Website

Business Growth with a Good Website During Covid-19

During the time of Covid-19, 40% of Australian businesses are operating online, internet and website consumption is increased a lot from 2020.

Businesses are delivering their products and services online and earning more than ever.

If you are unable to operate your business physically, there is still plenty of opportunities for you to generate a great revenue with perfectly efficient website and a good digital marketing strategy.

If you have less budget, don’t worry because there are also some free tools available online to set up an online store including Google My Business and Yelp.

The ultimate goal is to get the attention of users through your online presence and attract them to the website. In this way, you can display your business and earn safely during Covid-19.

All you need is to get a splendid and elaborative website, whose performance will play a vital role in your sales. A good optimized and efficient website is a key to greater revenue.

Importance of Good Web Development

When a client comes to your website all he wants is a product with easy navigation and a complete description of a particular product to buy it, by staying at home and practicing social distancing, staying safe.

As the competition is higher now, you have less time to convince your client to buy a product. There are thousands of other options also available for them. You can earn their trust by maintaining a good website.

Key Factors of an Optimized and Efficient Website:

• Responsiveness and speed of it.

• User Friendliness and easy understandability.

• Your Domain Name or brand name to earn trust.

Colour Branding also has a great influence to attract consumers.

• Keep your Digital Marketing up-to-date

Computer Support Professionals is passionately producing and maintaining websites and Website Development that are search engine optimized, work flawlessly on personal devices (including iPad, iPhone, Droid, etc.), are artistically alluring, secure, and completely user-friendly. We have affordable web packages to cater to all your business needs.

We also provide color branding consultants, choose the right colors and attract more customers.

Article Courtesy: Digital White Space

 

 

 

 

 

 

Insurance Premiums Data Leak because of Cyber Attacks

Australian organizations have been hit hard with the expense of data leak of premium up to 30 percent to cover cyber-attacks, as reported by insurance brokers Marsh.

 

This is increasing rapidly in the country because insurers are not spending on the IT services for covering such costly cyber and ransomware attacks, in which hackers demand payment and hostage the data until they get the amount they are asking for, and also leaks valuable information all over the internet.

 

Marsh’s head of global placement for the Asia-Pacific region John Donnelly said “There is just an increasing number of ransomware attacks, The losses … are significant.”

 

Many organizations are affected by cyber-attacks including Nine Entertainment, publisher of the Australian Financial Review, and logistics outfit Toll. The toll was under a cyberattack which seemed like the Ransomware Attack but no demands were made to Nine.

 

Marsh noticed that organizations that renewed their yearly insurance in the first quarter of 2021 had a 35% chance to deal with cyber-attacks in the United States, “double the increase seen in the prior quarter and the largest increase since 2015”. In Britain, it was 29%.

 

Mr. Donnelly discussed a fear for insurers and stated that unlike geographically restricted events e.g., cyclone hitting North Queensland, a cyber-attack could strike across a company’s systems. “It has the potential to be global,”..

 

As part of the Australian Govt. Stay Smart Online partner, Computer Support Professionals can also measure the security health of your business with the latest industry best tools and application. We can help you to protect your business from the latest threat which can cause a security risk and damage your identity.

WHAT WE COVER UNDER IT SECURITY:

  • Managed security services and solutions
  • Design security solution as per business needs
  • Cybersecurity awareness programs
  • Anti-Virus and Anti-ransomware solutions
  • Enterprise and SMB risk and IT compliance strategies
  • Security risk assessment
  • Identity and access management
  • Security audit and Incident investigation

Article courtesy: financial review

 

 

All About Incident Response Plan and Why It Is Important for You Medical Center

An incident response plan is a standardized way to plan, identify, prevent, and recuperate from a suspected cybersecurity breach. It enables an enterprise to respond to cybersecurity incidents in a timely and efficient manner, thereby protecting its data, money, and reputation.

Being a victim of a cyber-attack is harmful enough, but companies who fail to take the necessary precautions may face litigation from employees or shareholders, as well as regulatory penalties. They will also discover that their insurance provider will deny their claim if they do not follow such pre-determined procedures.

A well-developed incident response plan should make sure that proper steps are followed. It usually comprises of the following elements.

  • what role the incident response plan plays in the organization’s overall mission.
  • How an organization approach an incident plan
  • Activities that must be completed during each phase of an incident response
  • The channel of communication between the IR team and organization members
  • A method to measure the overall effectiveness of incident response capabilities

Why Incident Response Plan Is Crucial

Cyber accidents are more than just technological issues; they’re also business issues. The quicker they’re dealt with, the less harm they’ll do.

IRPs shorten the time it takes to remediate an issue, which can have a big effect on a company’s budget. According to a 2017 IBM report, if cyberattacks are controlled within 30 days, the loss to the organization can be reduced by up to $1 million.

Despite the clear cut importance of an incident response plan, about 77% of the organization doesn’t have any IR plan (Ponemon)

These numbers are alarming, particularly when you realize that 57% of organizations say the time it takes to fix cyber incidents in their organizations is getting longer, and 65% say the seriousness of the attacks they’re facing is getting worse.

Creating And Incident Response Plan

Medical centers usually lack the in-house expertise necessary to create or implement a successful plan on their own. Whether they’re fortunate enough to have a dedicated team, they’re either tired from a barrage of false positives from their automated detection systems, or they’re too preoccupied with current activities to keep up with the new risks.

Computer Support Professionals provide Medical IT Services to your Medical Centre Check Out.

Call us at 1300 660 368

Email us at sales@cspro.com.au

Follow Us on Facebook, Twitter, LinkedIn and YouTube

 

 

 

 

Data Theft in Healthcare Sector: The Facts, The Cost And How To Avoid Them

The healthcare sector has a disproportionate number of data thefts, and the acuteness of these thefts – both in terms of average financial cost per record and the social effect of stolen health records – far outweighs thefts in other industries.

As per the Australian Information Commissioner’s (OAIC) “The health sector reported the largest number of data breaches in 2020 and according to the predictions of cybersecurity ventures, there will be two or three times more cybersecurity attacks in 2021 in the healthcare sector as compared to other sectors globally.

Understanding the problem: why do data breaches burgeon in the healthcare industry?

The high rate of data losses in the healthcare sector is due to the shift of healthcare information and current health practices into the digital doorway- a transformation that is taking numerous forms, including:

• Increase in the usage of medical devices and patients wearables like an insulin pump, pacemaker that are the link to the internet, and directly gathering and organizing patient information.

• The growing use of telecommunication technologies like telehealth, telemedicine to remotely provide healthcare services.

• The execution of electronic health records system, both inside individual practitioners and hospitals and around the country via the My Health Records (MHR) scheme.

All of these innovations enable more sensitive care and greater control over a patient’s health and data. But advancements in connectivity (especially where the medium of communications is not encrypted), the centralization and consolidation of delicate information, and expanding access to that data to a wide variety of organizations all increase the risk of unintentional or malicious data thefts unless adequate protection measures are implemented.

Healthcare data is a valuable and non-perishable resource.

• Healthcare data is critical if theft: In the health sector, ransomware attacks are more likely to succeed because they interrupt the organization’s activities, impacting both patients and employees (sometimes affect daily operations and care). As a result, healthcare organizations need immediate access to their databases and are more likely to comply with the hacker’s claims.

• Healthcare data is hard to change: Health records related to diseases and surgeries, unlike a credit cards or payment information, are not ‘perishable’ and are therefore difficult to replace. This implies that after a breach, it maintains its value for a longer period of time.

• Healthcare stolen data sells at a very high rate: Health information is critical (Medicare details sold for A$29 per record in 2017) and can be used for identity frauds or other fraudulent activities that take advantage of a person’s medical conditions or payments, such as creating false insurance claims, acquiring medical equipment, or gaining access to various prescriptions.

Cost of Data Breaches

Any sort of breach is costly, as noted by the IBM security report, on average one incident costs $6.45 million to a healthcare organization, which is about 65% more than the cost of mitigation in our industries. No health care organization, irrespective of its size, can bear to suffer a security breach, it may also include the extra cost of HIPAA fines along with reputational harm

What should practices do?

To protect from data breaches healthcare administrations should follow the following steps:

• Take services from a professional managed IT services providing company, for maintaining and securing their IT networks properly.

• Perform well develop cybersecurity risk assessment, to check the cybersecurity risk prevailing in the system.

• Audit data storage processes on a regular basis to ensure compliance with data storage policies and procedures.

• Provide training to staff members on cybersecurity risks and data/privacy best practices.

• Comprehend and put into practice a ‘privacy by design approach to business activities, particularly in the design and execution of new projects.

• Develop a data breach response squad and a robust data breach response plan. To react to possible data breaches rapidly and efficiently while minimizing harm to individuals (and therefore the monetary and reputational costs of the thefts)

Computer Support Professionals provide Medical IT Services to your Medical Centre Check Out!

Call us at 1300 660 368

Email us at sales@cspro.com.au

Follow Us on Facebook, Twitter, LinkedIn and YouTube

Author:

Jia Paracha

Facebook

Facebook Data Breach

Facebook’s Hundreds of millions of Data Leaked

Originated from exploitation of a feature over Facebook:
According to a statement of Facebook, reportedly over 530 million user’s data is leaked potentially originated from the exploitation of a feature over Facebook in 2019. During this incident, the company kept it secret after identifying the damage is done.
A Facebook spokesperson told Insider that the data had been scrapped because of a vulnerability that the company patched in 2019.
Business Insider announced a week ago that contact numbers and other information provided by users on their profiles were accessible publicly anyone can access it and it can be used easily.

According to Facebook “Malicious Hacker” had acquired the information before September 2019 by strikeout profiles utilizing a weakness in the online social media service’s  to sync information of profiles.

Data Breach

A person in a low-level hacking forum on Saturday two weeks ago distributed the contact numbers and information of countless Facebook clients.
The information did not include financial information, health information, or passwords, Facebook said, but no matter what still data leak leaves users unsafe, security experts say.
Contact numbers are widely used to connect users to their digital accounts, including the use of two-factor authentication with the help of text messages and phone calls to verify one’s identity.
A cybersecurity expert CyberScout founder Adam Levin says “Scammers can do an enormous amount with little information from us,” The information did not include financial information, health information, or passwords, Facebook said, but the data leak still leaves users vulnerable, security experts say.
With IT Security Service,  Computer Support Professionals can also measure
the security health of your business with the latest industry best tools and
application. We can help you to protect your business with the latest threat
which can cause a security risk and damage your identity..

 

 

For Details and Pricing:

Call us at 1300 660 368

Email us at sales@cspro.com.au

Follow Us on FacebookTwitterLinkedIn and YouTube.

Why do you need SEO for your Business Website?

Introduction to Search engine optimization (SEO)

Search engine optimization (SEO) is the process of optimizing your website content and website ranking on search engines, like Google, whenever a person search with the key words the purpose is to present your webpage among the list of the top searches. In terms of SEO, it consists of the searcher, search engine, and your very own website.

Reasons Why a Website Should have a Good Search engine optimization (SEO)

SEO Search engine optimization

Optimized Site Has More Traffic of Audience

SEO’s goal is to improve Websites’ rankings on a search engine so when a person types a keyword in a search bar it shows your profile on the front page of it.

The purpose of SEO is none other than gaining high rankings which leads to attracting more traffic from the audience, buyers, or consumers and also to sustaining those audiences as your potential customers.

A Good SEO Saves Cost of digital Advertisement

When your SEO is good you don’t need to pay for Ads unless you want one. There are two types of search results that generally appear on a search engine.

SEO Search engine optimization

First Column is for the paid Ads and the other columns are for organic searches which appear based on your keyword.

SEO helps in gaining Trust:

As we all are daily users of internet and websites, suppose we click on a link on the back end it is broken and redirects us to some other page or has no attachment to any page, we feel exhausted and leave the site. SEO helps in making sure all the links are working completely fine, and error-free for a smoother user experience.


 

These are some of the major reasons you should consider SEO services for your website. And as an IT company, Computer Support Professionals also provide different SEO Services for your Business Growth. Our Support agreement can be custom designed based on the client’s requirement.

For Details and Pricing:

Call us at 1300 660 368

Email us at sales@cspro.com.au

Follow Us on Facebook, Twitter, LinkedIn and YouTube.

Author:

Alesia Samih

Nefilim Ransomware Attack Uses “Ghost” Credentials

Sophos Rapid Response has discovered that keeping close tabs on the account credentials in your organization should always be a top priority. Sophos Rapid Response is a 24/7 service that helps organizations to quickly identify and neutralize active threats.

The company reached out to Rapid Response to get help with a Nefilim (also known as Nemty) ransomware attack in which more than 100 systems were impacted. Sophos’ Intercept X endpoint protection has no problem detecting and stopping Nefilim. Unfortunately, the customer did not have this protection in place. Nefilim ransomware, like virtually all major ransomware, replaces the original files with encrypted versions, making recovery impossible without either the decryption key or a recent backup.

The Rapid Response team sprang into action as soon as they were contracted by the customer, loading Sophos security onto all the systems it could access, ensuring all necessary protections were turned on for systems that already had Sophos installed, and digging for clues as to how and when the intrusion began and what might have been stolen.

By the time of Sophos’ standard “kick-off” call to describe the process of the Rapid Response team and gather context around the evidence uncovered so far, the team had already singled out user accounts that had been taken over and compiled a general timeline of the attack.

Nefilim ransomware attack timelineThe team determined the attacker had compromised an admin account with high level access about one month before launching Nefilim ransomware. Or more accurately, the attacker gained access to that admin account, then spent one month quietly moving around to steal credentials for a domain admin account, finding the trove of data they wanted, exfiltrating hundreds of GB of data, and then finally announcing their presence with the ransomware attack.

“Ransomware is the final payload in a longer attack. It is the attacker telling you they already have control of your network and have finished the bulk of the attack. It is the attacker declaring victory,” Peter Mackenzie, manager for Rapid Response, said. “Identifying you are under a ransomware attack is easy, identifying the attacker was on your network a week earlier is what counts.”

Based on Sophos intelligence, the Rapid Response team knew the threat actors behind Nefilim ransomware commonly gain initial access either by exploiting vulnerable versions of Citrix or Remote Desktop Protocol. In this case, the adversary exploited vulnerable Citrix software, gained access to the admin account, then stole the credentials for a domain admin account using Mimikatz.

During Sophos’ initial kick-off call, the Rapid Response team relayed which admin account had been compromised in the initial intrusion, and asked the customer: Whose account was it? The answer: the account belonged to an individual who had sadly passed away around three months before the attacker’s first move.

Apparently, the account was kept active because there were services that it was used for, meaning the Rapid Response team had to discern which activities from that account were legitimate and which were malicious.

“The malicious activities were often in the middle of the night for the customer’s local time,” Mackenzie said. “We were able to work out some of the movements in the account based on when they occurred and when the commands were being performed.”

If an organization really needs an account after someone has left the company, they should implement a service account and deny interactive logins to prevent any unwanted activity. Or, if they don’t need the account for anything else, disable it and carry out regular audits of Active Directory. Active Directory Audit Policies can be set to monitor for admin account activity or if an account is added to the domain admin group.

Mackenzie noted far fewer accounts need to be a domain admin than most people think.

“People assume because a person is an executive or is in charge of the network that they need to be using a domain admin account. ​This isn’t true and it’s dangerous,” Mackenzie said. “No account with privileges should be used by default for work that doesn’t require that level of access. Users should elevate to using the required accounts when needed and only for that task.”

Mackenzie added that alerts should be set so that if the domain admin account is used or if a new admin account is created, someone knows. A previous case that Rapid Response was called in on proved this point.

In this particular case, an attacker gained access to an organization’s network, created a new user, and added that account to the domain admin group in Active Directory. No alerts were set off, so that new domain admin account went on to delete about 150 virtual servers and used Microsoft BitLocker to encrypt the server backups.

Mackenzie told the customer they were lucky the attack was so visibly destructive and easily noticed.

“If they hadn’t done that, how long would they have had domain admin access to the network without the customer knowing?”

Detection and IoCs

Nefilim ransomware is detected in Sophos Endpoint Protection under the definition Troj/Ransom-GDN.

Additional indicators of compromise have been published to the SophosLabs Github.

Nefilim group Tactics, Techniques, and Procedures (TTPs)

The common Tactics, Techniques and Procedures (TTPs) of the group(s) that operate Nefilim ransomware have often utilized Citrix vulnerabilities or Remote Desktop Protocol (RDP) to gain initial entry into victim environments by exploiting public facing applications MITRE ATT&CK T1190.

In this case, the Rapid Response team discovered vulnerable versions of Citrix software on customer systems. Although it is unclear what vulnerability was exploited, the installed Citrix Storefront 7.15 CU3 was vulnerable at time of incident to 1 Critical (CVE-2019-11634) and 4 High rated CVE vulnerabilities (CVE-2019-13608, CVE-2020-8269, CVE-2020-8270, CVE-2020-8283) which may have been exploited in order to gain initial access to the target network.

Once in, the threat actor also used Remote Desktop Protocol (RDP) logins to maintain access to the initial admin account used in the attack. On the network, the threat actor used Mimikatz, which allows the threat actors to reveal the credentials stored on the system, to compromise a domain admin account.

The Rapid Response investigation uncovered PowerShell commands as well as the use of RDP and Cobalt Strike to move laterally to multiple hosts, conduct reconnaissance, and enumerate the network.

The threat actor installed the file transfer and synchronization application MEGA in order to exfiltrate data.

The Nefilim ransomware binaries were deployed using Windows Management Instrumentation (WMI) via the compromised domain admin account.

Checklist for secure account access management

  • Only grant the access permissions needed for a specific task or role
  • Disable accounts no longer needed
  • If you need to keep an account active after the original owner has left the organization, implement a service account and deny interactive logins
  • Carry out regular audits of Active Directory: Active Directory Audit Policies can be set to monitor for admin account activity or if an unexpected account is added to the domain admin group
  • Have a robust security solution in place, ideally with anti-ransomware technologies such as that featured in Intercept X

Article Courtesy: news.sophos.com

Ransomware Targeting Australian Aged Care and Healthcare Sectors

The Australian Cyber Security Centre (ACSC) is aware of recent ransomware campaigns targeting the aged care and healthcare sectors. Cyber criminals view the aged care and healthcare sectors as lucrative targets for ransomware attacks. This is because of the sensitive personal and medical information they hold, and how critical this information is to maintaining operations and patient care. A significant ransomware attack against a hospital or aged care facility would have a major impact.

The ‘Maze’ ransomware is designed to lock or encrypt an organisation’s valuable information, so that it can no longer be used, and has been observed being used alongside other tools which steal important business information. Cyber criminals may then threaten to post this information online unless a further ransom is paid. This is especially effective in the aged care and healthcare sectors.

Recommendations

If Australian organisations are infected by the Maze ransomware, they should seek assistance in the first instance from the ACSC via 1300 CYBER1. We encourage reporting cyber security incidents to enable the ACSC to alert and assist a broader range of organisations, and understand the scope and nature of cyber intrusions.

Read the ACSC advice on mitigating the threat of ransomware. Keeping software up to date and having current backups stored offline is the best way to protect your organisation from a ransomware attack.

Never pay a ransom demand

We recommend you do not pay the ransom if affected by the Maze ransomware. There is no guarantee paying the ransom will fix your devices, and it could make you vulnerable to further attacks. Restore your files from backup and seek technical advice.

Identify and backup critical information and systems

Backing up and restoring your files offers peace of mind and makes it faster and easier to get up and running again following a ransomware attack.

Keep your systems and software up to date through regular patching

All your personal or business devices including your phone, tablet, computer or laptop use software to run, such as operating systems like Microsoft Windows or Apple MacOS; and antivirus, web browsers or word processors at work. Read more about patching software.

Use antivirus software and keep it up to date

Install antivirus software on all devices and set the software to automatically check for updates on a daily basis.

Article courtesy: www.cyber.gov.au

Government finally unveils Australia’s new cyber security strategy

The federal government has finally unveiled its delayed cyber security strategy but left much of the detail to forthcoming legislation that is yet to be put before parliament.

The 52-page strategy [pdf], released on Thursday, will see $1.67 billion invested in a number of already-known initiatives aimed at enhancing Australia’s cyber security over the next decade.

Much of the funding is from the previously announced $1.35 billion cyber enhanced situational awareness and response (CESAR) package.

The strategy’s key elements include proposed laws and an “enhanced regulatory framework” to secure critical infrastructure, deemed the “best way to protect Australians at scale”.

The new framework will outline the government’s minimum expectation, including an “enforceable positive security obligation for designated critical infrastructure entities”.

“These powers will ensure the Australian Government can actively defend networks and help the private sector recover in the event of a cyber attack,” the strategy states.

“The nature of this assistance will depend on the circumstances, but could include expert advice, direct assistance or the use of classified tools.

“This will reduce the potential down-time of essential services and the impact of cyber attacks on Australians.”

The framework, which will be delivered through amendments to the Security of Critical Infrastructure Act, is also expected to extend to systems of national significance.

While much of the focus on critical infrastructure is ensuring assets are properly defended during a cyber attack, the government will also assist operators to “enhance their cyber security posture”.

It will do this by using the proposed $62.3 million “classified national situational awareness capability”, funded in the CESAR package, to response to threats against critical infrastructure.

Critical infrastructure operators will similarly be able to share intelligence about malicious cyber activity through the government’s $35 million cyber threat-sharing platform, which has been on the cards for several years.

Further afield, the government is also considering additional “legislative changes that set a minimum cyber security baseline across the economy”.

It will also expand the cyber security incident exercise program run by the Australian Cyber Security Centre to improve how government and businesses prepare for incidents.

Secure government hubs

With departments and agencies continuing to struggle to implement rudimentary cyber security controls, government systems and data are key concerns.

In a bid to uplift cyber resilience, the government is planning to “centralise the management and operations of the large number of networks” run by agencies as a priority.

The strategy said that centralising networks would allow the government to “focus its cyber security investment on a smaller number of more secure networks”.

“A centralised model will be designed to promote innovation and agility while still achieving economies of scale,” the strategy states.

It also plans to explore the creation of “secure hubs” to reduce the number of networks that hostile actors can target even further, though the strategy does not elaborate on what this might look like.

Standard cyber security clauses will also be introduced into government IT contracts to avoid unnecessary risks.

The strategy notes that federal, state and territory agencies were the target of 35.4 percent of the 2266 cyber security incidents that the ACSC responded to in the 2019-20 financial year.

Around the same number of incidents impacted critical infrastructure providers in the healthcare, education, banking, water, communications, transport and energy sectors.

The government will also provide law enforcement agencies with $124.9 million to strengthen their ability to counter cyber crime, including $89.9 million for the Australian Federal Police.

The funding will sit alongside planned legislation that will assist the AFP to identify individuals engaging in serious criminal activity on the dark web.

The ACSC will also receive a further $31.6 million to improve its ability to counter cyber crime offshore and assist federal, state and territory law enforcement to identify and disrupt cyber criminals.

“The Australian Government will ensure it has fit-for-purpose powers and capabilities to discover target, investigate and disrupt cyber crime, including on the dark web,” the strategy states.

Uplifting SMEs

The strategy also outlines the government’s $63.4 million plan to assist small and medium enterprises (SMEs) to uplift their cyber security capabilities with the help of large businesses.

One such initiative will see large businesses and service provider provide SMEs with ‘bundles’ of secure services such as threat blocking and antivirus, as well as other awareness training.

“Integrating cyber security products into other service offerings will help protect SMEs at scale and recognises that many businesses cannot employ dedicated cyber security staff,” the strategy states.

The government also plans to “provide online training and a 24/7 helpdesk for SMEs that needs cyber security advice or assistance”.

Article courtesy:  www.itnews.com.au

Does Australia need a new coronavirus contact tracing app?

COVIDSafe was sold as Australia’s ticket out of lockdown. But almost three months since launch in late April, its impact is hard to measure.

Victoria has accessed data from the app almost 400 times, but health authorities are yet to point to any potential COVID-19 exposure that was not picked up by manual contact tracing.

In New South Wales, app data has been extracted 23 times. In one instance, a person whose contact details were unavailable during manual contact tracing was contacted using app data.

But COVIDSafe’s ability to reliably transmit and collect encrypted codes using Bluetooth from other apps remains under scrutiny.

And there is another option.

In May, Google and Apple launched an exposure notification API or framework built into their devices’ operating systems that allows health authorities to build their own apps, and ostensibly helps the technology perform better with less bugs and workarounds.

Germany and Ireland, as well as a handful of other European countries, have now launched their own COVID-19 exposure notification apps using the Google-Apple framework.

So how do they compare to COVIDSafe?

A centralised or a decentralised model

COVIDSafe and apps built using the Apple-Google API both deploy Bluetooth to create an encrypted log of random codes from other devices with the app, that come into close range.

But Ireland’s COVID Tracker app and Germany’s Corona-Warn-App differ when it comes to the next step.

Broadly, if someone tests positive for the virus and has one of those apps, they can voluntarily make their weeks of random codes available to the exposure notification system.

Each individual app regularly checks the exposure codes they have stored against ones the system has identified as belonging to an infected person.

If there is a match, they receive a warning notification on their phone and can then choose to get in touch with a doctor.

All the data processing is done on the device.

In contrast, if someone with COVIDSafe is diagnosed with the virus, health authorities may ask them to share their app’s data with a central database. Then those random codes will be sorted into close contacts (1.5 metres for upwards of 15 minutes) and used by local health authorities to track potential exposures.

Ireland and Germany’s apps operate more as a warning system and offer much less information to authorities.

That lack of centralised data collection is part of what makes security expert Vanessa Teague, chief executive of Thinking Cybersecurity, believe Australia should move to the Google-Apple API.

“It has this huge privacy advantage,” she said.

And although we do not yet have sufficient empirical data comparing the performance of available models, she suggested it’s likely apps built using the Google-Apple framework will work more reliably than COVIDSafe because the Bluetooth detection technique is built into the devices’ operating systems.

“By work, I mean, when two people are near each other, the likelihood that it exchanges the pings it’s supposed to exchange is likely to be a lot higher,” she said.

Are apps built using the Google-Apple API a success?

Like in Australia, German and Irish authorities have been quick to boast about download figures.

Germany launched its app in mid-June. As of July 23, the Corona-Warn-App has registered 16.2 million downloads, according to the Robert Koch Institute, in a country with a population of more than 80 million.

Ireland’s Health Services told the ABC that almost 1.4 million people have downloaded the app since July 7 — out of almost 5 million people — and 91 COVID Tracker app users have received an exposure alert.

But like in Australia, where the app has been downloaded more than 6 million times, there are few metrics publicly available to understand the app’s contribution to pandemic control, or even how many people have the app open and working each day.

In Germany, about 660 people who were shown to test positive for SARS-CoV-2 had the opportunity to warn others via the app by July 20.

“However, we cannot say exactly how many people were warned because of the decentralized approach of the app,” the president of the Robert Koch Institute Professor Lothar H. Wieler said in a recent statement.

Stephen Farrell, a computer security researcher at Trinity College Dublin, said questions remained for the Australian and European apps when it comes to the ability of Bluetooth to accurately gauge distance — and so, to accurately identify close contacts.

“It suffers that same challenges with Bluetooth proximity detection in terms of making it reliable in all sorts of contexts,” he said. “Handsets in all different positions, in pockets, in handbags … walking, cycling.”

Dr Farrell suggested it will ultimately be difficult to definitively measure the impact of this technology.

We need to know how many people who would have been missed by manual contract tracing are caught by the app, he suggested. And of those people, how many are false positives or true positives.

Privacy concerns remain

As well as privacy bugs found after the launch of COVIDSafe, its centralised method of data collection has been an ongoing focus for security researchers.

But there is also concern in Europe that exposure notification apps built using the Google-Apple API could be used to track location, especially on Android.

The implementation of Bluetooth on Android has long (and wrongly, in her view) been “inextricably linked” to location permissions Dr Teague said, as some non-contact tracing apps use the technology to work out a user’s location.

For example Bluetooth beacons in a shopping centre, she said, could be used to serve users with hyper-specific advertising.

“The implication is, if you’re not going to let Google track your location, then you’re not using Bluetooth scanning.”

The COVIDSafe version of Android as well as apps made using the Google-Apple API ask for location permission when the app is downloaded — although all insist location is not recorded as part of the contact tracing process.

“In keeping with our privacy commitments for the Exposure Notification API, Google does not receive information about the end user, location data, or information about any other devices the user has been in proximity of,” a Google spokesperson said.

Professor Alexandra Dmitrienko, head of Secure Software Systems Research Group at the University of Würzburg, is troubled that location services must be turned on when using the exposure notification API on Android.

While many people may choose to use products like Google Maps and have location services operating, she suggested those that do not are forced into a choice: allow location permissions when downloading the German app or give up the ability to use your country’s public health app.

As more countries accept the Apple-Google solution, she is also concerned about the control being ceded to the two technology giants.

“As an expert in security and privacy, I see … that we give too much power to two American companies,” she said.

Could Australia move to the Google-Apple API?

As it stands, Australia’s COVIDSafe would have to fundamentally change its approach to use the Google-Apple API.

The companies’ API rules stipulate that a government can only request and not require users to share personal information such as a phone number.

COVIDSafe requires these details upon sign up. Ireland’s COVID Tracker app on the other hand asks only for opt-in metrics.

Minister for Government Services Stuart Robert said the Government is open “to improving [the] technology” if it maintains a key role for health officials in the process.

“The current structure of the Google-Apple API does not do that,” he said.

“We will continue to work with Google and Apple, particularly to see if they can remove their barriers in allowing a sovereign tracing app — that has health professionals at its core — access to improved Bluetooth functionality”.

Ultimately, it may still be too early to say whether any piece of technology can be the pandemic silver bullet so many countries are after.

Professor Dmitrienko thinks it’s too early to know how effective these apps are.

“[The] general opinion is that this technique cannot really replace the manual contact tracing, but it can be complementary,” she said.

But then, there’s the price tag.

By some estimates, COVIDSafe has reportedly cost around $2.75 million in contractors fees.

The Irish app cost €850,000 ($1.4 million).

Article courtesy: www.abc.net.au