Asia In Brief Japan’s government last Friday rebuked Fujitsu for shabby cloud security.
Fujitsu operates a cloud called “FENICS” and in February 2023 admitted that in December 2022 it had detected network misconfigurations that allowed unauthorized remote access to the service.
Last Friday the Ministry of Internal Affairs and Communications detailed earlier breaches on mail servers that led to data leaks in May and June 2022. As FENICS is mostly used by government and large corporate clients, news of the security SNAFU is most unwelcome.
After announcing the network issues at FENICS, Fujitsu ate crow and promised to do better. But last Friday the Ministry of Internal Affairs and Communications took the rare step of issuing a public rebuke in which it called on the Japanese tech icon to do better in future, to give a full accounting of the FENICS breaches and remediation, and for management to step up and make infosec a priority.
The reprimand comes after Fujitsu took down a system for issuing official documents ordered using Japan’s My Number ID card, and after other high profile messes such as the supply chain attack on its ProjectWEB service and coverup of issues in the Horizon application deployed to the UK Post Office.
Controversy surrounds Philippines cyber-slave raid
Philippines authorities last week last week raided offices in Manila and rescued over 2,700 people – many of them foreign nationals – who they allege were working for cyber criminals
The Associated Press reported many were victims of human trafficking and were forced to work for a gaming business.
But the raid has become controversial. Filipino media has claimed that some of the detained people were mistreated and perhaps denied due process. The government has rebutted those reports, insisting that detained workers were treated well and that their rights were respected.
The Register has previously reported FBI warnings that fake job ads for work in Asia can lead to slavery at gangs that run large-scale cyber scams.
South Korea introduces strong digital asset protections
South Korea’s government last week introduced regulation for digital assets designed to protect consumers.
The Virtual Asset Act requires operators of digital asset platforms to hold assets to guarantee customers’ balances, and do so in offline cold wallets. Platforms will also be required to secure insurance to protect customer in the event of infosec incidents.
Disclosure requirements similar to those that apply to capital markets will be introduced, meaning platforms must not mislead investors.
Platforms will also be barred from trading in their own digital assets.
Authorities’ powers to inspect and supervise digital asset outfits were also enhanced and clarified.
The measures were introduced, in part, as a response to the May 2022 collapse of the Terra/LUNA stablecoin scheme operated by South Korean nationals.
Indian bank with terrible security fined
In 2022 The Register covered India’s Mahesh Bank, which lacked a valid firewall license, failed to use phishing protection or an intrusion detection/prevention system, and duly fell victim to a cyber attack.
Hyderabad City Police on Sunday pointed to media reports the Bank has been fined ₹6,500,000 ($80,000) for failing to follow infosec regulations.
AWS, Alibaba, pledge to accelerate e-commerce Chinese exports
Amazon Web Services last week staged a summit in China, at which it announced a “Smart Vision Overseas Plan” that will see the cloud colossus help manufacturers use cross-border e-commerce channels to go overseas. AWS will offer route planning and marketing software – delivered as a service, natch. Partners that provide such software will be welcomed into AWS’s cloudy marketplace.
Alibaba’s Cainiao logistics operation, meanwhile, last week promised five-day door-to-door shipping from China to customers in Europe, North America, and Southeast Asia. To help that effort, the outfit plans to establishing one or two local warehousing and distribution centers a year.
APAC tech spend to grow slightly
Analyst firm IDC last week predicted that IT spending across the Asia-Pacific region will rise by 4.4 percent in 2023.
That’s a jump from the 3.8 percent growth posted in 2022.
The news isn’t all good, though, as consumer IT spending will decline by 2.1 percent in the year – a nasty number but at least smaller than the 2.6 percent dip counted during 2022.
Enterprise and service provider spend will surge by 9.8 percent – the same as in the preceding year.
China’s reopening is a big factor in that steady spend, as IDC predicts the Middle Kingdom’s biztech spend growth will accelerate from 2022’s 6.5 percent to 12.9 percent.
But IDC warned supply chain issues persist, and Chinese orgs may also struggle to find skilled labor.
Australia tries to take down investment scams
Australia’s banks, telecommunications industry, and digital platforms have combined to form a “fusion cell” to “identify methods for disrupting investment scams to minimize scam losses.”
Australians lose over A$1 billion ($670 million) a year to such scams – many of them originating online. The National Anti-Scam Centre has therefore promised action “that facilitates timely action by finance, telecommunications and digital platforms to stop scammers.”
Taking down investment scams will be one of the cell’s activities.
In other news …
Our APAC coverage last week included news that Japan pretty much nationalized JSR, a firm that makes the stuff that makes chips.
Worried about China’s progress in AI research, the US is considering even tighter restrictions on exports to the Middle Kingdom.
Speaking of bans on China, a lawsuit against Montana’s TikTok block is being backed on the down low by – you guessed it – TikTok.
Hey, remember that Chinese spy balloon everyone was talking about a few months back? Turns out it was most likely – surprise! – a Chinese spy balloon, crammed full of Made In USA hardware.
Huawei reckons it’s ready to roll out all the gear needed for 5.5G networks, as soon as we’re ready – and can decide what a 5.5G network actually is.
At its annual Foundry Forum, Samsung announced that it’s about to begin mass-production of 2-nanometer silicon, with mobile devices the first to benefit.
Rumors that Taiwanese silicon giant TSMC was hacked turn out not to be true, according to TSMC. But it’s still bad.