Interview with Raksa MA, Senior Majoring in Information and Communications Technology Student at AUPP
This week, we interviewed Raksa MA, Senior Majoring in Information and Communications Technology Student at AUPP.
EuroCham: You were one of 19 youths selected from ASEAN selected to participate in the ASEAN Youth Advisory group. What was that journey like? How did you get chosen?
Raksa: The journey started when I became a tutor at the American University of Phnom Penh’s (AUPP) learning centre. I was nominated as a tutor because I excelled at my Statistics and Introduction to Information Technology (ITEC 101) classes. My role was to coach students who struggled in the course by giving them studying tips, resources, and guidance and it really made me happy to be able to spread my knowledge to help other people pass this course.
However, when I considered how many people I assisted and the difference I was able to make, it was still minimal. I began to see more issues that required fixing. The prevalence of smart gadgets is currently very strong in Cambodia, however, there is still a shortage of digital literacy. I concluded that we at AUPP are really fortunate to have a course like ITEC 101 where we can learn about how computers operate, the evolution of the internet, the fundamentals of cyber security, and how to safeguard our privacy online. I questioned what other universities' students were like. If they aren't studying IT, do they still have an opportunity to acquire these skills? If they don't, how will they manage to thrive in the modern world of digital technology, where there is online scamming happening as we speak?
That’s why I applied to the ASEAN Youth Advisory Group (ASEAN YAG) as a part of ASEAN Digital Literacy Programme (ASEAN DLP), where I act as an agent to create social impact projects using digital literacy. To solve the problems I described above, I decided to propose a PUTHI campaign; “puthi” means knowledge in Khmer. When I was accepted into the programme, I was granted about $3,000 by ASEAN Foundation with support from Google.org, the philanthropic arm of Google, to launch a campaign to raise awareness of digital literacy. In February, I was given the opportunity to attend the first regional workshop in person, Safer Internet Day, in Jakarta. By exchanging ideas with ASEAN YAG members from nine other ASEAN nations, I was able to refine my campaign.
I began the campaign after returning to Phnom Penh by recruiting core members who shared my views. We currently consist of 11 core individuals, including me as project manager, three technical members, seven marketing members, and one professional photographer.
I am grateful for the support I have received from the Ministry of Post and Telecommunications (MPTC), AUPP, our educational platform provider SnoopEdu, the Italian Cambodia Business Association (ICBA), and Kakvei, an artificial intelligence-based tool that reduces grammatical errors in the text.
One of the most notable aspects of my campaign is a 1.5-hour, Khmer-taught course that gives the general public a fundamental grasp of cybercrimes and how to safeguard their online presence. We are proud to have two instructors from the MPTC and a Big Four accounting firm who volunteered to create this amazing course, which is being reviewed and will be launched soon.
We also host workshops at different universities throughout the city under the topic “Understanding cybercrimes” delivered by professionals working in the sector. After launching a successful workshop at AUPP, University of Puthisastra, and Camed Business School with almost 160 people involved. Now we officially open registration for our online course called Cybersecurity 101, where students can learn about basics cyber threats and how to protect their digital presence. The public can register the course for FREE here: https://forms.gle/P5fASLjfY7EDdcou5, additional here is the instruction on how to do self-registration: https://drive.google.com/file/d/1TOy3bdWchSJ2uu178zSWkVf3ck0lR6aI/view.
Without my team’s support, and guidance from my professor, this campaign wouldn’t be this successful and impactful. At the end of the day, it is always teamwork, passion and dedication that matters.
EuroCham: What was your plan with the $3000 you were awarded to help create an awareness-raising campaign?
Raksa: Our original plan was to spend money on instructors, photographers, and a learning platform to disseminate our course. Luckily, the professors volunteered to teach for free, and one of my friends volunteered for photography as well. In addition, AUPP’s partnership with SnoopEdu allowed us to launch our course on their platform for free. With these savings, we were able to spend most of the $3,000 on workshops, post boosting, creating premium accounts, and producing merchandise.
EuroCham: What would you say are the biggest cybersecurity threats in Cambodia?
Raksa: The most popular cybersecurity threats in Cambodia are phishing attacks, which are a type of social engineering attack where cybercriminals trick individuals into providing sensitive information such as passwords, credit card details, or personal information.
Vishing (voice or VoIP phishing) is a type of cyberattack that uses actual voices or voice technology to trick targeted individuals into revealing sensitive data to unauthorised entities or sending money. One of my aunts in the province fell into a trap where someone told her that her son got into an accident and needed money at the hospital. Without cross-checking, she sent the money, although nothing had happened to her son.
Another common attack is catfishing. Catfishing is a type of online deception where someone creates a fake identity or social media profile to trick people into believing they are someone else. The goal of catfishing can vary, but it often involves gaining personal information, money, or emotional support from the victim.
Catfishing can cause emotional distress and financial harm to victims. It's important to be cautious when interacting with people online and to verify the identity of anyone you meet online before sharing personal information or forming a relationship.
I think the recent trend of Chat-GPT makes it easier for attackers to perform this attack. So people need to be very cautious while surfing online.
EuroCham: Could you give a few basic tips on what the average individual can do to help protect themselves and their data online?
Raska: There are some basic tips that the average individual can follow to help protect themselves and their data online:
First, create strong passwords: Create strong, unique passwords for each of their online accounts, and use a password manager to help them remember them.
Second, enable two-factor authentication: Two-factor authentication adds an extra layer of security to their accounts by requiring a second form of verification.
Third, keep their software up to date: Make sure to update operating systems, web browsers, and other software regularly to ensure they have the latest security patches.
The public should be cautious of suspicious emails and messages: Avoid clicking on links or downloading attachments from unknown sources and be skeptical of messages that ask for personal information.
Next, people can use reputable antivirus software: Install antivirus software on your computer or mobile device to help protect against malware.
Also, secure your home Wi-Fi network: Make sure your home Wi-Fi network is password-protected and uses strong encryption.
In addition, people should limit their personal information online: Be cautious about the information that’s shared online, and avoid sharing sensitive information such as their National ID or credit card details. Lastly, they can set privacy settings on social media: Adjust their privacy settings on social media to limit who can see their personal information and posts. By following these basic tips, the public can significantly reduce their risk of falling victim to cyber-attacks and help protect their personal information online.
EuroCham: Where does the responsibility lie between the private and public sectors and How do you expect the forthcoming cybersecurity law to help matters?
Raksa: In my opinion, the responsibility for cybersecurity lies with both the private and public sectors. The private sectors are responsible for securing their own networks and systems, while the public sectors are responsible for creating and enforcing laws and regulations that promote cybersecurity and protect citizens' data.
The private sectors have a responsibility to implement appropriate security measures and best practices to protect its customers' data. This includes conducting regular security audits, training employees on cybersecurity best practices, and implementing technical safeguards such as firewalls, encryption, and intrusion detection systems. The private sector should also teach and alert their customers about possible attacks and what measures they can take to stay protected.
On the other hand, the public sectors have the responsibility to create and enforce laws and regulations that promote cybersecurity and protect citizens' data. This includes developing national cybersecurity strategies, creating and enforcing laws and regulations related to data protection and privacy, and providing education and training on cybersecurity best practices.
I expect the forthcoming cybersecurity law to help matters by providing a legal framework for cybersecurity in Cambodia. This law should establish minimum cybersecurity standards for organisations, require organisations to report cybersecurity incidents, and provide penalties for non-compliance. The law is also expected to establish a national cybersecurity agency responsible for coordinating cybersecurity efforts across the public and private sectors.