Cybersecurity is a very present threat in today’s digital landscape. Governments, financial institutions and organisations alike are victims of it. While organisations are constantly finding protective measures around it, the threats remain and evolve.
This was the topic at Kaspersky’s insight session: “The State of Enterprise Security in Singapore”.
Senior executives of Kasperksy shared their learnings and case studies of cyberattacks that have been detected, apprehended and resolved.
Stephan Neumeier, Managing Director, APAC and Japan, Kaspersky opened the discussion session with a quick summary of how real the threat of cybersecurity is.
Though Singapore is viewed in the region as being highly advanced in infrastructure and cybersecurity protection, it has been the victim if several attacks that have penetrated the considerable security layers it deploys.
Some better-known examples he cited were the hack on SingHealth and the leak of information of HIV patients.
Being in a financial hub within the region, Neumeier added that there is an increasing demand from financial institutions to boost the security of systems, applications and services.
Yeo Siang Tiong, General Manager, South East Asia at Kaspersky went into details of the relevance of cybersecurity threats in Singapore.
As a highly digitised economy, Singapore is investing deeply into cyber protective measures as a sixth pillar of defence.
Cyber security is such a sensitive and expensive issue that insurance companies have launched cybersecurity offerings – a major indicator of the prevalence of cybersecurity threats.
Yeo shared findings from Kaspersky’s “B2B IT Security 2018” report which covered 31 countries and had responses from 155 enterprises in Singapore.
While close to 42% of enterprises in Singapore experienced malware infection of company-owned devices, over 38% experienced electronic leakage (e.g. personal and / or company data) from internal systems.
Over half of respondents indicated that it is becoming increasingly difficult to tell if the attack is generic and 42.6% said that they lack sufficient intelligence on threats faced by their businesses.
Over 40% of these enterprises expects a 10% – 29% increase in their IT security budget over the next three years.
Yeo talked about various causes of cyberattack incidents which included viruses/malware/trojans on computers and mobile devices, phishing attacks and social engineering, DDoS attacks, crypto-malware (hijack of devices)/malware and careless or uninformed employees
He mentioned that such attacks and loss of information result in serious financial, legal and reputational consequences for organisations.
Yeo shared of how in the past, the notion of cybersecurity was basically anti-viruses on PCs. Today, organisation understand that cybersecurity is data protection and much more.
He added that growing investments on cybersecurity such as network detection, threat intelligence capabilities, and additional training of personnel must be expected and planned for.
Vitaly Kamluk, Director, Global Research & Analysis Team, APAC, Kaspersky talked about targeted attacks in Singapore.
He made a comparison to Chernobyl and explained that just like how despite the Chernobyl incident occurring almost 30 years ago and there still being traces of radiation around, attacks to cybersecurity is a constant threat that organisations will face.
Kamluk laid out future manifestations of cybersecurity attacks:
- Cyber-physical attacks: Cyber threats converted into real-physical threats
- IoT Swarms: Gadgets with lack of regular updates and security controls are ticking bombs before hackers discover the vulnerabilities of these devices eg. Air-conditioners
- Targeted lockdowns: Hacking of software systems of companies, such as the ones which deal with heavy machinery, resulting in the lockdown and paralysis of the machinery systems
- Invisible threats: Attackers are constantly trying to move into the shadows and attack from places which are least expected or hardest to track eg. Hard drives
- Supply chain attacks
- Deploying a Trojan in the heart of an enterprise
Kamluk went into a case study on supply chain attacks which Kaspersky had handled, “ASUSforceupdate”, a mystery update.
On installing it, the update report showed that the device was clean of malicious attacks but in reality, had infected their systems. It spiralled into more companies being hacked – from gaming to pharmaceutical companies.
With the MAC address of the organisation’s device within the system, he explained, the organisation was likely to be targeted by the attacker.
Another case study he cited on the deployment of virus through a programme was an organisation using Microsoft’s VisualStudio that had failed to recognise an invalid digital signature prompt. As a result, the hackers had gained access to the programme.
Such a hacks mean that there will always be a backdoor for hackers to get through secure channels and inject malicious viruses as they are already embedded in the programme.
He concluded his segment on points of advice that organisations should adhere to:
- Ask developer about secure development lifecycle- a trustworthy developer would know about it
- Validating software before installing it
- Do not rely on reputable names for services
- Do not blindly trust digital signatures
- Implementing additional security controls
Kamluk said, “The only thing worse than being breached is to ignore it is coming”.
When OpenGov asked Yeo on how cybersecurity must be constantly evolving to counter evolving methods of hackers, he said “Organisations have to constantly adapt themselves around their framework as cybersecurity is a constant threat which will continue to exist in the atmosphere.”