Francis Prince Thangasamy, Vice President, Product Management, Asia Pacific, CenturyLink
2018 was a year in which the Asia Pacific region saw increasingly bold threats. In August, the computer systems of two Thailand banks were compromised, affecting the personal and corporate data of more than 120,000 customers. The largest iPhone chipmaker in the world based in Taiwan was also disrupted by cyber attacks roughly a month later. For markets like Hong Kong, Frost & Sullivan estimates that cyber threats can take away US$32 billion annually over the next few years.
There is no doubt that the threat landscape is evolving in terms of sophistication and speed. As enterprises prepare for a new business year in 2019, they must have an eye on cybersecurity developments in the Asia Pacific. This need has become more urgent in light of digitization. More companies today are transforming into Digital Businesses with data at the heart of their strategies. While adopting the cloud, Internet of Things (IoT) and data analytics open up new benefits and horizons, the reality is that they also introduce new risks.
Hence, in order to fully experience the advantages of a Digital Business, enterprises must ensure that they transform securely. Here are the significant trends that enterprises need to keep watch in 2019.
Continued evolution of risks like Distributed Denial of Service (DDoS) in IoT age
IoT networks will only grow more expansive and sophisticated. At the end of 2018, IoT spending was estimated to be around US$291.7 billion. Analysts also predict that 8.6 billion connected devices will be active in the Asia Pacific by 2020.
More and more IoT devices are interconnected and intertwined with the daily lives of customers and business operations. This also means that the network of devices will get more complicated—and harder to secure. Visibility over data will lower, leading to blind spots and vulnerabilities. As network boundaries fade, the traditional approach to cybersecurity will become ineffective. The situation is worsened due to the increasing volume and sophistication of DDoS attacks that target IoT devices.
According to the CenturyLink 2018 Threat Report, the stronger the growth of IT infrastructure and networks in a region, the more active the cybercrime activity. CenturyLink Threat Research Labs detected a high number of command and control (C2) servers in China, South Korea, Japan, India, and Hong Kong. These C2 servers are responsible for directing bot attacks in Asia Pacific. Consequently, the labs also discovered high bot traffic in markets like China, Japan, South Korea, India, and Taiwan.
To operate securely in 2019, enterprises must place IoT security as a focus in their cybersecurity plans.
New threats like crypto-jacking are emerging
While ransomware may still be a popular form of cyber attack, experts are seeing a rise of another form of threat. Riding on the trend of crypto-currency, attackers are increasingly utilizing crypto jacking. This method is now more prevalent than taking devices and entire networks hostage.
The attack is carried out by installing crypto-currency mining software on a target system. The software stays “under the radar”, consuming processor cycles and their requisite electricity to process crypto-currency transactions. Attackers benefit by earning a commission through cannibalizing other IT resources. What makes this threat even more deadly is that attackers do not have to form command and control links with the target. The victim is also only losing processing cycles that may have gone idle anyway, contributing to the reasons behind the attack’s popularity.
Early crypto jacking attempts largely targeted PCs and mobile devices, but servers could be the next victims.
Powering private and public cloud data centers, servers are both vast in number and far more powerful than PCs and mobile devices, presenting hackers with more processing power to mine more crypto-currency and scale their earnings.
Rising focus on insider threats
While enterprises pay more attention to external attacks, they must not lose sight of the threats from within.
Employees remain one of the top causes of data breaches, both malicious and negligent. Other sources of insider threats include cybercriminals working from within companies and third-party contractors. In Asia Pacific, insider-related incidents caused enterprises to lose approximately US$5.88 million in a space of 12 months.
Despite these disconcerting findings, companies are not doing enough to drive a culture of cybersecurity. For example, 36 percent of organizations in Singapore do not have employee security awareness training program and 44 percent say they do not have an incident response process.
There will be an increasing need to adopt a security approach that takes into account both internal and external threats. A holistic threat defense platform that delivers connected security solutions coupled with global threat visibility will become increasingly important for organizations.
Meanwhile, organizations need to ensure that everyone plays a part in cybersecurity, from the boardroom to the cubicle. C-level leaders and all employees must be educated on cyber risks today and take steps to be aware of their potential for repercussions.
Increasing collaboration between private-public partnerships to fight threats
Organizations, including industry experts and governments, are gradually realizing that the cyber threat landscape is evolving too quickly for a single entity to keep up. Therefore, many will turn to partner to improve their cybersecurity posture. In Asia Pacific, a typical organization does not have cybersecurity as its core strength and usually hires a lean IT team to manage databases and servers. While this keeps costs low, many do not have adequate cybersecurity skills to fight advanced attacks.
Moreover, as countries move towards economic cooperation and transform into digitized economies, networks will become more interconnected and interdependent. This means that sophisticated attacks have a larger “attack surface” to work on—and a single malware can spread quickly and affect business-critical systems across the region. Countries in the Asia Pacific are being used as launchpads for cyber attacks, as discovered in the CenturyLink 2018 Threat Report. Hence, security in the region has become everyone’s issue and organizations must work together to stand a better chance of fighting evolving threats.
Global threat intelligence will play an increasingly important role in security
Reactive security strategies are fast becoming inadequate in the face of today’s threats. At the speed in which today’s threats evolve, being on the defensive will not protect any enterprise effectively.
Instead of taking the traditional approach to detecting and mitigating threats, enterprises need to proactively understand the threat landscape and anticipate emerging threats. This requires the support of a global threat intelligence network and teams of security experts who can make sense of security data to produce actionable insights.
Artificial Intelligence (AI) and machine learning can play crucial roles in analysis. These technologies will be the keys to strategic advantage in understanding and staying ahead of threats. AI can yield actionable insights from the massive amount of data that flows through networks and fiber backbones. On an operational level, AI can also help automate daily tasks like log monitoring so that teams can be deployed for more value-added tasks.
In the long term, there will be an elevated need for Connected Security. This entails using the network as a threat sensor to understand evolving attacks. Capabilities like integrated network visibility and control, real-time threat intelligence, and automated management and response will become increasingly important.
Technology companies with connected security solutions will be key partners and advisors
Enterprises will also increasingly turn to IT partners with the right people, process and technology to help with cybersecurity issues. One of the driving reasons is that the Asia Pacific is suffering from a huge shortfall of 2.14 million in terms of cybersecurity talent, more than any other region in the world.
Furthermore, cybersecurity is not the core business of many enterprises, which means they have to take on additional costs and manpower to boost that function. Other costs include keeping up with the latest security technologies, which require significant capital expenditure. Hence, it will make more sense for businesses to partner up with a technology company with deep networking roots and a focus on security across its portfolio. Such companies will be able to understand their customers’ businesses holistically and offer cybersecurity strategies and solutions that are customized to their needs—instead of a piecemeal “product-centric” approach filled with gaps.
As we move into 2019, enterprises have to be mindful of trends in the evolving threat landscape. Dealing with these risks effectively will call for partnerships and collaboration between public-private organizations. Leverage the full potential of a Digital Business by building a quick, secure path to digital transformation with a reliable partner of connected security solutions.