Confidence in African digital payment solutions is essential to minimising fraud and corruption while improving the free flow of funds to boost business and economic activity. Their value is illustrated in statistics released by the South African Banking Association (SABRIC) in June 2020.

The report found that digital banking fraud had risen by 20% but that the fraud losses on banking applications had only increased by 1%, despite a significant rise in transactions

Mobile digital payments offer consumers and businesses a convenient method to manage funds, make payments, and gain visibility into accounts and transactions – effectively putting a bank in every pocket. Accessible and reliable, they’re the oil that lubricates the formal and informal economies, enabling financial inclusion at all levels of business and society. 

Payment technologies have the potential to open access to financial services for people from all walks of life, and can scale-up with organisations of all sizes.

Micro-enterprises are able to leverage digital payment platforms to receive payments, cut down on cash transactions to reduce cost and risk, improve financial management, and deepen their relationship with formal finance for great access to financial services.

Small to medium enterprises (SMEs) can benefit from digital payment solutions, increasing access to customers and the ability to reach new markets with eCommerce, reaching remote areas and reshaping how they do business – a particularly relevant step in a pandemic controlled market. 

The fraud conundrum 

According to Deloitte, COVID-19 has made digitised payments and payment solutions critical, minimising reliance on cash transactions and improving financial inclusion. The report found that around 90% of retail outlets in the financial sector are still using cash exclusively, largely due to issues around friction and cost with cards in remote and rural areas.

The lack of connectivity and the risk of fraud make cards a low priority for these merchants. However, the situation is being shifted somewhat by the arrival of intelligent, digital point-of-sale devices, and mobile payment platforms that allow both merchant and customer to transact using mobile devices.

But, if the mobile payment is made via a card to the account, the cost and friction are only reduced. A mobile, digital card linked solution is better than plastic and will minimise the risk associated with card payments – a risk that SABRIC’s report identified as on the rise by 20.5%.  

The problem with legacy is that it is a legacy. All of the main card schemes (Visa, MasterCard, UnionPay; and all of the BigTech, Ant Financial/AliPay, WeChat, Amazon, Facebook, Google et al payment offerings) use super-apps with payments attached to cards that harvest customer data and ultimately dis-intermediate the bank from their customer.  

In any card transaction, whether or not it is a virtual, mobile, QR payment experience, customer information travels with the payment and has to be encrypted, decrypted, and re-encrypted. There are two big risks with legacy. Fraud risk where customer information can be compromised, and disintermediation risk where a third party harvests data with the intent to get in between the bank and their customer.  

Modern account-rail-based payments use anonymous digital tokens that represent a customer but have no customer data associated with them. The anonymous 20 digital number is unique to each transaction, lives for four minutes or a single-use, and is only associated with the customer’s information inside the bank. This makes compliance with General Data Protection Regulation (GDRP) and Payment Card Industry (PCI) data security standards a moot point and it assures the bank and the consumer that their information is safe, privacy assured. 

Undermining the bank and consumer relationship is not a positive disruption. It introduces risk and off-shore dependency in the financial market, and it weakens domestic financial intermediation that is essential for a healthy financial system for domestic economic growth.

Cards and cash can be stolen or faked, but secure anonymous digital transactions are safe because there is no information to steal. Although there are regulations and measures in place to protect consumers and businesses from card fraud, these are often not effective. The risk to consumers inhibits the use and undermines trust in digital payments. The risk to banks is expressed by increased service fees for the payment. These fees are passed on to merchants and built into the cost of goods and services.  

With digital account rail-based payment secure solutions, security is baked in. This “zero-knowledge” of customer information in the payment ensures identities are protected for the consumer while ensuring absolute financial transparency of the merchant to the bank. 

Unpacking financial equality 

The consumer, who was once unbanked or is underbanked and suspicious of traditional forms of electronic banking, is now given the opportunity to experience new ways of paying from any funding source that is account-based – loyalty points, prepaid gift cards, bank accounts, or with funds in a non-bank financial institution.

This benefit is tightly aligned with the SMEs who serve the customer. They can now include value-added services for digitally-empowered clients, which allow them to interact with the business in entirely new ways. SMEs can create digitally accessible discounts, vouchers, and loyalty plans that engage with customers and drive transactions. This increases inclusion adds to a company’s credentials and gives greater room for growth. 

Fraud may be endemic in many financial systems, and risk may always be present but, with the right digital payment platform and investment, SMEs and their customers are given protection and privacy over their transactions, increasing confidence and providing a safe and convenient way to pay from any account to any merchant.

The digital transparency provided by the financial institution provides the data and assurance needed to bridge the financial inclusion gap left behind by traditional legacy banking solutions.

A new digital payment system for Africa – independent of foreign legacy and in defence of local financial markets development for everyone. 

www.vsoftsystems.co.za

 

 

Founded in 2017, My Washbay is a local tech startup that is focused on digitising and reinventing the car wash industry by providing a tech-based service for car wash owners, adding value for its customers. 

My Washbay aims to digitise the car wash industry

In an interview with Ventureburn, Prinesh Pillay, founder of My Washbay explains that the startup aims to shake up the car wash industry with technological advancements and tools to enhance the customer experience. 

“A large number of car washes are still utilising legacy or manual systems of dealing with their operation, inclusive of reports and customer experience.”

With an app currently in the development stages, My Washbay is currently web-based and offers a unique service for both car wash owners and customers. 

The service is currently available in Johannesburg but My Washbay plans to expand its offering nationally and globally. 

Benefits for users

As a web-based app, the startup offers the following benefits for customers; 

• Cashless payment for car wash services via a secured paygate, reducing contact and supporting social distancing measures during the pandemic
• Use of vouchers to pay for car wash services 
• Purchase of car wash service bundles at reduced costs 
• Information and access to car events, test drives, and more
• Online notification when the car wash service is complete.

Customers are able to scan a present QR code at the car wash facility to check in their vehicle and payments are made via the app with Zapper digital payment service integrated. 

Car wash businesses

Local car wash businesses are able to effectively benefit from the My Washbay services as it offers a comprehensive range of services to transform the traditional methods employed. 

Here is a list of benefits for car wash businesses: 

• Use of an online dashboard for payments, reducing the possibility of theft as each transaction is recorded 
• The platform allows for traffic monitoring 
• Implement and offer customers discounts
• Presence on the app, reaching more customers online 

A monthly fee is applicable for car wash companies to utilise the service. 

Social impact

As a self-funded startup, My Washbay supports autistic individuals secure a form of employment at a car wash through My Washbay’s client network. 

A statement on the My Washbay provides further insight into their aims of supporting the disabled. 

“Working is really important to the human experience. It is with this in mind that we will aim to deploy people with Autism (not limited to) into our car wash network and a chance to feel empowered through work. Employment rates for the disabled in South Africa have dropped to below 1% and we aim to change this one person at a time.”

The startup liases with its existing car wash network to identify roles suitable for candidates to apply. This system provides employment opportunities for disabled individuals allowing them to improve their quality of life and enter the job market. 

www.vsoftsystems.co.za

 Fellow South Africans,

In just four days from now, we will be ushering in a new year. 

This is traditionally a time of festivity and celebrating. 

Unfortunately, for us here in South Africa and for others around the world, there is little cause for celebration this year.

Yesterday, we passed the mark of more than one million confirmed coronavirus cases in our country.

Nearly 27,000 South Africans are known to have died from COVID-19.

The number of new coronavirus infections is climbing at an unprecedented rate.

More than 50,000 new cases have been reported since Christmas Eve.

The majority of new cases are emerging in KwaZulu-Natal, the Western Cape, Gauteng and the Eastern Cape.

Infections are also alarmingly on the rise in Limpopo.

Infections are on the rise in part because, as humans, we are social beings and have a need to socialise with one another. 

We feel the need to visit friends and family, we attend religious services and we go to parties.

But this is a time of heightened danger in the face of a global pandemic.

Across the world countries are having to take drastic measures to curb new waves of infections.

We will all have heard that there is a new variant of COVID-19 that is now well-established in our country. 

As our scientists study this variant – called 501.V2 – and its spread, it appears that it may be more contagious than the virus that drove the first wave of infections.

The rapid rise in infections is being fuelled by so-called super-spreader events, including like end-of-year functions, family and social gatherings, and music and cultural events.

This is a cause for great alarm, and points to an extreme lack of vigilance over the holiday period.

We have let down our guard, and unfortunately we are now paying the price.

We have not been wearing masks. 

We are not washing our hands or sanitising. 

And we are not keeping a safe distance from others.

We have continued to host and attend social gatherings and events that in many cases flout public health regulations.

As has been the case previously, social gatherings substantially increase the risk of transmission. 

Venues are often poorly ventilated and their permitted capacity is being exceeded. 

Hand sanitiser is not being used, and masks are being worn to gain entry, only to be taken off once inside. 

In these same social gatherings, the consumption of alcohol in restaurants, in nightclubs and taverns has contributed to risky behaviour like not wearing masks and not observing social distancing.

Excessive alcohol consumption is also driving up the number of trauma cases in our hospitals. 

According to the data we have, with every relaxation of the restrictions on the sale of alcohol, the number of trauma cases reporting at our hospitals has increased.

These trauma cases are putting an unnecessary strain on our already stretched public health facilities.

Our hospitals, both private and public, are already close to full capacity in a number of provinces, and ICU beds are either full already or rapidly filling up. 

In the Eastern Cape, for example, the number of hospitalisations and in-hospital deaths has now surpassed the numbers witnessed in the first surge earlier this year.

Several provinces are hard at work to prepare additional beds, ventilators and oxygen to respond to this increase. 
 
Our frontline healthcare workers, who have put their lives on the line over the past nine months to care for the ill, are becoming infected in higher numbers. 

They are exhausted, and they are struggling under the strain of the second wave.

During the month of December, 4,630 public sector health employees contracted COVID-19, bringing the total number infected since the start of the pandemic to over 41,000. 

Yesterday, I saw a social media post from a doctor in one of our facilities, which I would like to share with you, because it captures the situation that our health workers face.

He writes:

“Half our consultants have COVID.

“More than half my colleagues had COVID or are currently in quarantine.

“Hospital is FULL. No oxygen points. Private hospitals are FULL. Not accepting more patients. No beds anywhere.

“And this is not yet the peak.

“Guys. We are all going to pay for your inability to be responsible with our LIVES.”

These brave men and women, who have kept our hospitals and clinics open and running through their resilience, courage and professionalism are now at even greater risk than before. They are themselves almost at break point. 

They could lose their lives. More families will mourn. All because of our actions, and our failure to take responsibility.

We are at an extremely dangerous point in our fight against the pandemic. 

Unless we act now and unless we act decisively, the number of new infections will far exceed what we experienced during the first wave and thousands more people will lose their lives.

On the recommendation of the National Coronavirus Command Council, and after consultation with provinces and metro mayors, Cabinet has decided to put the country on an adjusted Level 3 from Level 1 with immediate effect.

Several of the level 3 regulations are being strengthened to further limit the potential for transmission, while doing everything possible to keep the economy open.

We have adjusted the restrictions that will apply at level 3 based on the lessons we have learned through our response to date.

There are four main reasons for this step:

Firstly, we want to minimise the risk of super-spreading events even further. As the number of people with active infections rises, there is a greater risk of an infected person without symptoms being present in a gathering and spreading the virus.

Secondly, we want to decrease unsafe interactions between people.

Thirdly, we want to increase the implementation of our five key prevention measures – social distancing, masks, hand hygiene, symptom-checking and testing.

Fourthly, we want to decrease the burden on health care services so that resources can be directed to meet the needs of COVID-19 and other patients.

Under the adjusted level 3 regulations: 

-    All indoor and outdoor gatherings will be prohibited for 14 days from the date hereof, except for funerals and other limited exceptions as detailed in the regulations, such as restaurants, museums, gyms and casinos. These will further be set out by the Minister in regulations and will be reviewed after that period.

-    Funerals may not be attended by more than 50 people with social distancing. 
-    Every business premises must determine the maximum number of staff and customers permitted at any one time based on our social-distancing guidelines and may not exceed that limit.


-    The nationwide curfew will be extended from 9pm to 6am. Apart from permitted workers and for medical and security emergencies, nobody is allowed outside their place of residence during curfew. 

-    Non-essential establishments – including shops, restaurants, bars and all cultural venues – must close at 8pm. The list of these establishments will be released shortly. 

We now know that the simplest and most effective way to reduce transmission of the coronavirus is to wear a cloth mask that covers the nose and mouth whenever in public.

Until now the owners and managers of shops and public buildings, employers and operators of public transport have had a legal responsibility to ensure that everyone entering their premises or vehicle is wearing a mask.

But given the grave danger our country now faces, the adjusted level 3 regulations will make every individual legally responsible for wearing a mask in public.

From now on it is compulsory for every person to wear a mask in a public space. A person who does not wear a cloth mask covering over the nose and mouth in a public place will be committing an offence. 

A person who does not wear a mask could be arrested and prosecuted. On conviction, they will be liable to a fine or to imprisonment for a period not exceeding six months or to both a fine and imprisonment.

This is a drastic measure but is now necessary to ensure compliance with the most basic of preventative measures.

We remain particularly concerned about the elderly and those with co-morbidities and ask that they do their utmost to protect themselves from the virus, especially minimising their contact with other people.

One of the more difficult areas of regulation relates to the sale of alcohol.

The liquor industry is a major employer and an important contributor to our economy. 

Our priority at this time, however, must be to save lives.

Reckless behaviour due to alcohol intoxication has contributed to increased transmission.

Alcohol-related accidents and violence are putting pressure on our hospital emergency units.

As we had to in the early days of the lockdown, we now have to flatten the curve to protect the capacity of our healthcare system to enable it to respond effectively to this new wave of infections.

In such a scenario, every piece of medical equipment, every hospital bed, every healthcare worker, and every oxygen tank is needed to save lives.

Therefore, under the strengthened regulations:

-    The sale of alcohol from retail outlets and the on-site consumption of alcohol will not be permitted.

-    The prohibition on consuming alcohol in public spaces like parks and beaches remains.

-    Distribution and transportation will be prohibited with exceptions that will be explained by the minister.

These regulations may be reviewed within the next few weeks if we see a sustained decline in infections and hospital admissions.  

In effect, the adjusted Level 3 regulations will keep the economy open while strengthening measures to reduce transmission.

With a few exceptions, businesses may continue to operate as long as all relevant health protocols and social distancing measures are adhered to.

Night clubs and businesses engaged in the sale and transportation of liquor will not be allowed to operate. 

The Level 3 restrictions will remain in place until 15 January 2021.

These measures will be reviewed at that time on the basis of the state of the pandemic in the country. 

When I last addressed you, I indicated that in managing the pandemic we would follow a differentiated approach that took into account the rise in infections in particular municipalities. 

Municipalities defined as hotspots will be subject to additional restrictions until there is a clear and sustained decline in infections.

Following a review of the latest available data on infections and hospitalisations, and consultations with affected provinces, Cabinet has decided that the following further areas be declared coronavirus hotspots.

In the Eastern Cape, these are Chris Hani District, Buffalo City, Amathole District, Alfred Nzo District and the OR Tambo District. These are in addition to Nelson Mandela Bay Metro and the Sarah Baartman District, which have already been declared hotspots.

In KwaZulu-Natal, these are eThekwini, Umgungundlovu District, Ugu District, Harry Gwala District, King Cetshwayo District and Ilembe District.

In Gauteng, the West Rand District, Tshwane, Ekurhuleni and Johannesburg are declared hotspots.

In the Western Cape, the West Coast District, Overberg District, Winelands District, Cape Town, Central Karoo District are hotspots. This is in addition to the Garden Route District.

In the North West, Bojanala District is declared a hotspot area.

And in Limpopo, the Waterberg District and the Capricorn District are declared coronavirus hotspots.

When I last addressed you we announced that certain beaches in our country would be closed on certain days and others would remain open. 

As the infections continue to rise Cabinet on the advice of the National Coronavirus Command Council has decided that all beaches, dams, lakes, rivers, public parks and public swimming pools in hotspot areas will be closed to the public with effect from tomorrow.

National and provincial parks and other parks where access control measures and entry limitations are already in place may remain open to the public.

Those living in the hotspot districts are strongly encouraged to minimise their travel within the district to essential travel so as to minimise contact with other people.

Travel to hotspot districts should be avoided if possible.

The stark reality is that every single district in this country has the potential to become a hotspot unless we observe the current preventative measures.

As we intensify our efforts to prevent further infections, we continue to work to ensure equitable access to an effective COVID-19 vaccine.

As we have reported before, South Africa is part of the global pooled procurement initiative co-ordinated by Covid-19 Vaccines Global Access Facility, commonly known as COVAX. 

We can confirm that we have signed off on the agreement with COVAX and the Solidarity Fund has made the initial payment of R283 million to the facility. 

We are grateful for the support we continue to receive from the Solidarity Fund across all areas of our COVID response. We should remember that the Solidarity Fund is a multisectoral funded initiative having received funding from government, a number of individual South Africans, various institutions including political parties as well as business corporations.

We are part of the first group of countries that will receive an allocation of vaccines from COVAX. We have been advised that we should expect the vaccines in the second quarter of 2021. 

We are also having parallel bilateral discussions with a number of vaccine manufacturers, and will make further announcements once firm agreements are in place. 

As a country we need to build a strong partnership between the government and business sector to augment the resources required in financing the additional vaccines necessary to achieve herd immunity. 

Engagements to this effect are at an advanced stage and we urge the private sector to continue their participation in this endeavour.

We are working to secure a sufficient supply of vaccines in the shortest possible time to protect the most vulnerable in our community. 

Until then, we have no choice but to observe the highest degree of vigilance, and to protect ourselves and others in every way that we can.

We each have a responsibility to wear masks, wash or sanitise our hands, and keep a safe distance from others.

We must remember that this virus is carried through the air, and that we must therefore avoid what has been described as the three Cs – closed spaces, crowded places and close contact with others.

This virus takes advantage of our over-confidence.

Because we feel healthy now, we think we cannot get sick. 

Because they seem fine, we believe that nothing bad can happen to our loved ones.

As older people, we think it is okay, we are healthy, so we can still go to big religious services, to funerals and socialise with our friends.
 
As young people, we may feel strong and invincible, and believe that we are immune to becoming infected because we are young.

As a result, we let down our guard. We take risks. 

Many of those who have been infected with the virus, or who have lost their friends and family in recent months, will tell you how much they regret not taking these precautions when they had the chance.

We can only weather this storm if we immediately and fundamentally change our mindsets. 

Compliance with the health regulations should not be simply about fearing the wrath of the law. 

It should not be about reluctant observance or peer pressure.

This is about common sense. 

It is about taking responsibility for our own health and the health of others. 

It is about protecting our mothers and fathers, our grandparents, our siblings, our children, neighbours and friends. 

Wearing a mask is not about your personal choice or your own appetite for risk. Instead, it is about protecting others.

If you wear a mask, and the person next to you does not, then you are not protected. 

Only if everyone wears a mask can we protect all of us from infection.

By now, each of us knows someone who has been affected by this pandemic in some way.

There is none among us who can claim we have not heard of anyone becoming ill, or dying. This is a crisis that affects us all. 

The sooner we understand that it could very well be us in that ambulance speeding by, or us in that hospital bed, or us being buried at that funeral, the sooner we come to the reality of what we are facing right now.

If we did not understand it before, we should now see just how quickly a situation can change for the worse.

The new year is upon us. 

Our children will soon be going back to school. 

Places of learning will reopen so we can resume our studies. 

We will want to get back to work, to earning, and to looking for work. 

We want life to resume.

We all have plans, hopes and dreams for 2021. 

Perhaps the greatest of them all is the simplest.

We wish for the new year to bring better health, stability and prosperity for ourselves and our families.

We want it to be better than the year that has passed, and that was filled with such hardship.

This can become our common reality if we return to the spirit of solidarity that we have displayed throughout 2020. 

We can and will defeat this pandemic, but only if we each play our part. 

If you experience any mild symptoms, such as a fever, a dry cough or tiredness, isolate yourself immediately and cancel any plans that you might have had. 

If you have difficulty breathing or shortness of breath, fever, cough, loss of smell or taste, seek medical attention while minimising contact with others. 

Download the COVID Alert SA app and get notified if you have been in contact with someone who tests positive. 

The app has already notified many thousands of people of their potential exposure to the virus and has prevented further transmission.

If you have been exposed, quarantine yourself immediately.

I know that most of you have heard this all before. 

But I say it again because it is the only way we can keep ourselves and one another safe.

If we all rigorously adhere to basic precautions, we will see an immediate decline in infections and hospital admissions.

This New Year’s Eve will be different to any we have experienced before.

Several South Africans have suggested that we should celebrate the dawn of the New Year it in a different way.

They have suggested that Instead of parties, let us spend time with those closest to us.

There have been a number of suggestions in social media that Instead of fireworks, let us each light a candle.

Let us each light a candle in memory of those who have lost their lives, in tribute to those on the frontline who are working tirelessly to protect us from harm, in appreciation of the great sacrifices that have been made this past year, and in the confidence that the year ahead will bring health, peace and hope to our people.

I will light a candle in Cape Town at exactly midnight on New Year’s Eve in memory of those who have lost their lives and in tribute to those who are on the frontline working to save our lives and protect us from harm. 

I ask that you join me wherever you are in this very important symbolic gesture.

Let us continue to work as one nation, united and determined. 

We have done it before. We can do it again. 

There will come a day when this pandemic will be over.

On that day, we must be able to look one another in the eye and say: ‘We gave it our all, we each played our part, we worked together as one nation, and we prevailed.’

May God Bless South Africa and protect her people.

I thank you.

 

www.samigration.com

 

 

 Foreigners flying into SA get a curfew break – but you’ll need to have your papers handy

Business Insider SA -  Dec 29, 2020

• Passengers on inbound flights into South Africa don’t have to worry about the 21:00 to 06:00 curfew.
• These travellers will not be breaking the law in travelling from the airport to their place of accommodation, government says.
• This is on condition that visitors can prove – by presenting a ticket or boarding pass – their late-night travels to law enforcement officers.

International travellers onboard late-night flights into South Africa will be permitted to move from the airport to their places of accommodation during the 21:00 to 06:00 curfew, government says. Visitors have, however, been urged to carry proof of their travels to avoid fine or imprisonment if stopped by police.

On Tuesday, South Africa entered an adjusted form of Level 3 lockdown. New regulations banning the sale of alcohol and social gatherings coincide with an extended curfew intended to limit movement after dark. This extension has already disrupted local flights, with airlines scrambling to adjust their schedules and revise bookings.

Between 21:00 and 06:00, only those with valid work permits will be allowed to travel to and from their homes. This reprieve is extended to persons seeking urgent medical attention.

But during a press briefing on Tuesday, minister of justice and correctional services Ronald Lamola, and the minister of co-operative governance and traditional affairs, Nkosazana Dlamini Zuma, agreed that international travellers get a pass on that rule.

“International travellers who arrive during the period of the curfew will still be allowed to reach their destination,” said Lamola.

Although South African travellers have been barred from entering several nations following the discovery of a more infectious Covid-19 variant, known as 501.V2, the country’s airspace remains largely unaffected by the recent move to adjusted Level 3 lockdown. International flights into OR Tambo, King Shaka, and Cape Town International airports remain operational, albeit in a fashion subdued compared to the usual December rush.

“If they [international travellers] can show that they were travelling, with the stamp on their ticket or passport… the police will leave them alone,” said Dlamini-Zuma.

The NCCC did not, however clarify whether this offer would be extended to persons departing from South Africa or to local airlines.

Violating the curfew, without a valid reason, can lead to arrest and prosecution. Offenders may be subjected to a prison term, not exceeding six months, a fine, or both.

www.samigration.com

 

Europe, Canada, USA, Australia, and others are now running training exercises to prepare for the outbreak of cyberwar. Locked Shields is the largest simulation and TechRepublic takes you inside.

The city of Tallinn, Estonia serves as the host of NATO's "Locked Shields," arguably the premier cyberwarfare simulation.

Berylia is under attack. Again.

The island nation, located somewhere in the cold waters of the Atlantic Ocean, relies on its state-of-the-art drone industry for a large part of its income. But recently its drone research labs have come under cyber attack from unknown assailants, forcing Berylia to deploy rapid-reaction teams of security experts to its labs, under orders to find out what's happening, and to stop the attacks as quickly as possible.

Over two hectic days, the teams will have to battle against mounting attacks on their systems, hijacking of their drones, and questions from a sometimes hostile press.

And it's not the first time Berylia has come under attack: strangely these cyber onslaughts happen every year at around the same time. And these incursions won't be the last time the country comes under attack either, because the fictional drone-building country is the setting for the NATO annual cyber defence wargame, Locked Shields.

The exercise is run from Estonia by NATO's cyberwarfare think tank, the Cooperative Cyber Defence Centre of Excellence (CCD COE). The annual event, which has been running since 2010, aims to train the security experts who protect national IT systems on a daily basis. While the exact scenario changes every year, the setting--the embattled Berylia--remains the same, and arch-rival Crimsonia often makes an appearance too.

Berylia might be a fictional state, but Estonia itself has first hand experience of these sort of digital attacks: back in 2007 its banks and government systems suffered weeks of disruption from hackers after Estonian authorities proposed moving a Soviet war memorial. Russia denied any involvement in the attacks, but the incident accelerated plans for the formation of the NATO's cyber think tank, located in the Estonian capital, Tallinn.

This year Locked Shields saw more than 1,700 attacks carried out against 1,500 virtualised systems being protected by 20 teams, which separately had to defend online services and industrial control systems against real malware and digital attacks.

The wargame pits 20 'blue team' sets of defenders from NATO's member states, against a 'red team' of attackers which attempt to disrupt their networks. A separate 'white team' of experts runs the game systems. In total, the exercise involves around 550 people across 26 nationalities, 250 of which are the core planning team in Tallinn, where the main action takes place over a two-day period.

It's not the only big cyberwar game. The US runs its own 'Cyber Guard' event every year, which this year saw around 1,000 players from various government agencies. Those taking part included the UK, Canada, and Australia, all dealing with a fictional attack on an oil refinery, power grids, and ports, while the Bank of England has overseen 'Waking Shark' exercises across the banks in London. However, Locked Shields describes itself as the largest international technical cyber defence exercise.

All the Locked Shields teams get the same mission briefing, and the same set of virtual systems to defend. While the game is run from Estonia by NATO's Cooperative Cyber Defence Centre of Excellence (CCD COE), most teams log-in remotely from their own countries. The teams are playing simultaneously but separately, so it is in some respects 20 games at once, although the teams are allowed to share some information.

In the scenario, the teams are playing as a rapid reaction team that has just been dropped into a drone research lab. That means when the game starts, they don't even know precisely what systems they have to defend, and whether their adversary has already managed to breach any.

Even the technical information they are given about the systems they have been called in to protect is--as it would be in real life--shoddy and possibly incorrect, making it even harder for the teams to prepare their defences.

Berylia and Crimsonia are the two fictional countries involved in the Locked Shields simulation.

"We are trying to use hacking scenarios and attack scenarios that are taken from real life, so we are not playing on an abstract simulation, we are actually using the same operating systems that would be encountered in real life," Dr Rain Ottis, Locked Shields 2016 scenario master, said.

"We want to see how they handle themselves as a team in a situation where there's lots of fog of war, where you do not have full visibility of the scenario of the things that are happening to you," he said.

Over the course of the exercise things only get worse. Not only do the teams have to deal with incoming attacks, they also have to deal with getting blamed for attacks coming from their networks. "It is as realistic as we can make it," said Ottis.

The teams of defenders--each of around a dozen people--have to protect around 2,000 machines making up a realistic representation of what a business network would look like. The services the blue teams have to maintain range from websites, email, and online shopping services, to various kinds of industrial control systems.

The aim is to put constant pressure on the defending teams, to test them with the sort of full-scale cyber attack that hardened security professionals would hope to never experience in real life.

"We have absolutely everything in there, we have Windows 7, 8, 10, we have Apple OS X, we brought in most of the Linux versions, so what we want to do is have a wide spectrum of operating systems. Everything you can imagine in a regular office, all the software and hardware, we try to simulate that and show that in some way they can be vulnerable," said Aare Reintam, CCD COE's technical exercise director.

"We want to show them everything you have in the environment can be a target or a jumping point into your internal networks," he said.

That means that everything from smartphones to humble printers could be a target. "We want to express that absolutely everything that you have in the network can be a target, that you have to defend everything. Attackers have to find only one thing to attack," he said.

As such, teams don't just have to protect standard PCs or servers, the Internet of Things is part of the security threat too. In the scenario, the teams are protecting a drone research lab, so one of the challenges they are faced with is keeping control of the command and control system for the drones--and regaining control of the drones if it's lost.

Locked Shields participants crowd around giant screens of data to analyze attacks in motion.

Perhaps one of the more unexpected systems they need to protect is an industrial command and control system. The one that runs the cooling in their own server room. If the teams lose control of that, then their mysterious enemies can turn up the heat, and shut their servers down (to add a little drama to the proceedings when this happens sparks shoot out of the server room simulation board).

The teams respond to the challenges differently, and one tempting option of course when faced with an overwhelming cyberattack is to pull the plug--to protect the systems by taking them offline. But that would be to miss the point: teams must be able to protect the systems while keeping them up and running, even if they have to prioritise.

For Reintam, this is one of the keys to the event: "We are teaching them how to protect our lifestyle. We have to make sure that the lifestyle that we are used to, that you wake up in the morning and you turn on your lights, that you turn on the water and can make yourself a coffee, that you can browse the news with your coffee... you have to pay attention to every aspect of the ecosystem and you have to protect it."

The game wouldn't get very far without the red team, which aims to create that fog of war that surrounds the defending teams. It has around 60 members to "entertain" the defending blue team, said Mehis Hakkaja, head of the red team and CEO of Clarified Security. The red team uses attack methods that are out in the wild to make attacks as realistic as possible, although still ones that can be defended against.

Even though the red team knows most blue team systems and vulnerabilities beforehand and even has pre-planted backdoors, the situation changes rapidly as soon as the exercise starts, he said: some of the attacks are based on cybersecurity basics like missing patches but can rapidly accelerate to attacks on complex industrial control systems.

The red team can pretend to be various typical hacker groups--from stealthy 'advanced persistent threat' actors to noisier and apparently less skilled hacktivists--or perhaps both at the same time, depending on the scenario. The game plan changes depending on how well the teams respond. The attackers will attempt to do things like steal documents which are then leaked to the in-game media, but if the teams managed to thwart that heist then the game goes in another direction instead.

Playing through such a variety of attacks and threat actors from various angles allows the red team and organisers to evaluate the blue teams on their ability to notice and respond, whether their initial defensive plan worked, and whether they managed to retain control and a sufficient situational overview.

"Having a good initial defence strategy is good, but ability to adjust it on-the-fly is even more important," Hakkaja said, as it seeing the bigger picture, "because just blocking and blindly trying to apply defences, or only seeing some attack indications only gets you so far."

As well as the technical aspects of the game, the teams are also tested on their understanding of the legal issues involved with protecting against the attacks, how they deal with the press, and how well they report back to their fictional commanders or political leaders.

In the media element of the game, the teams for example have to be able to explain their actions and put across their point of view accurately, even when being questioned by hostile journalists who are trying to trick the teams into saying too much or saying the wrong thing, all of which plays out on the in-game news site.

Another element tested is around legal issues. The legal picture around hacking, and cyberwarfare in particular, is often unclear, so the teams have to do everything they can to ensure that they are behaving legally.

This battlefield has traded trenches and firearms for desks, monitors, keyboards, and lots of cables.

For example, the legal framework used during armed conflict is different to those used in standard policing, so working out whether a cyber incident has risen to the level of an armed conflict is a key factor, something that is hard for defenders to work out when many of these attacks are stealthy and anonymous. Malware doesn't wear a uniform or carry a flag.

During the exercise, the legal advisors on the team are tested, often in coordination with the other events in the game: for example, being asked to give military commanders advice on their options when dealing with hacked drones.

"In every military operation the idea is to get the commander the options to chose from, and each of those option need to be assessed by a lawyer to say what legal issues do they raise, is it lawful in the first place, which is the best option from a legal perspective," explains Dr. Heather Harrison Dinniss, head of the Locked Shields legal team and senior lecturer in International Law at the Swedish Defence University.

It's only in the last few years--with the publication of documents like the Tallinn Manual which looks at how international law applies to cyberwarfare--has the legal framework around cyberwarfare has become clearer.

"The difficulty when you are dealing with cyber, of course, is you don't necessarily know who it is that is launching the attack," Harrison Dinniss said. "Cyber makes that assessment more difficult."

"There's a much greater acceptance now that the law applies," she added, although there are still things that are uncertain: for example, while it's generally agreed that a serious cyber attack could be considered the equivalent of an armed attack, there's less agreement about how to treat less physically destructive attacks.

"There are still interpretation issues, something that's still up in the air is what do we do about data-only attacks," she said. We're talking about ones that don't cause any physical damage but wipe computer systems, like the attack on Saudi Aramco in 2012 which wiped more than 30,000 devices.

"There is still a question of how do we treat that because there is no physical harm. What do you do when they wipe the computers and make them unusable. Is that enough? Is that a use of force? There's still significant disagreement on [that]," she said.

Teams also have to make sure they do the paperwork.

"We do want them to be able to write human-readable reports about what is going on, something they could send to a manager or a government minister--so condense what they know into something that a non-tech expert can understand, because we have seen time and again that this is a weak spot in the cybersecurity community. We like the lingo that we use and it's sometimes why the message gets lost, and we train for that," said scenario master Ottis.

The exercise puts a lot of emphasis on team communication, team leadership, and delegation. So what makes a good cyber defence team?

The best teams tend to have done some preparation by thinking through the skills and tools that they will need. Those teams typically figure out who is taking which role quickly, too, so they don't have to worry about who is looking after which systems when the action begins.

Winning teams try to understand the battlefield, predict what their attackers are going to do next, and try to be ready for it, said Ottis.

A Locked Shields cyber warrior puzzles over the state of the Live Attack Map.

"We like to see where you are trying to figure out the battlefield, know yourself, know your adversary, and make your plan based on that," Ottis added. "Figure out where you need sensors, which service require more manual monitoring, and which ones you can leave on the back burner. We are talking about being proactive within the network that you have."

Head of the red team Hakkaja makes a similar point: "To see, understand, and communicate the big picture, not being lost in the small technical pieces, is probably the hardest for techies. Large scale cyber exercises like Locked Shields provide a unique opportunity for blue teams to be in such rapidly evolving situations where they rarely are in their daily job as a team."

However, there's one thing that teams can't do, and that is strike back against their adversaries. "This is a strictly defensive exercise so we want them to defend what they have, we want them we want them to cooperate if it makes sense, we want them to keep communications up with the rest of the world and with their higher command. But we do not want them to go on the offensive because that has very serious legal repercussions," said Ottis.

The team from Slovakia won this year's event at the end of April, closely followed by the NATO Computer Incident Response Capability (NCIRC) team from NATO and Finland, which won last year. The Slovakia team scored highest in the media challenges of the exercise and Germany came out on top of the forensic game, while NCIRC did the best in providing legal analysis, and the Czech Republic won scenario challenges.

"When under intense pressure, network security professionals have to monitor the environment, consider social, political, and legal consequences as well as keep ahead of the constant technical challenges," said Thomas Svensson, inject master of Locked Shields 2016.

Technical exercise director Reintam said there is huge demand for the exercise, reflecting how many countries in NATO are increasingly worried about cyber defence, especially the Baltic states. Worried about Russian cyber attacks, Estonia has even been discussing backing-up vast amounts of public data, from birth records to property deeds, in a secure location outside of the country.

As such, NATO has been taking cyberwarfare increasingly seriously in recent years, first making it clear that a serious cyber attack could trigger its collective defense clause and more recently defining cyberspace as a an operational domain--that is, a likely battlefield.

However, many members lack the trained staff to recognise or deal with a serious cyber attack on their critical national infrastructure. Events like Locked Shields are aimed at encouraging members to take their digital defences more seriously, and perhaps also to show potential aggressors that NATO takes the threat seriously, too.

Right now, all is quiet again in Berylia. But perhaps for not too much longer.

www.vsoftsystems.co.za