Emergency “Kill Switch” introduced to Combat Fraud

In the context of IT, a kill switch is a mechanism for turning off or disabling a device or software. 

A kill switch is used to prevent the theft of a machine or data, as well as to shut down machinery in an emergency. The degree to which a kill switch restricts, changes, or terminates an action or activity is determined by the production, process, or program it is designed to safeguard.

How Do Kill Switches Work?

When it comes to the types of technology, software, and tools needed to produce and facilitate it, kill switch is a broad phrase. 

A death switch, sometimes known as a large red button, is a device that allows a manufacturer to shut off machinery if a worker is in danger. Software-encoded death switches, such as anti-piracy techniques, are sometimes included in kill switch software. 

Depending on the industry and business, the form, use, and purpose of a kill switch might vary greatly. When a company detects a data breach, for example, the network administrator may be encouraged to use security measures other than a kill switch, depending on the severity of the incident.

Additional safeguards being pushed by the Monetary Authority of Singapore (MAS) and the Association of Banks in Singapore include an emergency self-service “kill button” to suspend their bank accounts swiftly if they have been compromised (ABS). 

Banks are gradually implementing these extra procedures, which will be fully implemented by October 31, 2022, in cooperation with MAS and the Singapore Police Force (SPF). Customers will be able to use an emergency self-service “kill switch” to freeze their bank accounts if they fear their accounts have been compromised as part of a raft of steps to combat digital banking scams. 

According to the Monetary Authority of Singapore (MAS) and the Association of Banks in Singapore (ABS), they will be implemented by October 31. The steps are in addition to those announced on January 19, which include removing clickable links from emails or SMSes delivered to retail customers and delaying the activation of a new soft token on a mobile device for at least 12 hours. 

In order to approve major changes to customer accounts and other high-risk transactions spotted through fraud surveillance, banks will also demand additional customer confirmations. 

The default transaction limit for online financial transfers will have to be set to S$5,000 or less. 

Furthermore, financial institutions must co-locate bank staff at the SPF Anti-Scam Center to assist in speedy account freezing and fund recovery operations, as well as improve fraud monitoring systems to account for a wider range of scam situations. To reduce the risk of visiting fake websites, bank customers are actively advised to use mobile banking apps rather than online browsers. 

An ABS Standing Committee on Fraud, composed of the seven domestic systemically important banks, will carry on the work of the Anti-Scam Taskforce formed in 2020 to ensure continued investment in the industry’s anti-scam programs. 

DBS Bank, OCBC Bank, United Overseas Bank (UOB), Citibank, Malayan Banking Berhad, Standard Chartered Bank, and the Hongkong and Shanghai Banking Corporation are among the banks participating (HSBC). 

The team will report directly to the ABS Council and will be in charge of the industry’s anti-scam operations as well as the implementation of comprehensive client protection measures. As the scam landscape evolves, the committee will work with member institutions to regularly examine and improve anti-scam policies for efficacy and relevance. 

Customers can also help in the battle against scammers by staying informed about scam warnings and alerts issued by the SPF, the National Crime Prevention Council, MAS, and banks.

How Are Kill Switches Used?

Kill switches have a wide range of applications and use due to the broad definition of the term. They can be used for various purposes depending on the medium and objective. Here are some of the more typical kill switch uses and applications in cybersecurity and other applications and sectors.

Kill switch software

Software-based death switches, also known as virtual kill switches, are frequently included in platforms for smartphones and other devices as antimalware tools to safeguard devices from infected programs. 

Kill switches are included in the products of Microsoft, Google, and Apple, to name a few. A user or administrator can send instructions to devices after detecting a problem or learning a product has been stolen, for example, to alter or uninstall an offending application or even to shut down a device and render it unusable to a thief.

Cybersecurity mechanism

One of the most common applications for a kill switch is as a security feature. According to Risk Based Security, the number of digital assets exposed by cyber thieves increased by 141 percent from the previous year in 2020, resulting in around 37 billion compromised records. As a result, kill switch software has grown in importance as a tool for protecting personal information and confidential data for both individuals and corporations. 

Kill switch software, unlike other cybersecurity measures, is a reactive tool rather than a preventive or proactive approach. In most circumstances, the kill switch software’s objective is to restrict the extent of harm caused by a cyber assault if it is identified by a defending organization, other cybersecurity programs, or the kill switch software itself.

Malware frequently acts so swiftly that some cybersecurity applications and VPNs include a kill switch. Security suppliers, on the other hand, usually always design these to be used on a per-location basis (i.e., on a laptop or in an application). 

The reason for this is that activating a kill switch, especially on a business-critical feature, can be extremely disruptive and costly. For example, if a kill switch is engaged and a company server is shut down, all server-dependent activities are immediately halted, even if they are not affected by malware.

So, depending on the sensitivity of its trigger conditions, a death switch that is not limited to a localized function can be disruptive to essential infrastructure. Furthermore, having a network or server kill switch with an automatic trigger significantly increases the chance of detonation by accident. 

As a result, most large-scale kill switch software is controlled by enterprise IT professionals in order to minimize costly mistakes. They control the trigger circumstances’ sensitivity levels, as well as the degree to which the kill switch prevents information transfers and other actions upon explosion.

If you discover you are the victim of banking scam, you can contact us for support

Additional Kill Switch Applications

Kill switches are used in a wide range of machines both inside and outside the IT industry, including car ignition systems, boat motors, industrial machines, and petrol pumps.

Because its goal is to automatically shut down the vehicle or machine if the operator becomes disabled, a kill switch for cars and machinery is frequently referred to as a “dead man’s switch.” This differs from the aforementioned big red button, which frequently requires individual activation. 

In asset-intensive and industrial markets, kill switches such as dead man’s switches and huge red buttons prioritize user safety over asset safety. They must be inspected on a regular basis to ensure that their safety features remain operational in the event of an emergency.

The Global Payback, is a team of expert investigators and cybercrime analysts that have collaborated with various third-party institutions to ensure no one loses out on their hard-earned money. For the latest news and guides, you can visit our news page.

Sources

• Author: Rosalind Ang – https://www.straitstimes.com/business/banking/additional-measures-to-tighten-banks-security-to-kick-in-by-oct-31-abs-mas
• https://www.ocbc.com/group/media/release/2022/ocbc-rolls-out-emergency-kill-switch.page
• Author: Ng Hong Siang – https://www.channelnewsasia.com/singapore/mas-more-measures-bolster-digital-banking-security-anti-scam-2722806