Here’s a traditional tale with a modern twist: Once upon a time, when offices and shops were open, and people could walk to the store to buy stuff, the police brought a prisoner before a magistrate. “Do you know what you are being charged with?” the judge asked the man in the dock. “I was doing my birthday shopping too early, your honour,” the prisoner replied. “That’s not a crime by any count,” the judge said, looking at the cops with his brows furrowed, and then turning to the prisoner. “But just how early were you doing your birthday shopping?” The prisoner sheepishly replied: “Before the shop opened.”
If you thought that wisecrack deserved a laugh, think again. Interpol says that an alarming spate of cyberattacks aimed at major corporations, governments and critical infrastructure started during the pandemic. An Interpol report released in March notes that hackers had switched focus from individuals and small businesses to government agencies and the healthcare sector, where higher financial demands could be made through ransomware attacks.
“With organisations and businesses rapidly deploying remote systems and networks to support staff working from home, criminals are also taking advantage of increased security vulnerabilities to steal data, generate profits and cause disruption,” Interpol warns.
The US Federal Bureau of Investigation reported in August 2020 — amid the pandemic — that the number of complaints received by its Cyber Division was about 4,000 a day, up 400% year on year. Tonya Ugoretz, deputy assistant director of the FBI’s Cyber Division, said many hackers were from nation states that had a “desire to gain insight” into Covid-19-related research and that the “rapid shift to telework” had opened a considerable number of cyber vulnerabilities for hackers to exploit.
Most hackings come in the form of “spear phishing”, targeting individuals. “This malicious tactic uses emails, social media, instant messaging and other platforms to get users to divulge personal information or perform actions that compromise the networks and lead to data or financial loss,” says cybersecurity firm Trend Micro. “By deploying Covid-19-themed phishing emails, often impersonating government and healthcare authorities, cybercriminals entice victims into providing their personal data and downloading malicious content.”
Zohar Pinhasi, a cyber counterterrorism expert and founder of MonsterCloud, reports that ransomware attacks are up 800% during the pandemic. “From those criminals’ perspective, it’s heaven,” Pinhasi told CBS News. “They’ve stepped on a gold mine.”
Trusting anything digital has become challenging, especially since the pandemic has forced companies to change the way they do business. In the cyber realm, the extraordinary circumstances in 2020 handed hackers opportunities to exploit communication networks and provided rich targets in supply chains and critical infrastructure.
“Ransomware continued its surge to become the number one threat type, representing 23% of security events in 2020,” reports a recent study by IBM Security X-Force. “Ransomware attackers increased the pressure to extort payment by combining data encryption with threats to leak the data on public sites. The success of these schemes helped just one ransomware gang reap profits of US$123 million in 2020.”
IBM’s X-Force team monitors 150 billion security events per day in 130 countries and claims to have more than 10,000 security patents worldwide. The study notes that Asia-Pacific accounted for 25% of all attacks in 2020. Data theft was the most common attack type, driven mainly by a flurry of Emotet data theft attacks in late 2020, making up 22% of all attacks in Asia. Japan was the top attacked country in Asia last year, followed by India and Australia. Europe was the most-attacked global region and experienced 31% of attacks observed by X-Force, followed by North America (27%) and Asia (25%).
For the fifth year in a row, finance and insurance companies ranked first in the number of attacks globally, followed by manufacturing, which ranked eighth in 2019. In third place was utilities (power), up from ninth in 2019. Healthcare jumped from tenth in 2019 to seventh in 2020, driven by a slew of ransomware attacks against hospitals. All of which underlines the necessity to secure critical national infrastructure.
Amid the pandemic, many businesses sought to accelerate their cloud adoption. A Gartner survey notes that 70% of organisations using cloud services plan to increase their cloud spending during the pandemic. Global end-user spending on public cloud services is set to grow to US$304.9 billion (about RM1.2 trillion) this year, up 18.4% over 2020. Cloud attacks have therefore risen proportionately.
The biggest hack so far? In early 2015, a record £650 million (RM3.5 billion) was stolen from a hundred financial institutions worldwide allegedly by a gang of Russia-based hackers, who had spent two years planning the hit. The malware infected the banks’ intranets and clandestinely fed sensitive data, including emails and passwords, to hackers over months. While the criminals behind the attack were reportedly based in Russia, their scale was global, with banks in Japan, China, Europe and the US having been hit.
The hack was too sophisticated for its own good. The criminals could even get infected ATMs to dispense cash without an ATM card. An ATM in Ukraine suddenly spewed out cash without anyone being present. Cops called Kaspersky Labs to investigate, and it uncovered the scale, depth and audacity of the attack.
Malaysia has listed 10 sectors under CNII (critical national information infrastructure): banking and finance; energy; emergency services; food and agriculture; government services; health services; information and communications; national defence and security; transportation; and water.
Malaysia set up the National Cyber Security Agency or NACSA in February 2017 to secure and strengthen the country’s resilience in the face of cyberattacks. The agency coordinates expertise, collates resources and publishes the latest threats and vulnerabilities to help Malaysia-based businesses find and resolve them. Here is the link: https://www.nacsa.gov.my.
CyberSecurity Malaysia, under the Ministry of Communications and Multimedia, announced in February this year that it would partner with Huawei to set up a cybersecurity lab. “We’re developing a strategic collaboration framework in cybersecurity governance, talent development, and to establish cybersecurity standards and certification,” CyberSecurity Malaysia CEO Amirudin Abdul Wahab said. “The goal is to position Malaysia as the first regional cybersecurity centre of excellence.”
That goal is pertinent because Malaysia wants to get a 5G telecommunications network ready by end-2021. “We want to be among the first [of the] Asean member states to roll out 5G deployment — and not just limit ourselves to 5G test labs,” Communications and Multimedia Minister Datuk Saifuddin Abdullah said in February. “It is very important for investment, and this is where companies like Huawei will play a very significant role.”
The bottom line: Have you been hacked? Cybersecurity is a dynamic game, which the hacker and the hacked, the attacker and the attacked, play 24/7. It is a stealth game played in the shadows, sometimes with tools that turn employees against their employers without the employees knowing about it. Vigilance and tools — such as analytics and artificial intelligence and big data and business intelligence — must be deployed to mitigate the risks, halt the hackers, alert the authorities and keep cybercriminals out.
Since we started with a traditional tale, let’s also end with one. My friend returned home from his office one day and found his lock had been broken and some valuables stolen. He called the cops and waited. After a while, he also called for pizza delivery. “Face the reality, bro,” my friend texted me. “We live in a society where the pizza gets to your door before the cops do.”
The writer is vice-president of new technologies at Fusionex International, Asia’s leading big data analytics company