Saturday, June 3, 2023

New normal of remote work demands protection against cyberattacks


The COVID-19 pandemic and subsequent lockdown have forever changed how we socialize and conduct business. More and more, our personal and professional lives will be online.

Paradoxically, our office towers sit empty. However, the amount of traffic in the virtual world continues to increase exponentially. Our physical borders are closed, but the virtual ones remain wide open, and relatively undefended. Cybercriminals — callous opportunists of the worst kind — take advantage of crises to engage in even more attempts to penetrate computer networks and extract data.

Phishing, smishing (SMS phishing) and vishing (voice phishing) attacks are all on the rise. Our tendency to click on infected emails has increased with the correspondent increase in email traffic — a two-fold impact on the severity of the threat environment.

New work spaces

In the past, knowledge workers might have been centralized into one, or a few locations, with controlled access to information. Now they are are dispersed across thousands of sites that the enterprise has no control over. Face-to-face communications are taking place on open, web-based platforms like Zoom, bbCollaborate, BlueJeans, GoToMeeting, Google Meet and many others, all vying for market share in an attempt to become the industry standard.

Concurrently, managers in organizations are dealing with unseen reductions in business volumes and making the difficult decisions of laying-off employees, shutting down plants and stores, and yet somehow still maintaining some kind of presence and level of customer service in the hope of recovering losses once the pandemic response restrictions are eased.

The challenges for enterprises of all kinds, then, are many: How can they maintain service levels while managing cuts and workarounds?

How do they provide employees with the equipment, tools, resources and information to work from home?

How do they balance restrictions from the lockdown against recovery when it lifts?

How do they support employees and protect them from burnout, exhaustion and other mental health issues? This is especially true for administrative front-line workers like those in information technology (IT) who are now responsible for maintaining secure, fully operational and accessible virtual work environments.

Adapting for cyber-resiliency

The “start, stop, continue” approach offers a powerful structure to frame possible answers to the questions and dilemmas surrounding cybersecurity. Here, I offer three things to start, two to stop, and three to continue to ensure strong cyber-resilience is retained.

START: The most important thing to start is to monitor internal and external security threats and incidents. A few months ago, most of us had not even heard of Zoom, much less used it on a daily basis for both work and social gatherings. Most of us were not used to working from home, accessing work files remotely, uploading and downloading gigabytes of data. Most of us did not have more than rudimentary security on our home routers and networks. Most of us only had a passing knowledge of the IT support staff at work (usually called in a panic).

For managers and executives, this means daily reports on security incidents, their sources (internal or external), their nature and whether new types of attacks and attackers have been observed.

Enterprises also need to start asking themselves about the impact this new work environment has had on customers, employees, suppliers and other stakeholders. Executives should monitor what is being adjusted, and how. For example, to what extent are access permissions (to databases, files, systems and information) being increased? Concurrently, to what extent are insider monitoring programs being deployed to ensure employees do not inadvertently or deliberately leak confidential or proprietary information?

Finally, the time has come to start enhanced online security protocols and tools, like multi-factor authentication, which only 57 per cent of enterprises are using.

STOP: In dealing with the new, distributed and virtual operating environment, organizations should first immediately stop or suspend any non-critical IT projects: this is not the time to continue with replacement of administrative systems, access systems, enterprise networking enhancements, application development or any other project aimed at changing or enhancing business processes.

There are two reasons for this. First, IT staff burnout increases exponentially in the current situation. They are dealing with a deluge of requests to configure home systems, manage access, provide ad hoc and formal training and deal with emergency shutdowns, not to mention an increased risk of breaches. They are not only at risk of burning out, but of making critical errors if they are also asked to continue non-essential development work.

The second reason is that hackers and other criminals will deliberately target organizations that are attempting to juggle remote staff support and IT development, perceiving these organizations to be weak, unfocused and inattentive.

Shadow IT are information systems or applications that individuals or departments use without the knowledge or support of IT staff in the organization. For example, a marketing manager may prefer to use privately sourced customer relationship management software that they find more accessible and modifiable, without the need to submit change requests to an IT department. The problem with shadow IT is that it has not been vetted for any potential security vulnerabilities. In the event of a breach, system administrators may not be notified or able to contain the breach if it emerges from a shadow system.

CONTINUE: Most organizations have well-developed crisis response plans as part of their enterprise risk frameworks. These documents need to be updated to reflect the new circumstances. Organizations need to contact their insurance providers — including for cyber-insurance — and third-party support providers to alert them to their new operating environment. Like the enterprises they serve, these insurers and providers are also trying to cope and maybe temporarily overburdened. Finally, organizations must continue to rehearse and update these plans.

Executives need to continue monitoring resources in their organizations, and where necessary, rapidly adjust budgets, staffing levels and other resources, allocating them to those areas that most need them. This might mean re-allocating IT development budgets and staff to cybersecurity or plant and office maintenance to supporting remote work environments.

Finally, executives need to ensure that succession plans for key staff are current. This is especially true for IT and cybersecurity personnel.

Preparing for the unknown

COVID-19 will prove to be a generational event with long-lasting and as yet unknown effects on society. By critically considering and discussing what to Start, Stop, or Continue with regards to cyber-resilience, businesses and their employees will be in a better position to anticipate, mitigate and flourish in current conditions and beyond.

  • Michael Parent is Professor of Management Information Systems / Fellow – David and Sharon Johnston Centre for Corporate Governance, Rotman School of Management, University of Toronto, Simon Fraser University.

Amid Covid confusion, cybercriminals target electricity infrastructure


Amid the constant stream of news on the coronavirus pandemic, one event passed relatively unnoticed. On the afternoon of May 14, a company named Elexon was hacked. You probably haven’t heard of it, but Elexon plays a key role in the UK’s electricity market, and though the attack did not affect the electricity supply itself, as an academic who researches cybersecurity in the electricity system, I am worried. This near-miss reveals just how vulnerable our critical infrastructure is to such attacks – especially during a pandemic.

Elexon plays an important role in the operation of the country’s electricity system. In such a system, the levels of supply and demand need to be balanced at all times. Otherwise, the system becomes unstable, which can lead to blackouts. To avoid this, Elexon compares the amount of electricity that generators promise they will produce, with the amount of electricity that suppliers say will be consumed. Where needed, the company determines the difference in price and transfers funds between the parties on either side of the transaction.

The lockdown has made Elexon’s role significantly more difficult. Usually, electricity demand is pretty fixed, as people broadly go to work, return home, cook dinner and watch TV at roughly the same hour every day. However, the lockdown has ripped up the rule book on all this. Despite many people staying at home, electricity demand has also dropped by about 20% compared to this time last year due to the closure of factories and businesses. In sum, it is a lot harder to correctly predict demand.

The drop in demand also means that less electricity is needed. Because wind and solar power are now the cheapest forms of electricity available, coal and gas plants are generating less, and there has lately been a big increase in renewable energy sources in the overall mix. However, wind and solar power experience large swings in supply, depending on whether the sun shines and the wind blows. This again makes supply and demand more complicated to manage.

Held to ransom

The Elexon attack used ransomware, in which a computer virus encrypts the contents of a computer, and it can only be decrypted after a ransom has been paid, typically in bitcoin or another cryptocurrency. The most famous ransomware attack is no doubt the 2017 WannaCry attack, which particularly affected the UK’s National Health Service.

Several reports indicate that the Elexon attack relied on REvil/Sodinokibi ransomware, the same as was used in a cyberattack on financial company Travelex on New Year’s Eve 2019. The Travelex hack was traced back to a Russian hacking collective, and although it is notoriously difficult to attribute cyberattacks with certainty, it is likely that Elexon fell victim to the same hackers. On June 1, the hackers posted some of the stolen Elexon data online, in an attempt to pressure the company to pay the ransom.

A cybercrime pandemic

The attack on Elexon does not stand alone. As countries around the world have locked down, cybercriminals have launched attacks on a wide range of targets, mostly using ransomware. The lockdown-induced rise in home-working has been a big enabling factor, as lots of professional communication now takes place over the general internet, which is a lot more insecure than using a local company network with a firewall around it.

Critical infrastructures have been hit particularly hard. In recent months, cyberattacks have been launched on hospitals, coronavirus research facilities, ports, water supply infrastructure, and the Brussels-based ENTSO-E, the European Network of Transmission System Operators for Electricity.

This sort of infrastructure is in the crosshairs for two main reasons. First, cybercriminals bet that operators will be less hesitant to pay ransom than other targets, because the continued operation of electricity, water, hospitals and so on is so important.

But it’s also because their computer systems are often outdated. While it may seem paradoxical, the reason for this is the fact that critical infrastructures should always be available. When a system works fine, there is little incentive to change it, especially when changes to computer systems can easily lead to incompatibilities, errors or crashes. For instance, three years after the WannaCry attack, the NHS is once again exposed to an attack because many of its computers are still running on Windows 7, which is no longer supported.

Ransomware attacks are typically not very complicated. They make use of known software vulnerabilities that have already been patched, and the criminals specifically target those computers that have not been updated. These inherent vulnerabilities, combined with the lockdown-induced difficulties in balancing the electricity grid, mean that a more sophisticated cyberattack on Elexon could have had big consequences for the UK electricity system.

As it happens, the attack only affected Elexon’s internal IT systems, and the rest of the electricity system, as well as the electricity supply itself, was not affected. But this should force us to think about how vulnerable our critical infrastructure is to cyberattacks.

What would have happened if the attack had indeed affected the electricity supply? It would have seriously hindered the UK’s response to the pandemic, and it is possible that we would have struggled to get the power back up, as all resources are currently going into fighting the virus. In addition, it is unlikely that a lockdown without electricity and internet could be maintained for long. The fact that cybercriminals know this only makes our critical infrastructures more appealing targets.

  • Henri van Soest is PhD Candidate in Land Economy, University of Cambridge. This article first appeared on TheConversation.

Too much tech during the coronavirus lockdown?


From churchgoers to nursery school children, video calls, conferences and quizzes have become a lifeline at this time. But this has also meant the boundary between work and family life has become blurred and unbalanced – with notifications, calls and messages, interrupting mealtimes and conversations.

And herein lies part of the problem, because research has found that breaks from work where we engage with our smartphones – to play games or scroll through social networks – are less effective or restorative than conventional breaks such as walking or napping.

This is in part why we have started a new research project to find out how increased screen use during the pandemic – for both learning and downtime – is affecting student wellbeing and concentration levels. Existing research shows that students who are addicted to their phones have lower level of self-regulated learning, low level of flow – or feeling “in the zone” – and are constantly interrupted by applications on their phones when they are studying. So we want to see if enforced break time – away from all screens – could help.

What the research says

Studies have found that by three months of age, about 40% of children regularly watch television, DVDs, or videos. And by 24 months, this number rises to 90%.

Research from the US has also found that between the ages of eight and 18, children spend on average seven hours and 11 minutes a day engaging with screen-based entertainment. While research from Ofcom shows that, on average, adults in the UK check their phones every 12 minutes.

In this sense, lockdown isn’t helping those who are already addicted to their screens. The need to constantly check the news is also creating new screen addicts – linked with increased levels of stress, anxiety, insomnia, and even trauma.

Research proves that too much screen time results in headaches, migraines, eyestrain, obesity and sleep deprivation. It’s thought to also cause behavioural problems in children, difficulties at school, and increased levels of violence.

How to de-screen

All of which highlights the importance of taking a break from screens – particularly during this time of increased stress. Below are some tips to help.

Take a day off: Put one day a week aside to give yourself and your gadgets a rest. Turn off the laptop, TV, tablet and smartphone and spend some quality time “offline”. Cook a meal for your family, do some gardening, work on your hobbies, tick off some chores on your to-do list – anything as long as it’s away from the screens.

Don’t carry your phone around: Your phone does not have to permanently reside in your pocket, this just encourages bad habits like checking it on the toilet or at the dinner table. Being “deviceless” helps you to live in the moment, unwind and focus more on what you’re doing – without worrying about what might be happening “out there”.

Allow yourself to be bored: Experiencing boredom off-screen is a natural path to creativity. We can use our boredom as fuel to motivate us to achieve tasks we have been putting off. This will allow your dopamine receptors to recover from all that tech use as well – excessive screen use causes too much dopamine to flood the brain which has been linked to addictive behaviours, changes in mood, increased stress and difficulty sleeping. Time away from the screen can also give you the chance to think about what you want to accomplish and how.

Try a family switch off: Set aside some device-free time into your family schedule a few times a week. On certain days, after 6pm the whole family should switch off all devices. This will push everyone to have a few hours of quality screen-free time before bed.

Step away from the screen: It might also be worth thinking about how to counterbalance all that screen time. For every hour you spend working, you could take ten minutes to walk around the house, make a cup of tea, jump on a trampoline, go for a quick run, do some stretches – anything to get you up and moving. This will help to bring some separation into your life – allowing you to switch off and think – without all those notifications and alerts.

All of this is important because studies show that exceeding two hours of recreational screen time directly affects our brains, resulting in slower processing speed, shorter attention span and deterioration in memory. Reduced screen time, on the other hand, sharpens our concentration and allows us to complete tasks more efficiently and manage our time more effectively.

In fact, why not start now: put down your phone, tablet, or whatever you are reading this on, look at something in the distance to give your eyes a good stretch, and get up and do something else – your body and brain will thank you for it.


  • Sina Joneidy is Lecturer in Digital Enterprise, Teesside University. Additional reporting by  Charmele Ayadurai, Teaching Fellow, Durham University. This article originally appeared on TheConversation.


World sees surge in website defacement during pandemic


One consequence of the public’s compliance with social distancing and quarantines during the COVID-19 pandemic is a sharp decline in most types of crime. It looks like people staying home made communities less conducive to crime.

Unfortunately, the news isn’t as good as those numbers alone suggest. Other settings are seeing an increase in crime following the stay-at-home orders. One is the household, where domestic violence is likely to have increased in the past two months.

As researchers who study cybercrime, we’re finding that criminal activity seems to be on the rise in the online world, as well. At the same time, many people are relying more heavily than before on online services for work, entertainment and shopping. This makes them more likely to become the targets of different types of online crimes. And the websites and online platforms that these internet users access become more attractive targets to motivated hackers who aim to take them over and deface them.

Wave of website defacing

Website defacement is the online equivalent of graffiti vandalism. It occurs when a hacker infiltrates a server on which a website is hosted and changes the content of the website with images and text of their own choosing.

Unlike more sophisticated forms of hacking, the act of website defacement does not require hackers to have highly sophisticated skills. In fact, several hacker typologies suggest that this form of online crime can be a stepping stone to involvement in more sophisticated hacking, as well as a way to gain a reputation in the hacking community.

The harm suffered by victims of this online crime varies from loss of trust in the owner of the website to loss of revenue. When business websites are taken down by hackers, they can’t process transactions. During the coronavirus pandemic, many merchants have been forced to shift from face-to-face trade to e-commerce, which means it’s likely that more businesses will become victims of cybercrime.

Findings from a recent analysis we conducted based on information about website defacement activities reported on the hacker information site Zone-h, suggest that the average daily number of website defacement attacks reported in April 2020 is 50% higher than the average daily number of attacks reported in April 2019. Moreover, the volume of website defacement attacks reported by mid May 2020, has already surpassed the volume of attacks reported in May 2019 for the entire month.

This steady increase in the number of daily website defacement attacks started in late March 2020, while January and February stayed steady. This leads us to believe that the pervasive isolation imposed by governments around the globe has given hackers more time to spend online, which became the driving force behind this trend.

Smaller sites in the crosshairs

Our investigation of the types of websites that are being targeted by hackers reveals that large corporations and government entities are less likely to be the victims. The average daily number of sophisticated defacements against government agency and large private business websites have increased from 17.75 attacks per day in February to 21.6 attacks per day in April.

However, the frequency of those attacks is substantially lower than the overall average daily number of website defacements reported by hackers during that period. It appears that websites of small businesses, social clubs and private individuals are being disproportionately targeted by hackers.

Website defacers prefer to attack extremely vulnerable websites because many of them are inexperienced hackers, often referred to as script kiddies. They lack the skills required to attack high-profile targets, but are motivated to gain status among their online peers.

Findings from our analysis suggest that the number of newbie hackers who experiment with website defacement has grown rapidly during the COVID-19 crisis. The average number of reports of defacements by first-time hackers in February was 3.41 per day. In April the number was 6.31 per day, a 77% increase in the number of first-time hackers.

With more new hackers attempting to establish a reputation by attacking vulnerable websites, it is imperative that small business owners and individuals protect their websites from attacks. Protection strategies should include keeping the software used to maintain websites up to date, using strong passwords to access the servers that host the websites, preventing website users from uploading files, allowing users to connect to websites via the secure internet protocol (HTTPS) and using website security tools. Fortunately, visitors to defaced websites are generally not at risk.


  • David Maimon is Associate Professor of Criminal Justice and Criminology, Georgia State University; additional reporting by C. Jordan Howell, Doctoral candidate in Criminology, University of South Florida. This article originally appeared on TheConversation.


Coronavirus sparks interest in work from home and VPN


Coronavirus forces work from home

Government and worldwide health guidelines which came into force after the onset of the coronavirus pandemic have seen a rise in the requirement for companies to allow employees to work from home. There are good reasons for employers and employees to consider remote employment.

Benefits for employers

  1. Improved employee retention: loyal employees who enjoy the benefits of working from home.
  2. Access to wider pool of applicants: no need to employ locally.
  3. Increased staff motivation: as a result of better work/life balance.
  4. Productivity gains: fewer interruptions means more focus.
  5. Financial savings: save on office space and other facilities.

Benefits for employees

  1. No commute: employees save time and money with work from home employment.
  2. Stay safe: remote employees self-isolating in their homes are safe from infection or transmitting infection if they have been exposed.
  3. Custom office: Employees can set up their home offices as they want to.
  4. More focused: No office distractions means employees can focus on getting the job done.
  5. Better work/life balance: a benefit of saving time and money due to no commute.

How did Coronavirus affect interest in work from home and VPN

We did a quick review of how the number of searches changed for a few key phrases around remote employment. We found that there was a massive spike in searches on “VPN” and “work from home” towards the end of March 2020 when it became clear that government restrictions on movement would mean employees would have to work from home.

Work from home and VPN search increase

Although this surge in interest is the result of a global disaster, the last time there was a significant rise in searches on VPN is no less scary. This was in 2017, when congress voted to kill all restrictions stopping internet service providers from selling users personal browsing histories to third-party buyers. On that occasion, the reason for the increase in searches is because VPN allows individuals and companies to browse, access, send and receive data and information securely and privately and is an essential component of good network security.

Women workouts in Covid lockdown could spell end of gyms


Digital fitness is enjoying a COVID-19 boom. Online fitness technology provider Virtuagym reports a 400% increase in engagement and a 300% increase in the use of online workouts. Gyms, barre instructors, and yoga studios have been on a steep learning curve to become online businesses. And social media feeds have been flooded with home fitness options.

Women have long been the focus of home fitness programs – so it makes sense they are at the forefront of this shift, finding ways to connect and fit more fitness into their day.

Health clubs around Australia are set to reopen between now and mid-June. But the gains women have made online might make them less inclined to return to the gym once restrictions ease.

Livingroom fitness

While many people are using free content on YouTube during social isolation, others are sticking with fitness instructors who usually run classes in gyms, parks or studios.

By becoming digital providers, instructors can support their loyal clientele through difficult times while protecting their livelihoods during a massive industry downturn .

Big industry players are getting in on the action, with Nike’s Livingroom Cup and Strava’s range of stay active at home challenges aiming to provide motivation and connection with others.

Previous studies have shown people with gym memberships are more likely to meet weekly fitness benchmarks than those without, perhaps due to the financial commitment they’ve made. Older studies have looked at the tribal appeal of group fitness and the influence of others.

Global fitness celebrities like Les Mills, Kayla Itsines, Sam Wood and Chris Hemsworth are offering free program trials during lockdown. They hope mass uptake will convert to longer term paid subscriptions.

Research shows women find it difficult to exercise for reasons including caring commitments, and feelings of intimidation and judgement in public leisure settings. Digital fitness offers privacy, safety and convenience.

There are also economic and time-saving benefits for women, who have less time for leisure than men and less money to spend on fitness.

Digital technologies and programs can also help women build supportive online social networks around their workouts. Facebook groups include Fitness First at Home with 10,000 members and the hashtag #GotAHomeGotAGym.

With 12.5 million followers, the dominant face of online fitness is Kayla Itsines. Her success can be attributed in part to her effective use of digital platforms to build a fitness community.

It’s not just about sweat

Though research has indicated Instagram use can contribute to poor self-esteem and negative self-perception, women also have the opportunity to take pride in their exercise achievements with hashtags like #fitnessgoals and #isolationfitness.

By analysing how active women interact with each other online, we have observed many benefits of digital networks for supporting women’s mental health, community building, and knowledge sharing.

In our study of Itsines’ fitness followers on Instagram, we found sharing photos, stories and advice was important for staying motivated.

Statements from followers such as “I want you to know that whatever you are going through – it’s OKAY!” and “You have to tell yourself each day ‘I got this, I’m gunna get those abs and lose this muffin top’”, show how women connect and relate to each other online by disclosing feelings of insecurity as well as hopes for overcoming them. These connections can feel especially meaningful for women at home or exercising alone.

As part of research soon to be published, we interviewed a dozen Melbourne women who are using Instagram for fitness. They repeatedly identified the value in the communities they found online. One interviewee said:

I feel that I, through Instagram, have got to know more people and I learn a lot of things from them and it’s a source of inspiration for me.

Another said:

I’d moved to a city where I didn’t really know anyone, so it was quite isolating for a period of time. I’ve always thrived on health and fitness so I still trained, but in the last two years with this running community … I have my sense of belonging back, and I feel like I’ve got my people again.

During COVID-19 lockdowns, people are using digital technologies to connect with existing fitness communities. Others are discovering online communities for the first time. This is especially important amid concerns about the mental health impact of social isolation. Experts know that physical exercise can help.

  • Kim Toffoletti is Associate Professor of Sociology, Deakin University. Additional reporting by Adele Pavlidis, Researcher in Sociology, Griffith University; Holly Thorpe, Professor in Sociology of Sport and Physical Culture, University of Waikato; and Rebecca Olive, Senior Research Fellow, The University of Queensland. This article was originally published on TheConversation.

The pandemic demands a surveillance debate beyond ‘privacy’


The coronavirus pandemic has stirred up a surveillance storm. Researchers rush to develop new forms of public health monitoring and tracking, but releasing personal data to private companies and governments carries risks to our individual and collective rights. COVID-19 opens the lid on a much-needed debate.

For example, Google and Apple teamed up to offer privacy-preserving contact-tracing help. The scramble for data solutions is well-meaning, but whether they work or not, they generate risks beyond narrowly-defined privacy.

Everyone has extensive digital records — health, education, employment, police contact, consumer behaviour — indeed, on our whole life. Privacy is much more than shielding something we’d rather not share; surveillance also affects our chances and choices in life, often in critical ways.

Early computerization obliged governments to see that regulation was needed as personal data was collected for more and more purposes. At first the data came from credit cards, driver’s licences and social insurance; today it’s constant device-use. But privacy regulation alone can’t keep pace with today’s supersystems for data collection, analysis and use that generate the kind of negative discrimination that demands data justice.

Surveillance and profit

Shoshana Zuboff’s book The Age of Surveillance Capitalism is making headlines for its close analysis of how Google achieves its surveillance, why and with what consequences. Zuboff insists that a new mode of economic accumulation has been rapidly emerging ever since internet-based platforms — led by Google — discovered how to monetize the so-called “data exhaust” exuded by everyday online communications: searches, posts, tweets, texts. Beyond the loss of privacy, she sees the destruction of democracy and behavioural modification, citing a former Facebook product manager who says the “fundamental purpose” of data workers is to influence and alter people’s moods and behaviour.

One cannot miss Zuboff’s cri de coeur and its scathing rebuke to the “radical indifference” of these platforms. But what will it take to persuade us that today’s surveillance has become a basic dimension of our societies that threatens more than personal privacy? Surveillance is complicated, arcane and apparently out-of-control but those don’t excuse our complacency. Rather, they’re reasons for digging into some of the main dimensions of surveillance, prying open black boxes and reasserting human agency.

Let’s disturb some common assumptions that surveillance is about video cameras, state intelligence and policing, producing suspects and challenging privacy. Google assuredly does surveillance, which is commonly defined as “any focused, routine, systematic attention to personal details, for the purpose of control, influence or management.”

Not just CCTV cameras

Yes, it’s our laptops, phones and tablets. Surveillance is now digital and data-driven.

For too long, the stereotypical icon of surveillance has been the video camera. The French roots of the word surveillance means to “watch over,” which is what cameras do. And these are becoming smarter, when enhanced by facial recognition technology.

Clearview AI, for instance, scrapes billions of images from platforms such as Facebook or Google, selling services to major police departments in the United States and, until recently, Canada.

But today, what deserves to be the stereotypical icon is the smartphone. This, above all, connects the individual with corporations that not only collect but analyze, sort, categorize, trade and use the data we each produce. Without our permission, our data are examined and used by others to influence, manage or govern us. Data analysis enables prediction — and then “nudging” — of specific population groups to buy, behave or vote in hoped-for ways.

It’s not just the state

While the state and its agencies often overreach through intelligence and policing strategies, it is the market and not the state that holds the cards in the surveillance game.

Few noticed in the early 20th century that department stores, like Syndicat St-Henri in Montréal, kept detailed customer records, giving or withholding credit according to their status.

A pivotal moment was 9/11 when high-tech companies, craving customers after the dot-com bust, offered their services to government.

Today, our massively augmented data profiles indicate value to businesses. Those data are valuable to others too, like election consultants.

Surveillance is for sorting

Surveillance and suspects once belonged neatly together — those who were thought to be miscreants were watched. But in this big data era, all personal details are up for grabs.

What French sociologist Jacques Ellul worried about in 1954 has transpired: the police quest for unlimited information makes everyone a suspect. But Ellul never guessed how this could morph into a global network of systems, far beyond policing, in which everyone becomes a target.

But everyone is not targeted in the same way. Surveillance — whether for welfare, commerce or policing — sorts populations into categories for different treatment. This social sorting works in marketing to organize consumers. In China today, social credit systems are used by the government and commerce to monitor and rank citizens’ behaviour and social capital.

An NBC report on technology, surveillance and the social credit system in China.

This is not only about privacy

Surveillance is a challenge to digital rights, because it is based on fundamental inequalities and unfair practices. Vulnerable groups discover their disadvantages are deepened.

Privacy laws rightly protect an individual’s right to privacy of movement, home and communication in a democratic society. But we need a radical new direction, prompted by our knowing how data analytics, algorithms, machine learning and artificial intelligence are reshaping our social environment. The analysis and uses of the data have to be addressed, invoking new categories such as digital rights and data justice.

Surveillance challenges

Just scratching the surface of 21st-century surveillance reveals how vastly things have changed. The landscape of surveillance has shifted tectonically from following suspects, watching workers and classifying consumers to monitoring and tracking everyone — now for public health — on an unprecedented scale.

Privacy is undoubtedly a casualty, and so are basic freedoms of democracy, expectations of justice and hopes for social solidarity and public trust. These demand serious attention, not just from policy-makers and politicians, but from computer scientists, software engineers and everyone who uses a device.

The stakes are high, but the future is not foreclosed.

Here’s why you can’t resist splurging on online shopping


The demand for online shopping has obviously increased since COVID-19 restrictions were put in place.

But less obvious are the subtle psychological drivers behind our collective online shopping splurge. In fact, online shopping can relieve stress, provide entertainment and offers the reduced “pain” of paying online.

In the last week of April, more than two million parcels a day were delivered across the Australia Post network. This is 90% more than the same time last year.

More recently, data based on a weekly sample (from May 11-17) of transactions revealed food delivery increased by 230%, furniture and office goods purchases rose 140% and alcohol and tobacco sales rose 45%.

Meanwhile, we’ve seen thousands of retail job losses, with Wesfarmers announcing plans on Friday to close up to 75 Target stores around the country, and Myer finally reopening stores after nearly two months of closure.

Why the shopping frenzy?

Online sales of many product categories have increased, including for food, winter clothes and toys. This isn’t surprising given people still need to eat, winter is coming and we’re bored at home.

But beyond the fact most people are spending more time at home, there are a range of psychological factors behind the online shopping upheaval.

Recent months have been stressful due to financial uncertainty, the inability to visit loved ones and changes to our daily routines.

Shopping can be a way to cope with stress. In fact, higher levels of distress have been linked with higher purchase intentions. And this compulsion to buy is often part of an effort to reduce negative emotions.

In other words, shopping is an escape.

A 2013 study compared people living close to the Gaza-Israel border during a period of conflict with those from a central Israeli town that wasn’t under duress. The researchers found those living in the high-stress environment reported a higher degree of “materialism” and a desire to shop to relieve stress.

When mall trips aren’t an option

Indeed, in a time when typical forms of entertainment such as restaurants and cinemas are inaccessible, shopping becomes a form of entertainment. The act of shopping alone produces increased arousal, heightened involvement, perceived freedom, and fantasy fulfillment.

It seems the stress and boredom brought on by this pandemic has intensified our will to spend.

What’s more, psychology research has demonstrated humans’ inability to delay gratification.

We want things now. Even with stay-at-home orders, we still want new makeup, clothes, shoes, electronics and housewares.

Another pleasant aspect of online shopping is it avoids the typical “pain of paying” experienced during in-person transactions.

Most people don’t enjoy parting with their money. But research has shown the psychological pain produced from spending money depends on the transaction type. The more tangible the transaction, the stronger the pain.

Simply, paying for a product by physically giving cash hurts more than clicking a “buy now” button.

Clear browsing history

Interestingly, online shopping also allows high levels of anonymity. While you may have to enter your name, address and card details – no one can see you.

It’s easier to buy “embarrassing” products when no one is looking. Apart from lockdown restrictions making it more difficult to date, this may also help explain why sex toy sales have surged during the pandemic.

Sales of lingerie and other intimate apparel have also reportedly jumped 400%.

How have businesses responded?

With advertising spend down, businesses have responded in different ways to recent changes in online shopping.

Many are offering discounts to encourage spending. Last week’s Click Frenzy became a central hub for thousands of deals across dozens of retailers such as Telstra, Target and Dell.

Others have moved operations online for the first time. If you scroll through any major food delivery app, you’ll see offers from restaurants that previously specialised in dine-in services.

Meanwhile, existing meal delivery services such as HelloFresh and Lite n’ Easy are updating their methods to guarantee hygienic packing and transport.

Several small Australian businesses have also pivoted. Clarke Murphy Print responded to slowing print jobs by starting Build-a-Desks.

Even established brands are getting creative. For example, Burger King outlets in the US are offering free burgers to customers who use one of their billboards as a virtual backdrop during conference calls.

Don’t buy better, be better

Unfortunately, with the ease of online purchasing, and our increased motivation to give in to improve our mood or seek entertainment, many people are now at risk of overspending and landing in financial stress.

It’s important to control spending during this fraught time. Simple ways to do this include creating a budget, avoiding “buy now, pay later” schemes, recognising your spending “triggers” and planning ahead.

As isolation increases materialism, it’s also important to keep in touch with family and friends, whether that’s in person (if allowed in your area), via video calls or phone.

So the next time you’re thinking of pulling out your credit card, why not get Skype up on the screen and play a virtual game of Pictionary instead?

  • Adrian R. Camilleri is Senior Lecturer in Marketing, University of Technology Sydney. Additional reporting by Eugene Y. Chan, Associate Professor, Purdue University. This article originally appeared on TheConversation.

Coronavirus won’t kill globalization – but a shakeup is coming


The COVID-19 pandemic is now expected to trigger the worst economic downturn since the Great Depression. Many argue it could unravel globalization altogether.

Globalization relies on complex links – global value chains (GVCs) – that connect producers across multiple countries. These producers often use highly specialised intermediate goods, or “inputs”, produced by only one distant, overseas supplier. COVID-19 has severely disrupted these links.

Although the global economy was fragile at the start of 2020, many hoped for increased international trade following the US-China Phase One trade deal. COVID-19 has scuppered those hopes, bringing the world’s factories to a standstill and severely disrupting global supply chains.

China plays a key role in this. According to Chinese customs statistics, the value of Chinese exports in the first two months of 2020 fell by 17.2% year on year, while imports slowed by 4%.

This drop in Chinese trade impacted some markets more than others. Comparative figures between the first two months of 2019 and the first two months of 2020 reveal a collapse in Chinese trade with the EU and US. Chinese exports to the EU fell by 29.9%, while imports from the EU declined by 18.9%. Exports to and imports from the US tumbled 27% and 8% respectively.

These substantial declines are likely related to the strong interdependence between European and US firms and Chinese ones.

The scale of the shock

To understand the magnitude of the supply shock in China and its global propagation, the Lloyds Banking Group Centre for Business Prosperity (LBGCBP) at Aston University has mapped China’s global trading networks using official Chinese data.

In 2019, the US had the highest trade dependence on China, followed by seven European countries and Japan. By 2020, European countries had moved even further up the rankings.

As the pandemic continues, the worst affected Chinese exports include capital goods such as nuclear reactors, intermediate goods like iron, and labour intensive final goods such as furniture.

The most disrupted Chinese imports include intermediate goods such as organic chemicals, a likely result of factory closures in China, and capital goods like electrical machinery. Hardest hit were precious stones and metals, highlighting the emergence of a sophisticated middle-class of Chinese shoppers and how COVID-19 has reduced their demand for luxury goods.

Interestingly, Chinese imports of meat and mineral fuels increased sharply in 2020. The first can be explained by China’s weakened domestic supply of food during lockdown. The second highlights China’s growing demand for crude oil.

Four product categories have been particularly hard hit as both imports and exports: nuclear reactors, electrical machinery and equipment, plastics, and organic chemicals. These categories include some commonly used intermediate goods (those that are used for producing other goods).

Under normal circumstances, such goods would be traded back and forth between China and other countries as part of the heavily interconnected global production system. This significant drop in their international trade highlights the devastating effect of COVID-19 on GVCs.

An uncertain future

But an unprecedented, synchronised and likely deep fall in demand is now developing. And China was again among the first to feel its impact.

Chinese workers returned to work in April but many no longer had jobs. Widespread cancellations of international orders and delayed payments have led to liquidity problems and mass closures of businesses reliant on global demand.

Investment also tumbled. During February and March 2020, official Chinese statistics report 24.4% fewer new foreign trade enterprises established in China compared to the same period last year. Meanwhile, 12,000 existing foreign trade enterprises closed down.

Agriculture, logistics and those producing raw materials, textiles and clothing have been hardest hit. But, on a more positive note, there has been a surge in demand for medical supplies.

Many are now highlighting the dangers of relying on global value chains – and in particular, those linked to China – leading to talk of “de-globalization”.

The European Commission president, Ursula von der Leyen, for example, has called for the “shortening” of global supply chains because the EU is too dependent on a few foreign suppliers. Similarly, the French president, Emmanuel Macron, has argued for a strengthening of French and European “economic sovereignty” by investing at home in the high tech and medical sectors.

So is this the end of globalization? No. But a reconfiguration of GVCs is inevitable.

A way forward

Global supply chains are extremely complex, and no sector or country is an island. But GVCs follow the principle of efficiency. They are the result of businesses sourcing the best possible inputs to meet their production needs at the lowest cost – wherever those inputs come from.

This is good news for globalization’s survival. While efficiency remains the main target, businesses will continue to shop globally.

Concerns about an overreliance on complex GVCs are justified in the case of products related to national security, such as medical supplies. Many countries will now ensure they can produce such goods without relying on imports.

Nobody can predict the next crisis. But the most reliable and efficient insurance by far is to build a strong international cooperation network. As yet, global political consensus on this remains elusive. But that doesn’t mean we should ever lose the ambition.

  • Jun Duis Professor of Economics, Centre Director of Lloyds Banking Group Centre for Business Prosperity (LBGCBP), Aston University. Additional reporting by Agelos Delis, Lecturer in Economics, Aston University; Mustapha Douch, Research Fellow in Economics, Lloyds Banking Group Centre for Business Prosperity (LBGCBP), Aston University; and Oleksandr Shepotylo, Lecturer in Economics, Aston University. This article originally appeared on TheConversation.


Choosing a firewall for your remote employees


Why choosing a firewall is important

According to the 2019 data breach investigations report (2019 DBIR) from Verizon, 43% of breaches involved small businesses. These breaches may have been avoided with the right firewall. Even before the coronavirus pandemic, many companies allowed employees to work remotely. Since the introduction of government restrictions, the requirement to work from home has increased and choosing a firewall to protect company data and information has never been more important.

What is a firewall?

Most people know that along with a secure virtual private network (VPN), a firewall is part of a cybersecurity system. A firewall may be a physical device (hardware firewall) and/or software or firmware that that monitors incoming and outgoing network traffic and blocks unauthorized access to a network. There are many different types of firewall, and choosing a firewall that suits your company’s particular set-up and requirements for remote employees is critical to ensuring good network security.

  • Personal firewalls protect a single endpoint.
  • Packet-filtering firewalls are placed at junctions or routers and may be used on multi-device networks.
  • Circuit-level gateway firewalls inspect any and all network protocols used during data transmission.
  • Stateful inspection firewalls are more expensive and difficult to deploy but checks the contents of every data packet.
  • Proxy firewalls also known as application-level gateways have dynamic filtering capabilities.
  • Hybrid firewalls combine advanced packet-scanning techniques with antiviru antimalware software.

Choosing a firewall for your business

The array of firewall options is extensive but here is a quick overview of good firewall options, depending on your business set-up and circumstances.

  • SonicWall works well for businesses with remote offices
  • Cisco ASA is great for small businesses
  • Firewalla is a budget option
  • Palo Alto Networks is useful for file sharing on the cloud
  • Sophos is the most versatile firewall option
  • WatchGuard is the fastest unified threat management (UTM) option
  • Norton is an excellent host-based firewall option
  • McAfee includes firewall and antivirus software
  • Ascaler is a cloud-based firewall

The different types of firewalls have varying degrees of effect on network speed, latency and performance. This means it is a good idea to speak to an expert before deciding on the solution for your company.