Want to know more about it? You can also read it online
 
 
           
 
 
 
 
Welcome from the Project Coordinator
 

Dear readers,

YAKSHA has had another extraordinary year with many activities and events, including a successful First End-user Event in Malaysia. This end-user event was organised as a conference including speeches and panel discussions from key experts in the field of cybersecurity from the ASEAN and Europe, and high-level governmental stakeholders. There were more than 100 participants from various backgrounds - including SME and large corporations, critical infrastructure organisations, government organisations, knowledge and R&D organisations, as well as associations and other interested parties.

In conjunction with the First End-user Event, we also organised a YAKSHA Ambassadors' day that aimed to give the Ambassadors a comprehensive understanding on the YAKSHA Platform. This newsletter will give you detailed information of these events, including how to become a YAKSHA Ambassador.

The Second End-user Event was planned to be organised in Bangkok in June 2020. Unfortunately, due to the COVID-19 Pandemic, this event is being postponed until December 2020. Please stay connected to the YAKSHA Project through our website and social media to know more about this event!

Aside from the End-user Event, this newsletter also highlights interesting Cybersecurity news in Southeast Asia. The newsletter also provides detailed information on selected YAKSHA Partners – this time, StAG srl from Italy and Cybersecurity Malaysia. Finally, we thank you for your interest in YAKSHA and hope you are staying safe and have a great summer!

Best regards,
YAKSHA Project Coordinator

     
 
YAKSHA 1st End-user Event in Cyberjaya, Malaysia – November 2019
 

The first end-user event was held in Putrajaya, Malaysia on the 27-28th of November 2019. The first day of the end-user event was a public conference, gathering over 100 participants - providing a good mixture and balance of different types of stakeholders present, such as large organisations, e.g. Bank Negara Malaysia, universities, e.g. Universiti Teknikal Malaysia Melaka, government organisations, e.g. The Malaysian Administrative Modernisation and Management Planning Unit, as well as YAKSHA Ambassadors and other stakeholders.

The first day enabled potential end-users to better understand the YAKSHA project and software, as well as the cybersecurity ecosystem in both EU and ASEAN, through expert speeches, presentations and a demonstration session on the platform conducted by the project team and other experts from ASEAN. Furthermore panel discussions with policy makers/ high-level cybersecurity experts from the ASEAN were held in order for them to share their views on the state of art in their countries and have a discussion on the future of cybersecurity in ASEAN, including the future exploitation path of the YAKSHA software.

The second day of the end-user event was fully dedicated to interaction with YAKSHA Ambassadors, who are voluntary representatives of the YAKSHA project in the ASEAN countries. The software was presented in more technical details and a live testing session of the platform was held with the Ambassadors. Furthermore, the project team consulted the Ambassadors on their views on the exploitation of the software based on the discussion from the previous day, and the role that they would like to have in the future.

Read More
     
 
 
Capability and outstanding value of the YAKSHA software
 

In this edition of the newletter we would like to present the key points that make the YAKSHA software unique and unlike any other software on the market. We asked our technical project partners to explain their vision about the platform.

What is the YAKSHA software?

YAKSHA is an innovative cybersecurity intelligence gathering tool that allows organisations to easily deploy and monitor large numbers of honeypot virtual machines acting both as threat samples generators and deception decoys for the actual services the organisation runs exposed on the internet.

How is it unique and different from other existing softwares?

YAKSHA employs some features seen for the first time in cybersecurity solutions:

  • Rapid setting up, deployment and management of honeypots Virtual Machines, in small or large numbers
  • Fully automated malware sample analysis, both static and dynamic
  • Automated, unsupervised machine learning analysis of attack patterns by clustering the samples and individuation of the prototypes for each
  • Sharing of information (according to strict and flexible policies) between YAKSHA installations ("nodes") in a fully distributed architecture

Could you describe the functionality of the YAKSHA software?

  1. Through a web interface the user is able to create and expose to the Internet virtual honeypots ready to go. Supported Operating Systems range from Linux (in various flavours) to MS Windows, to Android. They are free to install on the newly created honeypots aby application they see fit, connecting through standard protocols like SSH or RDP.
  2. YAKSHA honeypots are automatically monitored for changes in the filesystem that could reveal potential malware. File monitoring agents were developed from scratch for the Microsoft Windows environment; for Linux and Android open source solutions with special customisations. Malware samples are collected every time a change is detected;
  3. Every sample file collected is fed through a queue mechanism on the backend where its behaviour is automatically analysed in a “sandbox” safe environment. The sample is classified as malware or as safe. For the Android-based honeypots a similar sandbox environment is used.
  4. Details on all samples and the analysis result are displayed in the GUI and are part of the datasets generated.
  5. The results of the automated malware analysis (system calls in particular, that describe the actual malware behaviour) are the input of a clustering Machine Learning model that groups the samples according to similarities in their behaviour. Each cluster represents a family of similarly-behaved malware samples. A prototype is automatically individuated by the Machine Learning model for each cluster.
  6. The end results from the clustering module allow the YAKSHA platform to show clearly the macro-trends in malware threats, in particular geographical regions or single countries, providing very valuable intelligence.

The second end-user event has been postponed due to the COVID-19 outbreak. Could you please expand on how the software is planned to be presented at this final event of the project and what is your vision for the future?

The complete platform’s functionality will be presented to the ambassadors’ community and other participants, focusing on the automated malware analysis feature and the malware clustering results.

The end goal will be to show the data gathering and Machine Learning features.

The long-term plan is that the IPR owners relevant to the platform will bring the service to market in the framework of the YAKSHA Exploitation Agreement.


 
Become a YAKSHA Ambassador!
 
 
Don’t miss your chance - YAKSHA project is still recruiting YAKSHA Ambassadors – voluntary representatives of the YAKSHA project in the ASEAN countries. The project presents an opportunity for everyone willing to contribute to:
  • Enhancing Cybersecurity readiness levels and reducing cyber-risks.
  • Better preventing cyber-attacks and better governing the whole Cybersecurity process in the ASEAN.
ELIGIBILITY
  • Are you based in ASEAN?
  • Are you active in the field of Cybersecurity?
  • Do you have access to a network of ASEAN stakeholders active in this field?
Are you interested to become a YAKSHA Ambassador? Then why wait? Check out the YAKSHA Ambassador’s Info-Pack and submit your Request to become a YAKSHA Ambassador!

Future vision for the Ambassadors

During the project lifetime the Ambassadors’ main mission is to promote the project in ASEAN and to participate in training and end-user events in order to familiarise themselves with the software. However, as the project is now past its halftime, we may ask what role do we envisage for the Ambassadors for after the end of the project – taking into account their feedback received during the 1st end-user event in Malaysia. We currently envisage 4 different roles for the Ambassadors in the future:

1. Channel partners/promotion/sales
These Ambassadors would act as promoters of the YAKSHA platform. They would either get financial compensation or rewards, such as points, that could later be converted, for signing up a certain number of stakeholders, or responding to potential customers. An example for this would be promoting the YAKSHA software to public sector or critical infrastructure organisations (e.g. military, police, hospitals etc.).

2. Providing supplementary services to end-users
Ambassadors could provide supplementary YAKSHA services, such as trainings, increasing awareness on innovation and cybersecurity issues or provide advice within the companies that they work in e.g. large companies.

3. Providing complementary services to end-users
Ambassadors that are security companies, could provide complementary services to those of the YAKSHA platform, such as the analysis of the reports that YAKSHA will be producing. As such, they would become the solution providers, to the problem detected by the YAKSHA report.

4. Gathering intelligence
Ambassadors could gather aggregated data of multiple companies in their region. As such, they could possess extra intelligence, and end-users could contact them if they are experiencing a particular cybersecurity problem, e.g., if an Ambassador identifies a pattern in the hacking of two banks, he/she can inform a third bank that there have been two intrusions in similar organisations.
 
 
 
Meet some of our Ambassadors!
 
Cheng Wai Kok has 25 years of professional experience in the IT industry with specialization in Cyber Security. He has held various IT senior executive positions in Australia, China, Indonesia, Malaysia, Philippines and Singapore. With his extensive experience and knowledge in IT for banking and financial institutions, he has been granted the prestige membership by the Asian Institute of Chartered Bankers (AICB). Wai Kok is currently the Principal Consultant of K2 Baseline Sdn Bhd and helping the local and regional clients to address the security challenges, compliance requirements and technology risk in applications and databases. He has also been appointed by the Malaysian government agencies as the lead consultant to review and plan for future 5 years IT Master Plan. In addition to that, he has implemented Anti-Phishing, Risk Management, Web Application Firewall, Secure Code Development security solutions and Penetration Testing in international banks, FinTech, government agencies and corporations.  
 

 
Why was he interested in becoming a YAKSHA Ambassador?
"For many different reasons, including the possibilities to promote and drive the commercialisation of the YAKSHA platform; to contribute to the knowledge sharing for the Cybersecurity community; to enhance the Cybersecurity industry relationship within the ASEAN and EU-ASEAN; to work with the government and regulators to promote the importance of YAKSHA, etc. He was a panelist at the 1st YAKSHA end-user event in Malaysia."
 
 

 
  Dr. Warusia Yassin is a senior lecturer at the Faculty of Information and Communications Technology, Universiti Teknikal Malaysia Melaka (UTeM). He completed his Bachelor Degree in Computer Science (2007), Master of Science (2010) and PhD (2015) at Universiti Putra Malaysia (UPM). His research interests include computer security, data mining, cloud and quantum computing. He received a recognition by MIMOS Berhad Malaysia as the best researcher in 2015. He has more than 10 years of industrial experience as a system engineer and security analyst. He also has a Profesional certification on Ec-Council Certified Incident Handler (EC-CIH).
 
Why was he interested in becoming a YAKSHA Ambassador?
"In order to be in line with emerging technology, it is very important to have knowledge of such tech which can be obtained through participating in the YAKSHA project. Besides, the related training could be helpful in gearing the research mind of a researcher to be up-to-date. Participation in such event also gives an opportunity to get to know each other and network with researchers, industry and university representatives."
 
 
Ashish Thapar is the Managing Principal for Asia Pacific and Japan region at Verizon Enterprise Solutions. In this role, he heads the team responsible for all customer-facing cyber incident response and digital forensics investigations. Prior to this role, Ashish was responsible for the portfolio management of Verizon’s security professional services team in Asia, leading teams that deliver GRC, TVM, SOC and PCI consulting services to customers. Ashish has a long history of serving countless high profile clients across multiple business verticals, assisting them with their cyber security strategy, governance risk & compliance, and threat & vulnerability management areas. Mr. Thapar holds a number of global certifications such as CISSP, CISM, CISA, GCFA, CCSK and CDCP. In addition, he has also been an accredited PCI QSA and PA QSA for several years. He is also the main coordinator and key contributor to Verizon’s support for CyRiM project (run by NTU and sponsored by MAS).  
 

 
Why was he interested in becoming a YAKSHA Ambassador?
"I am mainly interested in becoming a YAKSHA Ambassador as I am passionate cyber security practitioner and would love to learn and spread the knowledge to fight cybercrime. Through my Linkedin and Twitter network, as well as through my industry collaboration groups I can spread the awareness for YAKSHA."
 
 
 
Cybersecurity News
 
Increase in cybersecurity threats as a side-effect of the Covid-19 outbreak
 
 
Alike in other regions in the world, the Covid-19 outbreak resulted in increased security concerns in ASEAN. A study by Thales group titled “COVID-19: A NEW WEAPON FOR CYBER ATTACKERS”, shows that in the midst of this unprecedented global health crisis, malicious actors are turning the situation to their advantage to attack the information systems of companies, organisations and individuals.
Read More
 
 
 
Singapore to roll out cybersecurity labels for smart devices
 
 
Singapore will be the first in the Asia-Pacific region to introduce a cybersecurity labelling scheme (CLS) for network-connected smart devices like Wi-Fi routers and smart home hubs. As explained in a channelnewsasia article, this is part of efforts to "better secure Singapore's cyberspace and raise cyber hygiene levels", as the Ministry of Communications and Information (MCI) said. “The CLS will serve to differentiate smart devices with better cybersecurity provisions in the market, and aims to incentivise manufacturers and product vendors to develop products with recognised and improved security features” – suggested the Ministry. The labels, which will indicate the security provisions present in the smart devices, will be stuck on Wi-Fi routers and smart home hubs to start with, to help buyers better judge their exposure to cyber risks. As an expert explains, there could be consequences if such devices are compromised: “if a Wi-Fi router is compromised, it can expose all devices on the network to cyber- and data-security risks.” The labelling scheme is expected to raise consumer awareness of more secure products and encourage manufacturers to adopt additional cybersecurity safeguards. It is to be launched later this year as part of Singapore's new Safer Cyberspace Masterplan.
 
 
 
A 5-year Cybersecurity Standards Roadmap will be published in 2020
 
 
It was announced at Singapore International Cyber Week (1-3 October 2019) that a 5-year Cybersecurity Standards Roadmap will be published in 2020. The roadmap aims to create a safer cyberspace and raise quality of cybersecurity services. It will be developed by the Coordinating Committee for Cybersecurity (CCCY), formed by Cyber Security Agency of Singapore (CSA) and Enterprise Singapore. It will address standards for building resilient infrastructure, creating a safer cyberspace and raise quality of cybersecurity products and services and include areas like advanced manufacturing, smart healthcare and smart mobility and autonomous vehicles . The development of these standards shall help companies and government agencies mitigate cybersecurity threats and raise cyber hygiene and security assurance.
 
 
 
New ASEAN cybersecurity centre launched
 
 
As per the article titled “New ASEAN cybersecurity centre launched to train response teams to combat online threats” published in The Straits Times Journal, Singapore has launched a new centre for ASEAN member states to collaborate in conducting research, sharing knowledge and training to respond to cyber threats. It is expected to bring more trust and assurance to the region. Over five years’ time, the ASEAN-Singapore Cybersecurity Centre of Excellence (ASCCE) will spend $30 million to offer policy and technical programmes for its participants. It is expected that ASCCE will engage top cyber experts in designing and delivering cybersecurity capacity building programmes, and will collaborate with international partners, such as Australia, Canada and the EU. The article says that as the digital economy continues to flourish in ASEAN, this growth must be safeguarded by holistic cybersecurity efforts.
 
 
 
Academic papers
 
Importance of Cybersecurity Education in School
 
 
A paper titled “The Importance of Cybersecurity Education in School” written by scholars - Rahman N. A. A, Sairi I. H., Zizi N. A. M., and Khalid F. - from Universiti Kebangsaan Malaysia was published in May 2020 in the International Journal of Information and Education Technology. The review paper aimed to explore why it is critical for modern learners to be educated concerning the risks associated with being active in cyberspace, such as cyber-bully, online fraud, gambling, and the strategies that stakeholders can use to promote cybersecurity education in schools. Based on the synthesis of the selected literature, the findings suggested that it is very important to protect children through cybersecurity education so that they can become aware of the potential risks they face when using internet communication tools, e.g. the social media, chatting and online gaming. There were several challenges identified to cybersecurity education, such as the the level of teachers’ knowledge, the lack of expertise and funding and resources. The study suggests for all relevant parties, such as teachers, parents, peers, the government and the media to collaborate in order to find the best solution for education.
 
Critical Factors in Cybersecurity for SMEs in Technological Innovation Era
 
 
A recent paper titled “Critical Factors in Cybersecurity for SMEs in Technological Innovation Era” written by scholars from Chulalongkorn University, Bangkok - Wipawadee Auyporn, Krerk Piromsopa, Thitivadee Chaiyawat - Thailand, was presented at ISPIM Connects Bangkok , an event that took place on 1-4 March 2020 and aimed to bring together innovation professionals from 20+ countries. The paper aimed to explore key factors that influence SMEs cybersecurity practices in the technological innovation era. The population of the study consisted of three services industries of SMEs in Thailand: information technology service, financial service, and insurance service. The findings of the paper suggest that both internal and external factors affect cybersecurity action plans in SMEs and that whether to recognize a factor as a success factor or a barrier depends on the capabilities and landscapes of SMEs. The result of the research is proposed to serve as a decision-support framework, which can be further developed into a service for SMEs to improve their cybersecurity postures.
 
 
 
YAKSHA Partners in Focus
 
StAG srl (previously StudioAG), Italy
 
Main contact person involved in YAKSHA
 

  Alessandro Guarino is a Senior advisor on innovation, cybersecurity, privacy and data protection, as well as an independent researcher. He is CEO of StAG srl, a consulting firm based in Italy and active since 2000, serving clients both in the private and public sector. He works as a Digital forensics analyst and consultant, as well as an expert witness in Court. He is an ISO active expert member in JTC 1/SC 27 (IT Security Techniques committee) and contributed in particular to the development of cybersecurity and digital investigation standards. He currently chairs CEN/CENELEC JTC 8 “Privacy management in products and services” and represents Italy in CEN/CENELEC JTC 13 on cybersecurity. As an independent researcher he had presented at several international conferences in Europe and Asia, including ISSE (Information Security Solutions Europe), since 2013 and NATO CCD COE’s 2013 CyCon, in Tallinn. He is a member of NATO IST 152 Research Task Group on “Autonomous Intelligent Agents for Cyber Defense”.
 

As the leader of Pilots and Validation and Exploitation within the YAKSHA project, Alessandro Guarino has the following vision:

“StudioAG - later replaced by a StAG srl, a structured company - promoted the formation of the YAKSHA consortium leveraging an existing network in the ASEAN region and contributed from day one to the definition of the project proposal. Executing the project together with ASEAN partners allowed us to work closely in an operational setting with partners in Europe, Viet Nam, and Malaysia during the testing and validation phase, providing us with a solid base from which to strengthen our presence in the region. Whether the YAKSHA technology will be brought to market or not, partnerships developed during this project will last well after its ending and already brought new chances for collaboration.”

StAG srl in brief

Founded in 2000, StAG srl is now a flexible consultancy and advisory firm specialising in Information Security, Digital Forensics, Personal Data Protection and Data Analysis. It is based in North-East Italy but with strong connections and outreach in Europe and outside. In advising our clients we adopt a technology-neutral perspective and a vendor-neutral approach.

It has extensive experience working with SMEs, as this is the largely prevalent type of business in Italy, but Public entities make up a significant slice of the client base.

 
 
CyberSecurity Malaysia (CSM), Malaysia
 
Main contact person involved in YAKSHA
 

  Ismamuradi Bin Abdul Kadir is the Head of Strategy Management in CyberSecurity Malaysia. He is a Certified KPI Professional and Certified Information Security Awareness Manager. Within CSM he implemented a Business Transformation Programme for corporate wide organisation that covers financial, technical core competencies, sales and marketing strategy, human capital development and corporate environment. He also led Business Re-engineering for Inter Department Process Interfaces and developed Corporate Business Processes to enhance service delivery. He developed 2 versions of 8 Technical Domain Expertise, Centre of Excellence Blueprint at Corporate Wide level with internal departments that became the strength of the organisation as well as Malaysian Plan Projects.
 
CyberSecurity Malaysia (CSM) in brief

The Cabinet Meeting on 28 September 2005, through the Joint Cabinet Notes by the Ministry of Finance (MOF) and Ministry of Science, Technology and Innovation (MOSTI) No. H609/2005 agreed to establish the National ICT Security and Emergency Response Centre (now known as CyberSecurity Malaysia) as a National Body to monitor the National e-Security aspect, spin-off from MIMOS to become a separate agency and incorporated as a Company Limited-by- Guarantee, under the supervision of MOSTI and now CSM are being supervised by Ministry of Communication and Multimedia Malaysia (KKMM)

The Malaysian Government gazetted the role of CyberSecurity Malaysia by Order of the Ministers of Federal Government Vol.53, No.13, dated 22 June 2009 (revised and gazetted on 26 June 2013 [P.U. (A) 184] by identifying CyberSecurity Malaysia as an agency that provides specialised cybersecurity services and continuously identifies possible areas that may be detrimental to national security and public safety.

In essence, the role of CyberSecurity Malaysia is to provide specialised cyber security services contributing immensely towards a bigger national objective in preventing or minimising disruptions to critical information infrastructure in order to protect the public, the economy, and government services. CyberSecurity Malaysia provides on-demand access to a wide variety of resources to maintain in-house security expertise, as well as access to advanced tools and education to assist in proactive or forensic investigations.

CyberSecurity Malaysia provides specialised cyber security services, as follows:

  • Cyber Security Responsive Services
  • Cyber Security Proactive Services
  • Cyber Security Professional Development and Outreach
  • Strategic Research and Engagement
  • Industry and Research Development
 
 
 
Project Mailing List
 
You have received this newsletter, as you have been identified as target audience for the YAKSHA project, presumably concerned by and interested in the project’s activities. As such, we have added you to our project mailing list. During the project lifetime, we will circulate Press Releases, Newsletters, information about main events/activities, surveys and maybe a few more information. Please be assured that you will not be spammed by numerous mailings.
We would be grateful if you share the information on YAKSHA within your networks to all contacts likely to be interested in YAKSHA, inviting them to subscribe to the YAKSHA Project’s mailing list via the project website subscribe section.
 
 
 
Follow Us
 
           
 
If you do not wish to receive further updates, please unsubscribe.