Beijing Municipal Government Unveils Web3 White Paper

Akira ransomware, responsible for stealing $42 million from over 250 organizations across North America, Europe and Australia in just a year, is now targeting businesses in Singapore. In response, Singaporean authorities have issued a joint advisory warning local businesses about the increasing threat posed by a variant of this ransomware.Photo by Mike Enerio on UnsplashAlert follows complaintsThe alert follows multiple complaints from victims, prompting agencies like the Cyber Security Agency of Singapore (CSA), the Singapore Police Force (SPF) and the Personal Data Protection Commission (PDPC) to take action. These agencies emphasize the urgency of recognizing and combating this threat. How Akira operatesAkira affiliates employ various techniques to infiltrate a victim's network. These include exploiting known vulernabilities. For example, that could mean the targeting of services like Cisco virtual private networks (VPNs) that have been configured without multi-factor authentication (MFA). Another approach that the ransomware incorporates is attacking external-facing services such as the Remote Desktop Protocol (RDP) via brute force. Social engineering is another tool within its repertoire. This involves tricking victims into downloading malicious software or entering credentials on phishing websites. There is a marketplace for compromised credentials in the dark web. Akira also relies on such data, acquiring it from access brokers who sell network access.  Once inside a network, Akira affiliates often create new domain accounts to maintain persistent access, even after reboots. They use numerous tools to steal user credentials, escalate privileges and spread throughout the network. Detection and prevention measuresThe Singaporean advisory outlines several strategies for detecting, deterring and neutralizing Akira attacks. Authorities strongly advise against paying ransoms, on the basis that doing so does not guarantee data recovery or prevent future attacks. Authorities also warn that paying ransoms can encourage further attacks. The FBI has noted that Akira operators do not contact victims. Instead, they expect victims to initiate contact. Payment in BitcoinThe advisory outlines how Bitcoin is implicated in the ransomware scam. It states:”Ransom payments are requested in Bitcoin, which are directed to cryptocurrency wallet addresses specified by the affiliates. The TOR site (.onion) where victims contact the affiliates, contains stolen information and a list of the affected organisations.” It’s not the first time that Singaporean authorities have issued warnings that have implicated Bitcoin and crypto. In January, the CSA and SPF, in a joint advisory, suggested that people should use hardware wallets in an effort to guard against crypto-related malware and phishing attacks. A number of weeks prior to that, Singapore’s former Prime Minister, Lee Hsien Loong, took to Facebook to issue a warning with regard to a crypto scam that involved the use of deceptive content generated using artificial intelligence (AI). Mitigation techniquesBusinesses are being urged by the authorities to adopt best practices to mitigate the Akira ransomware threat. They suggest the implementation of a recovery plan alongside the use of multi-factor authentication (MFA) in order to secure data and the access to that data.  They also suggest filtering network traffic as it helps in identifying and blocking malicious activities. Meanwhile, disabling unused ports and hyperlinks curbs the risk further as it reduces the attack surface. Lastly, the authorities suggested the use of system-wide encryption to protect data even if it is accessed by unauthorized entities.

Blockchain Deposit Insurance Corporation (BDIC), an emerging crypto insurer based in Florida in the United States, with corporate headquarters in Bermuda, has disclosed that it is preparing to launch its cryptocurrency insurance platform.Photo by Kindel Media on PexelsStarting point in AsiaIn a press release published on Feb. 11, BDIC outlined that the launch would take place in Q2 2025, with its crypto insurance underwriting service commencing in key Asian markets to begin with.  The company has chosen Asia as its starting point, where it feels crypto adoption continues to build momentum. With that, it specified Hong Kong, Singapore, Japan, Taiwan and South Korea as target markets.  While the initial launch will take place in Q2, the company foresees having expanded into Southeast Asia by Q4 2025. Broader service coverage will follow across the greater Asia-Pacific (APAC) region by 2026, with particular emphasis on entering the Hong Kong market. Company CEO Jeffrey Glusman cited a growing demand for crypto wallet security across Asia. He underlined the growing crypto adoption rate in the region, suggesting that this will encompass 300 million users by 2028. Insurance essential for mainstream adoption Speaking about the product offering more generally, Glusman said that the crypto sector has reached a critical inflection point. With that, he believes that “institutional-grade insurance solutions are essential for mainstream adoption.” He added: “BDIC introduces a new paradigm in digital asset protection, using advanced risk assessment algorithms and real-time monitoring to safeguard users’ holdings.” Token launch The company is also planning to launch a native token for its platform, “BDIC Coin,” in Q2 2025. The purpose of the token launch will be to power the BDIC Foundation Reserve Fund, a reserve which will be used for the purposes of premium payments and claim settlements. Furthermore, the token will enable holders to participate in governance voting relative to the project. BDIC claims that it has established compliance protocols and a whitelist in order to provide for a robust and equitable tokenomics structure. Glusman believes that the timing of BDIC’s launch couldn’t be better. A recent report by information services company GlobalData corroborates his view. The report, published on the back of a GlobalData survey, outlined that only 10.8% of crypto holders worldwide have insurance in place for their digital assets.  The survey data suggests that 41.9% of non-policy holding respondents would purchase such insurance given the opportunity, while a further 26.2% were open to the idea. Theft or hacking of digital assets was perceived to be the most important risk to cover in a digital asset insurance policy in the case of a quarter of respondents. The number of insurers offering crypto-related insurance remains limited. However, it would appear that there’s a significant growth opportunity for firms like BDIC, based on the survey data. While there might be a growth opportunity, there are also challenges. Nischal Shetty, founder and CEO of WazirX, an Indian crypto exchange platform that suffered a $230 million hack in 2024, described the difficulties encountered by the company in trying to get insurance when interviewed last August. He stated: “We tried to get insurance in the past, but we did not get any provider who would be willing to insure these assets. It's not an easy process.”

The Philippines' central bank has confirmed it has no plans to issue a retail version of a central bank digital currency (CBDC) but that it has definite plans to introduce a wholesale-level CBDC, albeit without using blockchain as the underlying technology. Avoiding retail-level bank run riskThe bank expressed concerns that a retail CBDC could potentially trigger bank runs, given the velocity at which digital currency can be transacted. However, in an interview with local media outlet, the Inquirer, the central bank governor Eli Remolona clarified that within the next two years, the country has definite plans to roll out a wholesale CBDC. CBDCs come in retail and wholesale forms, with the former accessible to the general public and the latter exclusively for institutional use. While the Philippines central bank initiated an exploratory study previously relative to CBDC use, concerns have been raised by the Bank for International Settlements (BIS) about the readiness of institutions to handle the risks associated with CBDCs.Photo by Krisia on PexelsDismissing blockchainDespite this move, the bank does not intend to utilize blockchain or digital ledger technology, which are fundamental to many virtual assets. Remolona stated: "Other central banks have tried blockchain, but it didn’t go well." Instead, the CBDC will operate on a payment and settlement system owned by the central bank, with a focus on wholesale transactions mediated by banks. This marks a shift in the central bank's approach to underlying technology where a CBDC is concerned. The Bangko Sentral ng Pilipinas (BSP) initially embarked on an exploratory study regarding CBDCs in 2022, known as Project CBDCPh. Upon completion of that study, it followed up with a pilot project called Project Agila, concentrating on a wholesale CBDC. Project Agila leaned on the use of the Hyperledger Fabric blockchain, considering it for use on the first wholesale CBDC.  Hyperledger Fabric is an open-source blockchain framework hosted by the Linux Foundation. Companies like IBM, SAP and Intel have all contributed to the development of the enterprise-grade permissioned blockchain network. However, it appears that the BSP is shying away from using any type of blockchain-based solution in establishing its CBDC. Regional steps towards CBDC useThe central bank of the Philippines is among several in the Asia-Pacific (APAC) region that are working towards the introduction of a CBDC. Earlier this month an official from the Reserve Bank of India (RBI) outlined that the central bank will move forward with CBDC development while working towards addressing privacy concerns that citizens may have with a digital rupee. Towards the end of last month, the Japanese government, in collaboration with the Bank of Japan, appeared to be gearing up for the rollout of a CBDC. In a recent meeting between both parties, several legislative matters were identified as key to ensuring a smooth path to the unobstructed launch of a digital currency. There has also been a lot of activity relative to attempts to utilize CBDCs for cross-border trade over the course of the past year. In the United Arab Emirates (UAE), the country announced the first-ever use of its CBDC or digital dirham in a trade deal with China using mBridge, a multi-CBDC platform that supports peer-to-peer, cross-border payments in real time.