sign up will be able to experience an exclusive All-World AR web experience and be the first to be notified about securing their codename for global launch.

Continue Reading

NEWS

8 facts about foodpanda on its 8th birthday in PH

June 28, 2022 8:23 p.m.

Thanks to online food and groceries delivery services, getting your food is so much easier now. With platforms like foodpanda, you can order instantly and enjoy a delicious meal within minutes. And nothing beats the excitement of getting a call from a Kuya or Ate Ka-Panda rider/biker/walker to tell you that your order has arrived.

As the leading quick commerce digital platform, foodpanda lets you order from your favorite restaurants and shops offering a wide variety of choices – meals, snacks, groceries, and other daily essentials. With 8 years of delivering food and more in the Philippines, life would never be the same without our favorite pink panda brand that has captured the hearts (and tummies!) of many Filipinos. But aside from satisfying your cravings, your curiosity will also be captured by these mind-blowing facts about the country’s go-to online food and groceries delivery app.

As foodpanda turns 8 this year, we’re treating you to some interesting trivia that you probably don’t know about them yet. 

  1. From orange to pink

                     

If anything, foodpanda is best associated with their logo – the pink panda. But you’d be surprised to know that it was originally orange before they made the switch to pink, back in 2017. The fuschia-pink look is definitely a lot of fun, and clearly shows that foodpanda is ever-growing, expanding, and not afraid to take that big leap to cater to all of your food needs.

  1. Leadership at a crucial time

Transitions are hard enough to begin with, but to do it at the most crucial of times would require exceptional skills – one that Daniel Marogy, managing director of foodpanda Philippines, proved to have when he joined the team a day before the lockdown. “That was a very challenging time for me, but it was made bearable because of the competitive foodpanda team led by very compassionate leaders and dedicated team members who helped me steer the ship in the right direction,” shares Dan.

  1. Revolutionizing  the food delivery space

foodpanda was the first online delivery service in the Philippines to house all of your favorite restaurants in an app and deliver food right at your doorstep with just a few taps on your mobile phone. Before foodpanda, do you remember how you would collect delivery hotline numbers, so you know who to call when ordering food? Or how frustrating it is that some of your faves are not available for delivery? Now, Ka-Panda riders not only deliver the meals you’re craving, but so much more – you can shop for groceries from pandamart, pick-up your ordered food if you’re in the area, or enjoy exclusive discounts for dine-in offers from their restaurant partners.

  1. Putting the digital in digital delivery

It’s called quick commerce for a reason because in as fast as 30 minutes or even less, your order is already at your door. The reason behind this fast delivery service, aside from having a massive fleet of riders, bikers, scooter-riders and even walkers, is that foodpanda pioneered the use of internet connection to their vendors. Prior to that, other online food delivery services had to manually use fax and call center agents to relay the orders to the restaurants, so imagine how long it would take. As the first one to automate the ordering process, they definitely transformed the way online food deliveries work so your food will be delivered still hot and fresh – just the way you like it.

  1. Shining the spotlight on “dark” kitchens…

The term ‘dark kitchen’ might sound a bit scary, but a delivery-only restaurant is all there really is to it. It means these food brands do not have physical stores; just take-out outlets designed to deliver only. For foodies who are tired of eating from the same restaurants, you might want to try foodpanda’s concept brands for your next meal. They are present in key cities in Metro Manila and the North Luzon area. (Extra fun fact: some of these brands are created by foodpanda so you can only get it exclusively from their platform).

  1. You can never go wrong with pizza and burger!

Any time is pizza and burger o’clock. It’s probably why these two fast-food staples hold a special place in foopanda’s 8-year journey in the country. The very first order to be placed in the app is none other than everyone’s OG snack, pizza, while topping the order list in the app are burgers.  As the leader in the online food delivery marketplace, foodpanda continues to offer food items that will meet the fast-paced lifestyle and current needs of their consumers.

  1. Employee #1 is still with them

Kristine Luneta, who is part of the Commercial team, currently holds the title of foodpanda’s longest-tenured employee. Like the company, she is also celebrating her 8th year anniversary with them as their employee #1. When asked what made her stay for that long, Kristine shared, “I am drawn to how progressive the mindset is and how connected the people are.”

  1. FP = For the People

Making a difference in the community is also part of the company’s advocacies. One of the many initiatives they do to nurture and help the communities they serve is the ‘BuyAnihan Palengke’ program, aimed at assisting enterprising Filipinos become resellers of fresh produce sourced directly from local farmers. To date, more than 10,000 kilograms of fresh produce have been sold to consumers at an affordable price through various partnerships with local government units since the program was launched last year. Watch out for their next food bazaar exhibit to get your stash of fresh fruits and vegetables.

For 8 years, foodpanda has been a prominent presence in the digital food space in the Philippines – and they vow to continue deliver food, groceries, and more for many years to come. Celebrate with foodpanda’s Pau-tastic birthday: be on the lookout for surprises and announcements for special treats made just for you!

Continue Reading

NEWS

Hamilo Coast: Nurturing nature for 15 years and beyond

June 27, 2022 1:35 p.m.

The current rate at which individuals observe sustainability practices is far from halting climate change.

Whether it is reducing the use of disposable items or saving more energy, environmentally conscious activities will only yield significant results if everyone is “cast in the same mold,” so to speak.

That said, high-impact global sustainable development lies within the responsibility of the government and large organizations—conglomerates among them.

Understanding such a role, SM Prime Holdings, Inc., one of the largest integrated property developers in Southeast Asia, has incorporated its sustainable practices in its developments early on. 

Through SM Prime’s Costa Del Hamilo Inc., a leader in the leisure resort industry and the movers behind Hamilo Coast – this premium seaside complex in Nasugbu, Batangas, fosters a tangible connection with nature.

Marking its quindecennial year, Hamilo Coast looks back at its milestones and achievements with its core emphasis on sustainable development. 

“Sustainability has been at the forefront of our vision in providing a resort lifestyle. We strive to practice both environmental and social sustainability in our operations through our partners and commnunities,” Franklin M. Bolalin, Assistant Vice President for Hamilo Estate Management, said. 

Disaster risk reduction

Every year, the country deals with an average of 19 typhoons, with some often resulting  in damages to properties and loss of life. 

Coastal defenses such as seawalls and breakwater structures are often implemented to resist storm surges. In the case of Hamilo Coast, mangrove trees are the key.

Hamilo Coast’s 100,000 square-meter or equivalent to 10 hectares mangrove belt is one of the largest mangrove areas in the municipality.

The sustainable beach resort town has since planted 50,000 mangrove propagules, protected hand-in-hand with the conservation organization World Wide Fund for Nature (WWF) Philippines.

Biodiversity conservation

Apart from disaster mitigation, mangrove trees also benefit the climate by absorbing greenhouse gases (GHGs) and carbon dioxide.

This capacity nurtures the ecosystem and biodiversity in the area, providing habitat for a wide array of species.  

Hamilo is home to rich marine life and abundant flora and fauna. 

Its conservation programs and various sustainability initiatives have nurtured and conserved its precious biodiversity. 

There are about 96 various bird species found at the estate. Among these bird species are the rough-crested Malkoha and the Philippine eagle-owl.

From growing local plants to conducting regular coastal clean-up drives, coastal resource conservation initiatives are active in Hamilo Coast. With the help of WWF, they can increase their fisheries’ biological capacity and monitor their Marine Protected Areas (MPAs)—the Pico de Loro, Etayo and Santelmo coves which are among the three MPAs for Costa Del Hamilo’s Sustainable Development Project. 

Hamilo has been working with WWF since 2007 monitoring the health and viability of Hamilo Coast area. 

In recognition of its conservation efforts, Hamilo Coast was cited by the World Wide Fund for Nature as its longest Sustainability Partner in 2020.

“Over the years, our partnership with SM significantly contributed to the impact we are making in our work in Hamilo Coast. From liquid waste and coral monitoring, to our present work on integrated waste management and food sheds, we hope that this continuing partnership would help us realize our vision of making Hamilo a holistic model of sustainability”, says Katherine Custodio, WWF-Philippines’ Executive Director.

Green buildings development

The path towards a sustainable future is paved with many interventions, including zero waste, dematerialization, zero emissions and resource efficiency practices.

For its part, Hamilo Coast makes its intention to be a premiere sustainability community possible by making sure its buildings are designed with the environment in mind.

Some of the estate’s facilities are powered by alternative sources of energy. For example, its lamp posts use solar power more than traditional ones to function.

Natural lighting and ventilation are also noticeable in some of its residential areas, which benefits the environment as well as its tenants. Additionally, Hamilo Coast implements a solid waste management plan that consists of recovery of materials and vermicomposting, among others.

Sustainable living

At Hamilo Coast’s core is how a distinct beachfront home can harmonize with its surrounding environment.

As people crave for a more relaxed environment, closer to nature and the outdoors amid a work-from-home setup pushed by the ongoing pandemic, Hamilo homes give access to invigorating landscapes, coves to explore and the calming sea. 

Fifteen years later, Hamilo Coast has surpassed its reputation as a weekend respite.

It is now one of the best settlement options for people looking to live the coastal life in a sustainable community. 

Continue Reading