Eyes on APAC

August 24, 2017  8:30 AM

Emerging Asia most vulnerable to malware

Aaron Tan Aaron Tan Profile: Aaron Tan

Bangladesh and Pakistan have the highest malware encounter rates around the world, followed by two other countries in the ASEAN region – Cambodia and Indonesia, according to Microsoft’s latest Security Intelligence Report.

That those countries were most susceptible to malware is hardly surprising, given their high software piracy rates. About one in four PCs running Microsoft security products in these emerging economies reported a malware encounter from January to March 2017.

Myanmar, Nepal, Thailand and Vietnam did not fare any better. Each of those countries had an average malware encounter rate of over 20% during the first quarter of 2017, more than double the global average of 9%.

Developed Asia-Pacific markets with more mature IT practices – like robust and effective patch management processes – such as Australia, Hong Kong, Japan, New Zealand and Singapore did better than the worldwide average.

Among developed economies, Japan did the best, having been ranked the “safest country in the world” with just 2% of its PCs infected by malware, according to Microsoft

In spite of the high malware infection rates among developing APAC countries, the region curiously suffered the least damage in the recent WannaCry and Petya ransomware attacks.

Microsoft said the attacks were disproportionately concentrated in Europe while most in Asia were not too heavily impacted.

The software giant did not offer answers to why this was the case. Experts have suggested that in the WannaCry incident, Asia walked away relatively unscathed because the malware only started spreading on Friday in Europe, which was early Saturday morning in Asia when most businesses were offline.

According to Malwarebytes’ Jeff Hurmuses, the threat was further contained by the ransomware’s kill switch that was discovered by a 22-year-old in southwest England.

What can businesses do to combat the upward trend in malware in developing Asia? Short of sounding like a broken record, this includes keeping systems updated and patched, maintaining basic cyber hygiene like using strong passwords and two-factor authentication, as well as implementing user access controls.

With three in five pirated software CDs and DVDs sold on the streets in developing Asia plagued with malware, governments can also do their part to reduce software piracy in their countries by implementing and enforcing a strong intellectual property protection regime, which can also spur economic development and innovation, beyond combating malware.

August 18, 2017  3:16 AM

Australia’s national recycling scheme is role model for the region

Aaron Tan Aaron Tan Profile: Aaron Tan

Australia has always been ahead of the curve – at least in the Asia-Pacific (APAC) region – when it comes to recycling of electronics goods. While most APAC countries are still coming to terms with green practices, Australia has had its National Television and Computer Recycling Scheme (NTCRS) since 2011.

The NTCRS, established under the Product Stewardship Act, has been a tremendous success. Under the scheme, manufacturers and importers are required to fund the collection and recycling of a proportion of TVs, printers, computers, computer parts and peripherals disposed of in Australia. Over 900 collection points have been set up across the country, with jobs being created and supported in the recycling and logistics industries.

So far, about 184,500 tonnes of e-waste have been recycled, with a compliance rate of 99% by manufacturers and importers. This volume already exceeds the recycling levels achieved by the European Union, even with the proportion of e-waste to be recycled set at about 30% during the initial years, through to 50% in 2015-2016. This figure was increased to 58% in 2016-2017.

Despite the success of the NTCRS, the Australia and New Zealand Recycling Platform (ANZRP), the company set up and funded by the industry to manage the recycling scheme, has raised concerns that the growing recycling targets would not be met.

In a whitepaper published this week, the ANZRP said the methodology used to calculate the amount of e-waste does not account for the fact that not all electronic goods will end up being recycled. Some may be exported for sale and reuse outside Australia, while a proportion may go to other parties that offer cheaper waste management options such as landfills, for which no levy is imposed in Australia.

ANZRP’s whitepaper is a fascinating read for policymakers across the region, where people are glued to their smartphones and other mobile devices that have become an indispensable part of their lives. Not only does it offer insights on the thinking behind Australia’s efforts to go green, it also highlights the importance of consumer education, which the ANZRP has singled out as one of the barriers to more widespread recycling.

Apart from Australia, New Zealand and a handful of East Asian countries such as Japan, most other APAC countries have not passed product stewardship laws that mandate the recycling of e-waste. ANZRP’s whitepaper and the policy discussions surrounding the NTCRS are timely reminders for these countries to do more to recycle the heaps of e-waste being churned out each day.


August 8, 2017  9:38 AM

Digital engagement critical as football clubs look to grow APAC fan base

Aaron Tan Aaron Tan Profile: Aaron Tan

With just days before the English Premier League (EPL) kicks off, legions of football fans in Singapore can once again cheer for their favourite teams in pubs and homes across the city-state.

The exact number of EPL fans in Southeast Asia is unknown, but going by regular visits by top clubs like Liverpool, Manchester United, and more recently Chelsea, during off-season months, the region is set to be an increasingly important market for the EPL.

But how can football clubs keep fans located over 6,000 miles away engaged? The answer, as you may guess, is to go digital.

At a recent event in Singapore, Stefan Mennerich, the director of IT at German super club FC Bayern München, said going digital was the only way for the club to reach out to its global fan base.

Stressing the importance of digital fan engagement in growing the club’s revenues, Mennerich said Bayern München has partnered German software giant SAP to deliver targeted content to a global supporter base in a bid to turn fans into loyal customers.

“The challenge is to get the attention of our fans,” he said. “And that means we should only give them the offers they expect.”

If Bayern München gets its way, fans at its home turf at Allianz Arena in Munich will also be able to order merchandise, such as jerseys, during a game and receive the goods on the way to their cars, Mennerich said.

Another way to engage fans is through quizzes. In September 2016, Bayern München and SAP launched an interactive quiz at a club exhibition where fans can test their knowledge of the club’s history. The data – which includes statistics on games, goals and trophies won over 116 years – for the quiz was analysed using SAP’s Hana in-memory database platform.

More clubs should take a leaf from Bayern München to engage their fans better. For now, not every EPL club has an app and even if it has one, the app isn’t always available globally. Liverpool, for example, has a mobile app but the app is curiously out of reach to fans in the Asia-Pacific region.

With more European clubs looking for revenues – and new owners in some cases – overseas, having a digital engagement strategy is the only way to connect with their fans and realise their global ambitions.

August 3, 2017  8:31 AM

China does not need VPNs to innovate

Aaron Tan Aaron Tan Profile: Aaron Tan

During the conference call on Apple’s third-quarter earnings, CEO Tim Cook touched on the company’s decision to pull out VPN (virtual private network) apps from its China app store.

The reason: Apple had to follow the rules in markets it operates in – and that includes China, a brutally competitive market that has proven to be something of a Pandora’s box for US-based companies.

Cook had said Apple would rather not remove the apps, and was hopeful that over time, the restrictions will be loosened “because innovation requires freedom to collaborate and communicate”.

No one better understands this than China does. In How China’s Leaders Think, Robert Kuhn, an investment banker who has advised the Chinese government, says China’s leaders know that free access to information is critical for technological advancement and competitive success.

“On the other hand, they worry about potentially disruptive consequences of such free access which can deliver malicious, salacious and seditious information,” Kuhn says.

“Hence the dilemma: restrict information and retard progress? Or remove restriction and risk instability?” he adds.

The Chinese government has clearly decided that the risk of instability is going to be higher in a rising superpower of over 1.3 billion people that’s still in the process of moving to a market-based economy. This transition could be tumultuous, if restrictions on access to information were not in place.

China has shown that it does not need the Googles of the world – and VPNs for that matter – to be in China to provide the means to collaborate and communicate, in order to foster the innovation it needs to succeed.

Chinese companies are already doing a great job, and in some cases, even delivering innovations that have eclipsed that of their Western counterparts.

Just look at Tencent with its ubiquitous WeChat platform used by almost 900 million Chinese for almost anything from ordering food at restaurants to hailing a ride, and Alibaba’s Hema stores that combine the best of online and offline shopping.

These Chinese companies make Facebook, WhatsApp and Amazon look outdated. And they have done so while staying behind the Great Firewall of China.

July 28, 2017  7:58 AM

How Singapore’s central bank turns big data into smart data

Aaron Tan Aaron Tan Profile: Aaron Tan

As a central bank, industry developer and regulator, the Monetary Authority of Singapore (MAS) relies on a broad set of transactional, behavioural and social media data to craft policies and drive the development of Singapore’s financial industry.

MAS’s challenge, however, is not about the availability of data, but how to collect data in a way that’s scalable and makes sense so it can be effective in fulfilling its mission.

David Hardoon, its chief data officer, says the answer lies in smart data.

But what is smart data? To Hardoon, who spoke at the Chief Data and Analytics Officer Singapore conference earlier this week, smart data has several attributes. First, it is data that has intrinsic value, and contributes to an organisation’s key performance indicators.

Second, smart data needs to have a certain quality so that it can be trusted by people, Hardoon says, emphasising the importance of data governance. “If you do not have trust in what’s happening with the data, you may think that things are not true or accurate.”

Hardoon says the MAS has put in place data governance processes through automation, which is all “about taking processes and routines to ensure that data is at a level that we can trust.”

Once that has been established, MAS then looks at suitable methodologies that can used to make sense of that data, whether it’s deep learning or machine learning in both supervised and unsupervised forms.

Hardoon also touched on the accuracy of data, which he says is “entirely irrelevant” and needs to be contextualised.

“If you don’t a baseline for data accuracy and you move to 65% accuracy which has helped to improve customer satisfaction and efficiency, do you really care about 65% accuracy?,” he quipped.

“Just because we have shifted to a data-driven, statistical world doesn’t mean we need to have 90-95% data accuracy.”

To Hardoon, smart data also means building data models that can be generalised and applicable not only to specific instances. “What we build can’t just be a one-hit wonder. It must have generalisability and robustness,” he says.

Finally, smart data should be interpretable, which means an organisation needs to know why and how a data model works. Hardoon says to many people, a data model may seem like a black box, but when something untoward happens, somebody needs to know why.

July 21, 2017  2:40 AM

Australians ready for IoT and AI in e-payments

Aaron Tan Aaron Tan Profile: Aaron Tan

Over a quarter of Aussies are now ready to use an internet-connected device, like a virtual assistant or connected fridge to make payments on their behalf, according to a new YouGov study commissioned by payment technology company Visa.

In September 2016, just 12% said they would do so, underscoring the growing adoption of digital payments in the largely tech-savvy nation.

Stephen Karpin, Visa’s group country manager in Australia, New Zealand and South Pacific, believes that internet of things (IoT) devices and biometric technology, combined with the use of artificial intelligence (AI), will also deliver more personalised experiences for consumers.

But this experience must be seamless for consumers. As futurist Anders Sorman-Nilsson notes, consumers will only use connected, AI-enabled devices to pay if the experience is easy, seamless and secure.

Many of the new payment methods are enabled by the use of biometrics as authentication – the most common example of this being the fingerprint scanner on a smartphone.

More than half of respondents surveyed by YouGov said they are comfortable using their thumbprint, voice or retina for payment.

According to the research, the appeal of biometrics is that it is more secure (45%), and that not having to remember a PIN/password (40%) is driving consumer adoption and readiness.

But while consumers are keen to embrace biometric authentication, less than half (39%) of respondents are willing to share their personal information in exchange for convenience in payments.

Karpin says this hesitance to share personal information in exchange for convenience is an important insight. “At Visa, we believe in responsible innovation – that is, ensuring that security is built in from the start and that no new technology or capability comprises the integrity of the payments ecosystem,” he says.

But it’s not just about making the entire payments ecosystem more secure. Concerns over the privacy of personal information can only be addressed if consumers know what their personal information is used for and how they are being protected.

Australia already has privacy laws that govern the collection and use of personal information and the regulations have been beefed up over the years to provide stronger enforcement powers.

Merchants will need to play their part, too, not only by playing by the rules, but to also understand that privacy protection can be a competitive advantage and a business opportunity – and not a cost centre as some might believe.

July 12, 2017  4:47 AM

Silicon photonics to feed growing appetite for bandwidth

Aaron Tan Aaron Tan Profile: Aaron Tan

Belgium-based research institute IMEC has developed a platform that uses silicon photonics in high-speed optical links to support the growing bandwidth needs of cloud datacentres.

According to IMEC, which is holding a technology forum in Singapore in September 2017, the most advanced cloud datacentres are currently using optical links and transceivers with a capacity of 100Gbps. By 2019, this is expected to increase to 400Gbps, followed by 1.6Tbps by 2022.

This increase in demand for bandwidth requires a rethink of optical link technology. Not only do these links need to support a range of at least 500 meters, they also need to be made at a lower cost and in greater quantities.

In recent years, there has been growing interest in the use of silicon photonics to produce optical components for data links.

“The big benefit of this technology is that the optical components can be produced using the same advanced devices with which microchips are also made,” IMEC said.

“This makes silicon photonics components relatively cheap. Better still, they make a high integration density possible, while consuming less energy and guaranteeing a high yield,” it added.

According to 451 Research, the technology will also have a clear impact on large datacentre cost and enable new ‘rack-scale’ system and application architectures.

IMEC are not the only ones exploring the use of silicon photonics in optical data links. Intel, Oracle and IBM are doing so as well. In 2016, Intel unveiled its PSM4 silicon photonics optical transceiver that can deliver 100Gbps over a distance of 2km.

IMEC’s technology, however, is capable of supporting a bandwidth of 896Gbps, by integrating photodetectors and modulators on a single transceiver chip, and using space division multiplexing.

The modulators have a bandwidth of 56Gbps per wavelength in the NRZ-OOK format and capability for 100Gbps per wavelength in the PAM-4 format.

Besides data links, IMEC said silicon photonics also has strong potential for a variety of sensing applications, including Lidar sensors used by autonomous vehicles and chemical (spectroscopic) sensing.

In Singapore, a research team from the Institute of Microelectronics under the Agency for Science, Technology and Research clinched a President’s Technology Award in 2010 for their progress in developing silicon photonic devices with applications in high-speed optical interconnects and light-emitters.

July 5, 2017  7:05 AM

Thailand’s new talent centre is timely but education reform needed

Aaron Tan Aaron Tan Profile: Aaron Tan

As one of Southeast Asia’s “tiger cub” economies, Thailand has seen tremendous growth in the past three decades. Driven by its export-focused growth strategy, particularly in automobiles, Thailand’s GDP has expanded over 12-fold from $32.4bn in 1980 to $406.8bn in 2016.

However, like most ASEAN countries, much of this growth has been driven by foreign direct investments by global companies. While this has helped to build up local talent and expertise, there’s a need for ASEAN countries to start their own innovation engines, particularly in Thailand whose economy has suffered from political instability in recent years.

Which is why the launch of Thailand’s Strategic Talent Centre (STC) by the country’s Board of Investment (BOI) and five other government agencies this week is timely.

The STC will identify Thais and foreigners with specialised skills in science and technology in academia and government, as well as those under the Talent Mobility Project of the National Science Technology and Innovation Policy Office.

Essentially a platform for Thailand’s private sector to access skilled manpower in science and technology, the STC is part of efforts by the Thai government to build the country’s R&D capabilities under its “Thailand 4.0” policy that aims to create an innovation-driven economy.

Hirunya Suchinai, secretary general of the BOI, said: “We believe that there are many experts and specialists in Thailand but we never had a comprehensive database or information about them. The STC will take up this role and pull together extensive lists of these experts. This will not only match demand on manpower and supply of expertise, but will also promote links between the research sector and the private sector”.

In addition to matching services, the STC will also coordinate with government agencies to validate and recognise experts in science and technology. Foreign experts will also get access to an e-expert system run by a one-stop centre for visas and work permits.

While the STC may meet the short to medium-term needs of organisations looking for R&D talent, Thailand needs to beef up its education system and improve educational outcomes in the longer term as it transforms into a knowledge-based economy.

While school participation rates are high, the performance of Thailand in OECD’s Programme for International Student Assessment (PISA) falls behind that of peer countries.

In PISA 2012, for example, only 2.6% of Thai students were considered high achievers in mathematics and 1% in science. Making matters worse are the huge disparities in student performance between the well-off and socio-economically disadvantaged.

These problems cannot be resolved overnight. It takes not only political will on the part of the government, but also support and collaboration with educators and the science and technology industry to ensure that Thailand has enough local talent to realise its Thailand 4.0 vision.

June 28, 2017  9:39 AM

Untangling the web of digital payments

Aaron Tan Aaron Tan Profile: Aaron Tan

With a tech-savvy population and a smartphone penetration rate of 150%, Singapore’s adoption of digital payments is abysmal. Cash is still king in the city-state, especially in the heartlands where credit cards are accepted only if you spend a certain sum.

There are a few reasons for this. For one, the transaction fee imposed by credit card companies does not make business sense for small merchants, especially if most of their transactions are micropayments.

Also, having too many choices is not always a good thing. While Singapore’s fragmented digital payments space offers consumers an array of payment options from telcos, banks, smartphone makers and the likes of EZ-Link and Nets, it also makes it hard for any payment provider to gain a critical mass of users necessary for widespread adoption by merchants and consumers alike.

Both the authorities and the payments industry realise this and are planning to make it easier for individuals and businesses to send and receive money.

Following efforts in rolling out unified point-of-sale systems that accept multiple payment options, the Monetary Authority of Singapore (MAS) will establish a forum for the payments industry and businesses to come together to discuss payment strategies as well as promote inter-operable payment solutions.

At the Association of Banks in Singapore (ABS) annual dinner this week, Singapore finance minister Heng Swee Keat revealed that the MAS has invited 18 senior leaders representing banks, payment companies, industry associations and businesses to form a Payments Council under MAS’ leadership.

Meanwhile, the ABS has rallied its members to develop PayNow, a system that enables consumers to transfer funds to each other using only their recipient’s mobile phone numbers or identity card numbers.

The system will make use of Singapore’s real-time Fast payment system for which transaction volumes have increased over the years.

The Singapore government is also looking to use PayNow to make payments directly to citizens’ bank accounts using their identity card numbers, Heng revealed. “In the future, we would no longer need to update each government agency one-by-one when we change banks,” he says.

PayNow should be welcomed by consumers, especially those who use peer-to-peer e-commerce platforms like Carousell to buy and sell products. Typically, such transactions require sellers to provide their bank account numbers to buyers, who would then have to go through multiple steps to transfer the funds online or at an ATM machine.

The next step would be to get merchants onboard, though this would have to be done with minimal friction to avoid putting off merchants that would have to deal with yet another payment option.

June 23, 2017  1:40 AM

Nayana ransom payment a wake-up call for cyber hygiene

Aaron Tan Aaron Tan Profile: Aaron Tan

When one is confronted by a criminal or terrorist demanding a ransom in exchange for a loved one who has been held hostage, the general rule of thumb is not to pay up and go to the police.

That’s the sensible thing to do, lest you create more incentives for kidnappings and inadvertently finance terrorist and criminal groups. Why then, should individuals and organisations who have been hit by ransomware pay the perpetrators behind those attacks?

Yet, Nayana – a South Korean web hosting company – did just that, dishing out $1m worth of bitcoin to restore the websites and data of its customers that had been held ransom by the Erebus ransomware.

Sure, the business damage (think customer lawsuits) to Nayana of not doing would have been huge, but so would the damage caused by the negative press on the company’s poor cyber hygiene that opened the doors for hackers. Even if the customers got their data back, will they still continue hosting their websites with the company?

Nayana’s website was believed to be powered by older versions of Apache and the Linux kernel with known vulnerabilities that were possibly exploited by Erebus.

Why weren’t the vulnerabilities patched? Was Nayana using a community version of a Linux distro or an enterprise version supported by a vendor? These are questions that every organisation like Nayana needs to ask itself, not just in the aftermath of a cyber-attack but also in making technology decisions.

Cases like Nayana serve as a timely reminder – and a wake-up call for that matter – on the importance of maintaining a good security posture, like how you would exercise some common sense when you’re in a seedy neighbourhood.

In the digital world, things will only get worse with the proliferation of internet of things (IoT) devices.

Many IoT devices are susceptible to ransomware and it is likely that attacks targeting these devices will happen more frequently, says Mark Hearn, director of IoT security at Irdeto.

“When you throw in the potential target of connected cars, where high-profile hacks of a number of vehicles have been reported (impacting manufacturers like Tesla, Mitsubishi and others), it’s clear that action is imperative.

“Payment of these ransoms will only serve to encourage the attackers. Not only should companies avoid paying, they must take cyber security more seriously. Many of these attacks, including the WannaCry ransomware attacks that wreaked so much havoc last month, could have easily been avoided if organisations implemented a defence in-depth approach to cyber security.

“This approach involves many layers of security being implemented throughout the infrastructure, rather than simply protecting systems from the outside-in, in addition to a security in-depth strategy for endpoint devices, incorporating run-time integrity verification of the device,” he says.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: