Cybersecurity News in Asia

In mobile device usage management, who guards the guardian?

By CybersecAsia editors | Thursday, August 8, 2024, 10:17 AM Asia/Singapore

A globally-used software to guard against people’s overuse of mobile devices has been found with its guard down

Following a significant hacking incident involving a nationally-endorsed software use to control Singapore students’ mobile device usage patterns, the country’s Ministry of Education has announced its decision to eradicate use of the application.

Around 13,000 secondary school students’ iPads or Chromebooks had apparently been wiped clean of certain data remotely, by a hacker — as part of a “global cybersecurity incident” that had affected the Mobile Guardian platform’s users around the world.

The app allows parents to control their children’s device usage by restricting certain applications or websites, and managing their kids’ screen time. According to MOE’s preliminary checks, there has been no evidence of user files being accessed.

Some cybersecurity professionals have weighed-in on this reactionary move. Check Point Software Technologie’sAbhishek Kumar Singh, Head, Security Engineering (Singapore) noted that the developers of globally used software should enhance supply chain security, step up their code audits, and use Mobile Threat Defense solutions “to protect against cyber threats and secure sensitive information about students and staff. By implementing these measures, the Mobile Guardian app can better defend against potential cyber threats and protect the data it handles.”

Synopsys Software Integrit y Group’s Senior Director of Security Engineering (APAC) Kelvin Lim commented: “In today’s world where business logics and decisions are processed by applications, software risks are business risks. Upon the removal of application from the students’ devices… parents and teachers will need to encourage and instil responsible digital habits and continue to monitor and guide students in using technology wisely.”

Keeper Security’s CEO and co-founder Darren Guccione reminded schools and educational institutions that they “must rigorously evaluate their third-party vendors, ensuring that they adhere to the highest standards covering data privacy, security and internal controls across native and cloud applications, such as SOC 2 Type 1 and 2 and; ISO 27001, 27017 and 27018 certifications,” and also perform vendor cybersecurity audits. “Institutions should regularly test and update their response strategies to ensure they can quickly and efficiently address evolving cyber incidents. Implementing a zero-trust network architecture within educational environments can limit access to only those resources that are necessary for users, minimizing the blast radius if there is unauthorized access.”

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

2024 Insider Threat Report: Trends, Challenges, and Solutions
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
AI-Powered Cyber Ops: Redefining Cloud Security for 2025
The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
Data Management in the Age of Cloud and AI
In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper
Mitigating Ransomware Risks with GRC Automation
In today’s landscape, ransomware attacks pose significant threats to organizations of all sizes, with increasing …Download Whitepaper

Middle-sidebar-banner

Case Studies

HOSTWAY gains 73% operational efficiency for private cloud operations
With NetApp storage solutions, the Korean managed cloud service provider offers a lean, intelligent architecture, …Read more
CISOs can navigate emerging risks from autonomous AI with a new security framework
See how security leaders can adopt layered strategies addressing intent, governance, and oversight to manage …Read more
MoneyMe strengthens fraud prevention and credit decisioning
Australian fintech strengthens risk management with SEON to scale lending operations securely and efficiently.Read more
PT Kereta Api Indonesia announces nationwide email and communication overhaul
The state railway operator’s upgraded email system improves privacy, operational reliability, and regulatory alignment for …Read more

Featured

Psst… know anyone interested in selling his/her identity?

Featured

When failure is not an option

Featured