Hacking operations are getting bigger and bolder, and are increasingly targeting financial institutions worldwide.
One of the most significant security breaches in recent years include a high-profile US$81 million cyber heist on Bangladesh Bank. “Lazarus”, the North Korean hacking group that has been linked to the heist, has also been connected to attacks on banks in 18 countries, including commercial banks in Ecuador, Vietnam and the Philippines.
The heist involved altering SWIFT (Society for Worldwide Interbank Financial Telecommunication) software to hide evidence of fraudulent transfers.
Cybersecurity researchers say the same hacking operation also attacked financial institutions in Costa Rica, Ethiopia, Gabon, India, Indonesia, Iraq, Kenya, Malaysia, Nigeria, Poland, Taiwan, Thailand, and Uruguay.
Asian “cyber five” nations are 9x more vulnerable to attacks
Nations that are most heavily-dependent on internet-based interactions, including Asia Pacific’s “cyber five” nations – South Korea, Australia, New Zealand, Japan and Singapore – appear 9x more vulnerable to cyberattacks than other Asian economies. This is according to findings by the 2016 Asia-Pacific Defense Outlook released by Deloitte Touche Tohmatsu Limited (DTTL).
The number of certified cybersecurity professionals in the region is also far less than what is available in the west, but banks and financial institutions here are not targeted less, said Elad Ben-Meir, who is the VP of Marketing at CyberInt.
Caption: Singapore is one of the five countries in the region that are most vulnerable to cyberattacks.
“For example, in the US for every aspect of cybersecurity technology, you easily have 150 to 200 vendors who compete in the space. The amount is far less in Singapore and even lesser in surrounding (Southeast Asian) countries like Malaysia, Indonesia and the Philippines, who typically only have about three to four vendors for every type of solution,” Ben-Meir shared.
He added: “While Singapore is ahead of other Southeast Asian countries when it comes to cyber security, it is lagging behind globally.”
Ben-Meir explained that the same economic growth that has been driving the region is also creating new kinds of vulnerability to cyberattack. “The more digitalised traditional platforms such as banking, financial services and retail get, the more exposed they are to cyberattacks,” he said, citing the burgeoning Philippine online market as one area that is highly vulnerable to these threats.
An asymmetrical fight
The complex web of interconnected devices continues to open up gateways to information, and countless access channels makes it increasingly difficult to keep watch over the safety of data online.
Asia Pacific is home to several of the world’s largest and growing economies that presently rely on rudimentary cyber capabilities.
The biggest challenge for banks and financial institutions, Ben-Meir shared, is that they do not know which areas to defend. “Banks globally have trouble defining their “crown jewels” and setting the right control processes and awareness around people to protect those crown jewels.
“For example, many banks set up various controls or technologies to put up a firewall IPS (Intrusion Prevention System) to try to stop these attacks. The problem is, these controls are often set in places where they are not really necessary.”
CyberInt offers protection beyond the perimeter with targeted end-to-end cybersecurity solutions. We look at organisations from an attacker’s perspective to understand how they behave, Meir shared. This enables an understanding of what needs to be monitored and safeguarded and determines which areas to protect.
Caption: Banks globally have trouble defining their “crown jewels” and setting the right control processes and awareness, said Ben-Meir.
According to Ben-Meir, there are three main elements to cybersecurity:
1) Controls – the various technologies you could use to stop an attack.
2) Processes – how you define your organisation and what to do when an attack happens. This includes who’s allowed to have administrative rights or who’s allowed to have protocol connection to their desktop, or allowed to bring in their own device, etc.
3) Awareness – People need to have an understanding of how attacks work because in most attacks, people are the weakest link.
Major reworking in the foundations of cybersecurity strategies is needed to properly detect and respond to new and persistent threats. To better analyse the situation at hand, we first need to understand the status of each organisation and industry.
“To put simply, you need to first map out what you want to protect, and then protect it,” Ben-Meir said.
Stepping up the security game
A recent survey by DomainTools found that the majority of large companies experienced breaches within the first half of 2015 and almost a quarter of these firms did not know how their attackers got in.
This provides evidence that protection and prevention are no longer enough. Today, it has become necessary for organisations to invest in cybersecurity technologies to proactively identify and respond to threats.
Across Asia Pacific, there is an upsurge of collaboration efforts between the government and private sector to offer both cyber resilience capacities and best practices across sectors.
Caption: Across Asia Pacific, there is an upsurge of collaboration efforts between the government and private sectors to fight cyber crime.
In Singapore, a five-year National Cyber Security Masterplan 2018 has been introduced to bolster the nation’s cybersecurity by intensifying coordination efforts between the public, private and people sector. Nations like China, Korea, Australia, Malaysia and Vietnam are also starting to develop their cybersecurity infrastructures.
However, Ben-Meir was quick to point out that there is no “silver bullet” for cybersecurity. “You can’t win all battles, you can’t fix everything,” he said. Attackers will always probe for weaknesses, and the purview of cybersecurity will constantly shift and be redrawn.
What is required now is for organisations to reorient the way they look at cybersecurity and actively fight with the right weapons to maintain a stronghold within their sphere of control.