Impact of Covid-19 Pandemic Crisis on Cyber Security

By: Sonny Zulhuda

COVID-19 Cybersecurity Threats: Protecting Your Business

This post is about a keynote I delivered in an International Webinar organized by Faculty of Law, Universitas Muhammadiyah Surabaya. The Webinar went well, attended by a crowd of around 100 Zoomizens (yes, it was on Zoom application).

Even though the theme of this international web seminar was the implications of Covid-19 pandemic crisis over cyber security, other speakers did speak about a wide array of legal topics including the implication on employment law, emergency law, criminal law as well as public international law.

In my presentation, I first highlighted the development of the pandemic in Malaysia including the legal basis of Movement Control Order (MCO) in Malaysia.

Next, I observed and assessed the ensuing implications including Policy Implications; Social Implication; and Cyber Security Implication

The social implication includes the following:

  • Lesser people on the road and the flocking of people in the cyberspace makes it more attractive hunting ground for cybercriminals.
  • More online shopping and online selling, so a better chance to hide their illegitimate and fraudulent transactions by picking popular items such as face masks, sanitizers, vaccines, etc.
  • More activities on social media makes it a perfect platform for launching phishing attacks.
  • Making use of emotions and curiosity on what is going on, easy to entice attention: e.g. infection data, patients’ personalities, donation drive.

The policy concerns that emerge are: Continue reading

Lagi tentang Zoom-Bombing

By: Sonny Zulhuda

emilybi_editorial_zoom

Zoom-bombing adalah istilah populer bagi kegiatan sabotase yang dilakukan terhadap aplikasi meeting online yang akhir-akhir ini sedang naik daun yaitu Zoom. Contoh sabotase itu adalah penyusupan seseorang yang ingin membuat onar dan mengganggu jalannya pertemuan.

Dalam beberapa insiden terkini, masalah zoom-bombing bukan pada kelemahan teknis seperti bugs, design dll. Tapi lebih pada penyelenggaraan (governance).

Ibarat mobil dicuri, lebih disebabkan karena mobilnya yang tidak dikunci, atau tidak sempurna nguncinya, atau dikunci tapi duplikatnya ditaruh diluar mobil.

Maka sekadar penekanan untuk kita semua yg mau bikin Zoom meeting, ada bbrp langkah pengamanan a.l:

1. Untuk host, harap mengaktifkan *waiting room* agar bisa dipastikan bahwa yg masuk itu terverifikasi.

Continue reading

Teruskan Pakai Zoom atau Tidak?

Oleh: Sonny Zulhuda

Dikarenakan kondisi darurat pergerakan akibat pandemi Covid-19 saat ini, beberapa produk dan jasa bisnis meroket karena permintaan meningkat. Food delivery, e-commerce portal dan online meeting platform di antara yang menangguk keuntungan. Zoom sendiri sudah menorehkan peningkatan pemakaian 20 kali lipat. Biasanya hanya 10 juta meeting online perbulan, kini setidaknya ada 200 juta meeting online sebulan.

Pertanyaan yang kini banyak dilontarkan masyarakat: Amankah untuk memakai Zoom?

Zoom ini layaknya banyak platform media online lainnya seperti Skype, Google Hangouts dan lain lain. Masing-masing ada kelebihan dan kekurangan baik dari segi setting (setelan), features (spesifikasi) teknis dan non-teknis, ongkos ataupun fasilitas lainnya.

Zoom, seperti layaknya produk lain, sangat mungkin memiliki kekurangan dan kelemahan sistem. Apakah yang lain itu aman? Ketika banyak kasus curi mobil yang melibatkan mobil merek tertentu, apakah karena mobil mereka lain lebih aman? Tidak juga. Mungkin saja karena mobil merek itu adalah yang paling banyak penggunanya sehingga lebih mudah dipelajari, lebih mudah dicari kuncinya dan lebih mudah dijual hasil curiannya.

Ketika penggunaan Zoom meningkat sampai 20 kali ganda, perlu dipahami dari dua sisi: Pengguna dan Penyedia jasa. Dari sisi ppengguna, banyak sekali dari mereka yang baru pertama kali memakai platform seperti ini. Banyak diantara mereka yang baru sekali itu melakukan online meeting. Malah parahnya, banyak juga di antara mereka yang baru pertama kali menggunakan teknologi internet! Bisa dibayangkan apakah para pengguna ini mengerti tentang seluk beluk lalu lintas Internet yang penuh dengan risiko dan rambu-rambunya?

Continue reading

Data Protection Ecosystem for Financial Institution

By: Sonny Zulhuda

Data is asset in today’s interconnected world. With the changing digital lifestyle and emerging digital workplace, managing personal data becomes a key trust factor for organisations.

2018_01_29_39564_1517188935._large

The digitalisation of process and records, mobile workplace concept, synchronisation of gadgets and data, as well as emergence of smart contract have all contributed to this change.

Internally, managing data serves as a critical assets management. Externally, it becomes a shield of legal compliance as well as a key competitive value in a more increasingly regulated environment.

In many parts of the world, Continue reading

Survey on Artificial Intelligence and Ethics

On this page, I’ve listed down some of the references I am gathering of late while surveying about AI, ethics and data protection. Here are some:

  1. Sidi Ahmed, Sidi Mohamed and Zulhuda, Sonny (2019) Data protection challenges in the internet of things era: an assessment of protection offered by PDPA 2010. International Journal of Law, Government and Communication, 4 (17). pp. 1-12, at https://papers.ssrn.com/sol3/Delivery.cfm/SSRN_ID3513528_code2666494.pdf?abstractid=3513528&mirid=1.
  2. Berkman Klein Center for Internet and Society at Harvard University. Ethics and Governance of AI, at https://cyber.harvard.edu/topics/ethics-and-governance-ai
  3. Berkman Klein Center for Internet and Society at Harvard University. Artificial Intelligence in Society, at https://cyber.harvard.edu/story/2019-06/artificial-intelligence-society.
  4. OECD, “Report on AI in Society”, Digital Journal 12 June 2019, at http://www.digitaljournal.com/tech-and-science/technology/oecd-issues-report-on-ai-in-society/article/551839.
  5. OECD, Artificial Intelligence in Society, Report published on June 11, 2019, at https://read.oecd.org/10.1787/eedfee77-en?format=pdf.
  6. Draft: A UN System-wide Strategic Approach and Roadmap for Supporting
    Capacity Development on Artificial Intelligence, at https://drive.google.com/file/d/1eVao9WvzDPyKIVp9Pcti9_BEDQc5cncy/view.
  7. “Artificial Intelligence & Human Rights: Opportunities & Risks,” Berkman Klein Center Research Publication No. 2018-6, at https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3259344.
  8. International Telecommunication Union (ITU), Report on “Artificial Intelligence (AI) for Development Series – Module on Setting the Stage for AI Governance: Interfaces, Infrastructures, and Institutions for Policymakers and Regulators,” July 2018, at https://www.itu.int/en/ITU-D/Conferences/GSR/Documents/GSR2018/documents/AISeries_GovernanceModule_GSR18.pdf.
  9. World Economic Forum (WEF), Artificial Intelligence and Robotics, at https://www.weforum.org/agenda/archive/artificial-intelligence-and-robotics/.
  10. Princeton University. Dialogues on AI and Ethics: Case Studies, at https://aiethics.princeton.edu/case-studies/case-study-pdfs/

  11. Artificial Intelligence for Global Good, ITU News Magazine 01/2018, at https://www.itu.int/en/itunews/Documents/2018/2018-01/2018_ITUNews01-en.pdf.

  12. G20 Ministerial Statement on Trade and Digital Economy (Including on AI), at https://www.mofa.go.jp/files/000486596.pdf.

  13. SMU Centre for AI and Data Governance (CAIDG), at https://caidg.smu.edu.sg/.

 

  • April 2020
    M T W T F S S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  
  • Visitor

    free counters

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,636 other followers