Hardly a day goes by without yet another organisation falling prey to a cyber attack or data breach that has led to reputational and financial losses.
In 2018, Singapore suffered an unprecedented attack on its public healthcare IT systems that compromised the personal data of about 160,000 patients. The attack followed similar data exfiltration efforts in other countries across the region, including the massive data breach that hit Malaysian telcos in 2017.
While the onslaught of cyber attacks being reported each day has been a wake-up call for businesses, several blind spots remain, at least according to experts who will congregate in Singapore for RSA Conference 2019 Asia-Pacific and Japan.
For a start, the growing use of multifactor and biometric authentication in Asia, fuelled by heightened data protection measures and regulatory requirements across the region, should not be seen as a panacea to cyber security woes.
Vicky Ray, principal researcher at Palo Alto Networks Unit 42 threat intelligence outfit in the Asia-Pacific region, warned about the risks of biometrics technology, such as privacy concerns on how personal data is collected, shared and secured.
“As biometric technologies depend on probabilities and confidence scores, there are also risks that the systems can be spoofed by say, a photo. Therefore, it is always best for biometrics to work in conjunction with other security measures,” he added.
An executive advisor of a Fortune 100 company shared similar sentiments, noting that he has seen security “silver bullets” come and go, but one thing remains constant: hackers will resolve to target people who are often considered the weakest link in cyber security.
“While biometrics is good as another layer of security, it is just an additional layer of security. If hackers can convince people to do something that they should not do, no technology will help,” he said.
On the security risks arising from the growing use of the internet of things (IoT), Sunil Varkey, chief technology officer and security strategist at Symantec in Middle East, Africa and Eastern Europe, singled out the emergence of distributed denial of service (DDoS) attacks that take advantage of compromised devices.
Vicky Ray, Palo Alto Networks Unit 42
Varkey noted that security is currently not a major consideration in the development lifecycle of IoT devices, along with the reality that security practitioners are not yet familiar with IoT security protocols.
“That needs to change or else any exploit on the vulnerabilities or misconfigurations could lead to huge impact on safety,” he added.
Srinivas Bhattiprolu, senior director for solutions and services at Nokia Asia-Pacific and Japan, said to stop threat actors from making lateral movements across a victim’s network via compromised IoT devices, “it is necessary to clearly understand the vulnerabilities and exploits associated with specific components as well as of the system as a whole”.
In the aftermath of cyber attacks launched against the Singapore government, public sector employees in the city-state have had to use separate computers to access internet services in an effort to prevent potential leaks from government emails and shared documents.
But views on the efficacy of internet separation policies have been mixed. Magda Lilia Chelly, managing director at Responsible Cyber, a cyber security training and advisory company, said the complexity of legacy systems, along with their lack of security by design, necessitates off-network operations, making internet separation a common practice to limit an organisation’s exposure to cyber attacks.
Symantec’s Varkey, however, pointed out that while isolation and separation of network segments were an active defence strategy when systems and information were well within defined perimeters and enterprise networks, this might not be enough.
“This is because heterogeneous multicloud environments see users having multiple IT personas,” he said, calling for owners and operators of critical infrastructure to make sure their systems are secured, patched, updated and monitored.
“It is too easy for an individual today to go on one of several search engines and easily find misconfigured or unpatched critical systems,” he warned.
Amid mounting cyber threats and the pressure on cyber security professionals to make sense of heaps of threat signals and security log files, more organisations are expected to turn to artificial intelligence (AI) systems to fend off potential attacks.
Read more about cyber security in APAC
- Security expert calls for businesses to manage the risks of adopting new technologies and improve their cyber hygiene, rather than see AI as a panacea for their security woes.
- Even as Southeast Asia works towards coordinating cyber security strategies, more needs to be done to establish cyber norms.
- Healthcare organisations in the Asia-Pacific region could lose an average of $23.3m to cyber attacks, including losses from productivity and customer churn, a study finds.
- Australia’s privacy watchdog recorded over 800 cases of data breaches, nearly one year into the country’s mandatory data breach notification regime.
However, experts are warning that AI has both exacerbated advances in cyber security solutions and threats of cyber crime.
“We have seen recent AI deployments across cyber security solutions, where companies claim that they can detect attacks faster using the technology. Academic research proves a success rate between 85% and 99% – this all depends on the implementation, algorithms and data,” said Responsible Cyber’s Chelly.
“If the data input is manipulated, or biased, new security concerns can emerge very quickly. The data inputs, and their integrity and availability present a crucial element for the AI technology,” she added.