Edward Chen

In my interview with CNA I speak about how INTERPOL is stepping up to confront a new era of crime - one that moves at the speed of technology. From tackling sophisticated AI-enabled fraud to combating cyber threats and environmental crime, we’re enhancing our investigative capabilities, building stronger global cooperation and modernizing the way we work. Our mission is clear: to help law enforcement around the world stay ahead in an increasingly complex digital landscape. https://lnkd.in/dGvW336g

222

2 Comments

GMO Flatt Security Research An official blog of GMO Flatt Security Inc. based in Tokyo, Japan. We are striving harder to improve the cybersecurity for the local and global community. We strongly believe that identifying and eradicating cyber weaknesses on products will eventually make the internet a much safer medium to communicate and utilize. https://lnkd.in/gKQnENVr

3

1 Comment

​Is Your Organization Built to Withstand the Unexpected? 🇸🇬 ​Digital connectivity and power are the lifeblood of modern commerce—but what happens when they go dark? ​From 1 to 15 February, MINDEF is conducting Exercise SG Ready 2026 (ESR 2026). This year’s theme, "Are you ready for disruptions?", shifts the focus toward a critical reality for every business owner: surviving prolonged power outages and digital service failures. ​What’s happening? ​To simulate a real-world energy security crisis, various essential platforms (including OneNS and Workpal) will go into maintenance mode. This isn't just a drill for the government—it’s a reminder for all organisations to test our own Business Continuity Plans (BCP). ​Key Milestones to Watch: ​The launch: On 1 Feb at 1500hrs, the Public Warning System (PWS) will sound. ​New Tech: For the first time, alerts will be pushed via ERP 2.0 on-board units, alongside SGSecure and myResponder apps. ​The Message: Tune in to local radio or TV immediately after the signal to hear the Total Defence message from Minister K. Shanmugam. ​Why should your organization or business participate? ​In a "Total Defence" framework, resilience isn't just about military readiness; it’s about national resilience. Use this exercise as a low-stakes environment to ask: ​Can our teams operate offline for an hour? ​Do we have clear communication channels if digital apps fail? ​Are our employees trained to respond to emergency broadcasts? ​Let’s not wait for a real crisis to find the gaps in our systems. Resilience is a competitive advantage. ​#TotalDefence #SGReady #BusinessContinuity #Singapore #Resilience #ESR2026

13

Cyber threats are evolving—your defense should too. At GovWare 2025, Perry Young will lead a high-impact, gamified session built on real-world attack scenarios mapped to MITRE ATT&CK. Learn how to shift left, simplify defense, and outsmart adversaries using real techniques from across ASEAN: https://lnkd.in/gzzKMqgC #TheHeartOfProgress #GovWare2025 #CyberResilience

63

Titilayo Shodiya, Ph.D.'s blog is a great overview of our views on the importance of securing the agentic web. Let’s add one more entry to the list, Infoblox’s response to the National Institute of Standards and Technology (NIST)’s RFI on Security Considerations for Artificial Intelligence Agents. Our recommendations: 👉 NIST’s AI security frameworks should treat AI agent discovery as a critical security control. Organizations must be able to enumerate, authenticate, and govern all agents that can reach their data, tools, and networks. Without that, every other security control is operating on incomplete information. Yet today, most organizations lack a uniform way to discover, inventory, and verify the AI agents operating across their environments. 👉 NIST should support open, vendor‑neutral standards for agent-to-agent discovery mechanisms. DNS‑based AI Discovery (DNS‑AID) is an open initiative— published as an IETF internet draft — to make the Domain Name System the authoritative discovery and trust verification layer for AI agents. DNS is a natural foundation for agent discovery because it already underpins most network interactions and can act as a preemptive security control to evaluate and govern agent traffic before any connection is established. The National Cybersecurity Center of Excellence (NCCoE)'s upcoming project on agent discovery is an excellent opportunity to demonstrate how open discovery improves security, resilience, and interoperability.

6

🚨 Cyber Shadow War in Southeast Asia 🚨 Who really dominates the battlefield of #Cambodia vs #Thailand hacker groups? From #NXBBSEC to #Anonymous, from #HIME666 to #Killnet — the digital frontlines are heating up. 🔥 We tracked their moves. We exposed their ops. Now the question is: Who strikes next? 👀 1️⃣ https://lnkd.in/g_Jz75zs 2️⃣ https://lnkd.in/gvCb_jKW #OpThailand #OpCambodia #Lulzsec #Red_Wolf_Cyber #DARKSTORM #thaiisgod #khnightmare

4

Cyber threats don’t take weekends off. 😮‍💨🌍 Over the weekend, a couple of friends—probably inspired by new knowledge (UNC3886??)—asked me about Indicators of Compromise (IOCs). Here’s a quick breakdown for anyone looking to sharpen their cyber awareness. 🧐✍️ 🔍 What is an IOC? An IOC is a piece of digital forensic evidence—such as a malicious file hash, suspicious IP address, domain, or registry key—that signals a system or network has been breached. (CrowdStrike) ⏳ The Nature of IOC Detection • IOC detection is reactive – by the time you spot it, the compromise likely already happened. • Quick identification during an active breach can still help contain the damage. ⚠️ Why IOC Detection Is Getting Tougher • Attackers constantly rotate or modify hashes, IPs, and registry artifacts to bypass traditional detection methods. 💡 Why the Need to Monitor IOCs? • Improves detection accuracy and accelerates incident response. • Recurring IOCs help refine security tools, playbooks, and preventive measures. 🔎 Common IOC Examples: • Unusual inbound/outbound network traffic. • Traffic from unexpected geographies. • Unknown or unapproved applications. • Privilege escalations or new admin accounts. • Surge in failed login attempts (brute force). • Suspicious registry or system file changes. • Odd DNS queries or unauthorized config changes. • Unexpected compressed files or archives in strange places. ⚔️ IOC vs IOA (Indicator of Attack): • IOC = Evidence after compromise (the what). • IOA = Signs of an attack in progress, focused on attacker behavior and intent (the how). Stay vigilant, stay safe. 🙏🛡️ What’s your team’s approach to detecting IOCs vs IOAs? Let’s share best practices and insights below! 👇 #CyberSecurity #ThreatIntelligence #IncidentResponse #DigitalForensics #IOC #IOA #APT #DefendWhatsOurs https://lnkd.in/gkHbqijN

35

Singapore announced it was battling a "serious" cyberattack against its critical infrastructure, attributing the hack to an espionage group that experts have linked to China. The attack, a kind of Advanced Persistent Threat (APT), poses a serious danger to the city-state, Coordinating Minister for National Security K. Shanmugam said in a speech late Friday. An APT refers to a cyberattack where an intruder establishes and maintains unauthorised access to a target, remaining undetected for a sustained period of time. "I can say that it is serious and it is ongoing. And it has been identified to be UNC3886," he said. Shanmugam, who is also home affairs minister, did not elaborate on the group's sponsors or the origin of the attack. But Google-owned cybersecurity firm Mandiant described UNC3886 as a "highly adept China-nexus cyber espionage group". https://lnkd.in/g2G3t7SX

14

3 Comments

Still wondering why Singapore attributed a serious cyber breach of critical infrastructure to an APT called UNC3886 but didn't name any state? Read "As Cyber Threats Grow, Singapore Walks a Careful Line on Identifying State Actors" by my teammate Muhammad Faizal Bin Abdul Rahman published by RSIS | S. Rajaratnam School of International Studies for insights. "As Singapore confronts increasingly sophisticated cyber threats, it continues to take a cautious approach in attributing blame when identifying state actors."

74

1 Comment

🛰️ Dalvir Singh from Office for Space Technology & Industry, Singapore (OSTIn) shares how Singapore is thinking about growth in its space sector, the role of partnerships, and what makes the country a practical entry point for space companies looking to scale in the region. 🎥 Watch the conversation. 🚀 CYSAT Asia, co-organised by SGInnovate and CYSEC, takes place on 5 February 2026!!

7

1 Comment

[Part 1/3] Malaysian Navy Classified Documents Leak – Tracking the Dark Web Seller Part 1 of StealthMole’s 3-part investigation series. This episode focuses on the repeated banner-style phrase “Malaysian Navy Classified Documents Leak” found inside a DarkForums thread. Although the thread was titled with another leak, the same user “jrintel” used it to advertise multiple alleged classified materials and promote contact details through Telegram. In this video, we demonstrate how investigators track the poster’s activity, analyze metadata, and connect external handles to better understand who might be behind such sales pitches. (Note: The video examines forum posts and metadata, not the underlying Malaysian Navy documents themselves. Authenticity or contents of the claimed materials cannot be verified here.) #StealthMole #DarkWeb #OSINT #ThreatIntel #CyberInvestigation #MalaysianNavy #Telegram #CyberCrime Discover more case studies and tool demonstrations at StealthMole. You can request a free trial or demo through our website to see how these methods can be applied in practice. This video is intended for educational and investigative methodology purposes. The authenticity of the materials mentioned cannot be independently verified here. For any legal proceedings or investigative follow-up, please coordinate with the appropriate law enforcement authorities.

45

3 Comments

BREAKING: Singapore just released a framework for agentic AI security—autonomous systems that don't just recommend actions but independently execute them. Singapore's Cyber Security Agency is now addressing the next frontier: AI agents that write code, manage supply chains, make business decisions at machine speed, all without human oversight. Singapore's framework maps the vulnerabilities we've associated with agents: 🔍 Prompt injection attacks that hijack AI decision-making. 🔍 Unauthorized tool access. 🔍 Data exfiltration. 🔍 Unintended autonomous actions that cascade beyond their original scope. The framework establishes capability-based risk assessment: where can AI agents be exploited, what damage can they do, how do we contain it? It mandates lifecycle controls from design through deployment. Medical AI faces different scrutiny than entertainment recommendations. Real-world testing happens through government-Google Cloud sandbox partnerships. This matters beyond Singapore: This isn't a one-size-fits-all mandate. It's a step forward for ASEAN. Singapore's SEA-LION project—open-source language models pre-trained for Southeast Asian contexts—proves regional AI infrastructure isn't theoretical. ASEAN doesn't need to choose between American or Chinese systems. We too can build sovereign regulatory approaches reflecting our own priorities. The question is whether the rest of the region treats Singapore's framework as a model to adapt or a milestone to watch from the sidelines. Digital sovereignty means having the capacity to build alternatives when our interests demand it. Singapore just proved first-mover advantage matters. Will ASEAN countries adapt this model or watch Silicon Valley and Beijing write the rules instead? Link to my analysis of ASEAN's opportunity - in the latest edition of Asia AI Policy Digest - in the comments! #AIGovernance #ASEAN #DigitalSovereignty #AgenticAI #Singapore #AIPolicy #TechPolicy

48

4 Comments

Ever debated cybersecurity with someone who’s flown fighter jets? Meet BG (Ret) Richard Pereira, ex-Commander of the RSAF’s Air Combat, UAV & Tactical Air Support Commands, current CEO of RAYN Secure Pte Ltd. From commanding fighter squadrons to coordinating cyber defense, his playbook is pure mission-ready resilience. The secret lies in RAYN’s all-in-one, proprietary StaySecure Suite. Brainchild of RAYN's R&D team comprising Andrew, Yew Hong & Naresh. Yew Hong in particular brings experience from his former service in GIC and MAS as head of security and risk management. StaySecure Learn - online learning platform featuring self-produced programs, localized to meet cybersecurity needs for local industry, including healthcare sector, Available in English and Mandarin. StaySecure Shield – a lightweight remote agent protecting every system, enforcing security configuration baselines, automated patching and feeds monthly health reports. StaySecure Comply (Ver 2.0 In dev) - a dashboard that maps system controls to CSA, IMDA and future HIB frameworks. Streamlines compliance and governance, enables easy audit by granting third party access. P.S. I’ll be sure to ask him about the cookhouse food in our next meeting! Richard Pereira - Data Protection, Cybersecurity, Asset Management Yew Hong Leong #HIB #RAYNSecure #ClinicLife #Cybersecurity #DigitalHealth #ClinicOperations #HealthIT #CyberResilience #MedicalPractice #HealthcareLeadership #Leadership #Partnerships —- This post is part of an ongoing series highlighting my 'kopi' sessions with a group of cybersecurity service providers who had been working closely with Cyber Security Agency of Singapore (CSA). Full reel in comments.

14

2 Comments

The Personal Data Protection Commission (PDPC) and Cyber Security Agency of Singapore (CSA) have called on the private sector to stop using NRIC numbers to authenticate persons, i.e. to prove your identity. Why can you use your NRIC card to prove your identity, but not your NRIC number? Because an NRIC card cannot be easily forged – it shows your photo (and thumbprint), which can be matched against your face (and thumbprint) for verification. Your NRIC number, by itself, lacks these security features. An impersonator or bad actor who knows your NRIC number may falsely claim to be you, to try to access services or information meant only for you. Hence service providers like banks or government agencies must not accept NRIC numbers for such purposes. The government will work with companies, organisations, and individuals to protect Singaporeans and our data. All of us should also practise good habits to protect ourselves, for example by using strong passwords or security tokens, and staying vigilant against scams or unauthorised access of our personal information. Ministry of Digital Development and Information https://lnkd.in/gFk_SG3u

940

65 Comments

Cybersecurity groups and digital policy advocates are urging immediate action to address critical security risks found in the current version of the Konektadong Pinoy Bill. “While we support the bill’s aim of expanding internet access and modernizing the country’s digital infrastructure, we are concerned that certain provisions may unintentionally expose the Philippines to heightened cyber threats — unless stronger safeguards are embedded directly into the law,” said in a joint statement. The joint statement was signed by the WiSAP (Women in Security Alliance Philippines), ScamWatchPH, BPO SECURITY COUNCIL (BSC), Philippines Chief Information Officer Association, and PhilDev Foundation. https://lnkd.in/gc8wgRsF

3

Singapore Under Cyber Siege: APT UNC3886 and the Evolving Threat Landscape At the recent 10th anniversary of the Cyber Security Agency of Singapore (CSA), Minister K. Shanmugam revealed an ongoing, state-linked cyberattack on our critical infrastructure by UNC3886, a sophisticated espionage group with ties to China. In my role, I’ve actively leveraged the MITRE ATT&CK framework to identify and map APT techniques, tactics, and procedures (TTPs), including: Defense Evasion (T1562, T1027) Credential Access (T1003, T1555) Lateral Movement (T1021, T1086) Persistence & Command and Control (T1053, T1071) APT UNC3886 has been documented using zero-day vulnerabilities, virtualization platform exploits, and living-off-the-land (LotL) techniques, allowing them to evade detection and maintain long-term access—hallmarks of a well-resourced nation-state actor. These recent developments underscore the need for continual enhancement of cyber defenses, better threat intelligence sharing, and stronger supply chain vetting—as highlighted by Minister Shanmugam. As cybersecurity professionals, we must: Continuously map threats using frameworks like MITRE ATT&CK Strengthen defenses against APT-level persistence and lateral movement Prepare for disruption scenarios in essential services, as described in the Minister’s scenario analysis (e.g., power, water, healthcare) Cyber maturity is no longer optional—it’s strategic. #Cybersecurity #APT #UNC3886 #MITREATTACK #CriticalInfrastructure #CyberResilience #Singapore #Infosec #ThreatIntel #Governance #NationalSecurity

9

🚨 Singapore Military Chief Calls for Greater Cyber Resilience 🚨 Singapore continues to take bold steps in cyber preparedness by putting additional efforts into the cyber-dedicated sector of its armed forces, the Defence Cyber Command led by Col. Clarence Cai. The Singapore Armed Forces group is designed to meet technical challenges including finding regional talent, specialized schemes and long-term strategy, as well as partnering with civilian-led organizations, Cai said. Watch the full interview with Geetha Nandikotkur: https://lnkd.in/dX2GsN_A #ISMGNews #ISMGStudio #cybersecurity #Govware2025 GovWare

5

1 Comment