ETDA signs on to M’soft security programme

MICROSOFT CORPORATION has signed a Government Security Programme (GSP) agreement with the Electronic Transactions Development Agency ( Public Organisation).

Under this agreement, the ETDA will receive information from Microsoft on Internet safety, cybersecurity threats, vulnerabilities, and related guidance to strengthen digital security on a nationwide level.
Toni Townes-Whitley, corporate vice president, worldwide public sector, at Microsoft Corp, said the GSP was a worldwide information-sharing initiative that supports the efforts of national governments and international organisations to protect their citizens and national infrastructure from threats and vulnerabilities.
GSP fulfils a key requirement in Thailand’s Digital Economy and Society Development Plan, whose sixth strategic pillar concerns the fostering of trust in the use of digital technology through a standardised and effective regulatory framework for secure, trustworthy online activities and digital transactions.
This partnership with the ETDA expands the scope of GSP to cover more than 60 agencies in 36 governments worldwide as Thailand joins the ranks of Asia- Pacific GSP signatories – including Australia, mainland China, Japan, South Korea, New Zealand, Singapore and Taiwan.
Surangkana Wayuparb, executive director of the ETDA, said that among the more than 8.8 million IP addresses in use in Thailand, it had found evidence of malware infection tied to more than 2 million IPs. This makes Thailand one of the top nations in the world in terms of malware prevalence.
To address the situation, the ETDA is working with Microsoft and a wide spectrum of partners to establish stronger defensive measures for the country and pave the way for the establishment of a full- fledged national cybersecurity centre in the future.
The ETDA’s agreement with Microsoft under the Government Security Programme is expected to grow in scope next year with the addition of source code access for Microsoft products and services.
Keshav Dhakad, assistant general counsel and regional director of the Microsoft Digital Crimes Unit (DCU) at Microsoft Asia, added that the GSP agreement with ETDA represented the logical next step in the company’s commitment to cybersecurity in Thailand. Through this programme, the ETDA will be able to respond better to online threats and raise public awareness on cybersecurity in a timely, effective manner.
As part of the agreement, the Cyber Threat Intelligence Programme (CTIP) – conceived and operated by the DCU – provides GSP signatories with actionable information on devices compromised by malware.
With full legal permission, DCU severs communications between infected devices and the malware’s command and control centre, which neutralises the threat and renders the criminals powerless. Any attempted malware communication is then redirected to the CTIP “sinkhole” database and shared with programme participants for further action.
“In line with our commitment to privacy, we only provide personally non-identifiable information – such as IP address and Internet service provider gateway geolocation – to CTIP and GSP partners. Furthermore, any action to eliminate the malware threat can only be undertaken with explicit permission from the device owner,” Dhakad said.
The Asia-Pacific region now plays host to the world’s first combined Microsoft Transparency Centre and Cybersecurity Centre in Singapore. The joint facility will enable enterprises and organisations in the region to gain access to Microsoft’s security expertise and technological resources.