Cybersecurity is no longer an afterthought for most businesses nowadays as it is only a matter of ‘when’ they will come under a cyber-attack. It is necessary for businesses to protect themselves from increasingly sophisticated cyber-attacks and identify the vulnerabilities arising from the adoption of new technology such as cloud computing and the Internet of Things (IoT).
With Singapore crowned as the leader for the source of cyber-attacks in 2017 ahead of countries like China and Russia, it is a firm testament to the fact that many of the infrastructure and systems in Singapore are vulnerable and are therefore prime targets for foreign hackers to hijack to launch further cyber-attacks on other countries. Even government-owned systems are not spared – this can be seen from the cyber breach suffered by Singapore’s Ministry of Defense (MINDEF) this year. The MINDEF-owned I-net system was breached earlier this year in February and personal data of 850 national service men and employees were stolen.
It was also noted that the attack was done by professionals based on undisclosed tell-tale signs, and the perpetrators are unlikely to be found. Businesses are equally susceptible to cyber-attacks such as the recently disclosed data breach suffered by Uber. The well-known ride-hailing company had a data breach in 2016 and user accounts globally had been compromised. The breach was kept secret for more than a year as the company paid a ransom to the hackers in order for them to destroy the stolen data.
While it was not disclosed if Singapore users were affected,Uber Singapore is currently working with the Land Transport Authority and Personal Data Protection Commission to identify the impact of the data breach on Singapore users. By concealing the breach, users have a higher chance to fall victim to identify theft and it is likely that a penalty will be imposed by the government should it be discovered that personal data of Singapore users were part of the breach.
With strict data protection laws in Singapore, businesses, both large and small, need to ensure that they do not run afoul of any data protection regulations. Earlier this year, an article reported that 2 businesses in Singapore had to pay a fine of $10,000 for insufficient security protection on collected user’s data. These type of cases can be avoided if security procedures in the businesses were established. While the amount may not be very substantial to most companies, it has a negative impact on the company’s image and reputation which will in turn affect customer’s confidence. Further monetary losses can also arise from lawsuits launched by victims of the data breach. As a case in point, Anthem Inc., the largest insurance company in America, had to pay a settlement of USD $115 million to the victims affected by its data breach. Therefore, it is necessary for businesses to invest in implementing adequate cybersecurity measures in order to minimise the risk of such events occurring.
Even with proper security implementations, it is necessary to know that the weakest link in the security of a business can also be its people. One such example would be the infamous ransomware attacks suffered by many worldwide that caused huge losses. While most of Singapore was spared from the recent Wannacry ransomware attacks, there were still signs of the ransomware hitting some systems in Singapore which were spotted by the public.
Figure 1: Image of a digital display at Tiong Bahru Plaza affected by ransomware Source:REDDIT
A ransomware is usually embedded in an attachment sent to unsuspecting users via email. The ransomware detonates after being clicked on and proceeds to encrypt files on the system and locks the user out until the user pays a ransom to the hacker for decryption. In most cases, users do not gain access to the files even after paying the ransom. Therefore, in addition to implementing adequate security measures on their systems and infrastructure, increasing user awareness on cyber threats is a must. No organisations can be considered proficient in cyber defense without having users who are well-trained to identify threats targeting them.
With the rise of IoT technology that connects non-standard computing devices such as home appliances, sensors or even vehicles to the internet, security in IoT technology will become the next trend to look out for. As the world becomes increasingly inter-connected, the number of IoT devices will continue to rise. Based on statistics provided by Gartner, there will be more than 20 billion IoT devices in use by year 2020, which is a significant increase of 143% from 2017.
This is a concern to cybersecurity experts as most IoT devices are likely to be manufactured with functionality over security and privacy in mind. IoT devices could be susceptible to being leveraged on by hackers to steal information and even becomes a threat to human life -imagine being in a hijacked vehicle where your life could be in the hands of a hacker.
Also, IoT devices can suffer from inadequate support for security patches and update leaving them vulnerable to cyberattacks. Consequently, these IoT devices can be accessed by hackers to steal personal data and being leveraged upon as a pivot to compromise an organisation’s network. For example, the infamous Mirai Botnet leveraged more than 500,000 devices to conduct a Distributed Denial of Service (DDOS) attack.
With the ever-changing landscape of cyber threats, it is necessary to innovate and improve existing security measures to combat them. With the current advances in Artificial Intelligence (AI), especially techniques such as ‘Deep Learning’, many experts expect that security vendors will integrate AI into their products to improve their ability to detect cyber threats. Deep learning, being a subset of artificial intelligence, has networks capable of learning in an unsupervised manner. Deep learning will allow systems to become smarter and switch between processes without the need for human interactions. This kind of advanced capability is invaluable in cybersecurity as it will be able to guard against increasingly complex malicious threats such as ransomware.
A simple example would be by allowing the AI to analyse patterns, trends and typical user behavior. Once the machine has learnt of the user’s habits, it can then detect anomalies or things that the user wouldn’t normally access and raise them as red flags or triggers a re-authentication alert, possibly foiling attempts of unauthorised accesses.
In line with the example above, the basic idea is to allow AI to ingest a huge data set and through a trial and error learning process, it will be able to correctly predict what a malware is and block the access to it.
Another upcoming trend will be the adoption of Blockchain technology as a cybersecurity measure. Blockchain provides a distributed and transparent ledger which will allow organisations to gain greater control over their information whilst highlighting any suspicious behaviours.
Blockchain technology can help with user authentication and identification as well as access management. The Blockchain system includes a digital ledger of transaction that is shared among all participants via a distributed network of computers. This ledger is accessible and transparent to all participants involved making it impossible to hide any access records. Should there be any unintended or unauthorised access, it can be traced back easily or it can also be used as prove that some unauthorised personnel had accessed or copied a set of data, for example.
With the transparency and automation of blockchain technology, it eliminates the need for check and balance as it is possible for the blockchain ledger to detect suspicious behaviour and isolate the connection or limit the user’s access until the transactions have been authorised by the system administrators or the IT security team.
Security experts predict a rise in the utilisation of blockchain technology in cybersecurity or having the blockchain technology completely replacing the traditional centralised database of logs/records in the near future.
Nexia TS has a team of cybersecurity professionals who is able to leverage with newer technologies to combat cybersecurity incidents. Our unique proposition, which combines years of experience in IT security and computer forensic investigation, allow us to perceive cybersecurity incidents from many angles, assisting your business to effectively prevent, detect, respond and investigate in a timely manner.
Our full suite of Cyber Security Services includes:
Information Security Controls Assessment – Providing assurance that your IT systems are adequately protected and reducing the risk of data loss or leakage, service disruption and poor management of IT systems
Vulnerability Assessment and Penetration Test – Simulating actual cyber-attacks to provide more detailed view of cybersecurity threats and also protecting computer systems and data from malicious attacks
System Health Check – Reviewing of system servers’ disk, CPU, RAM and network utilisation and sign for hardware failure to prevent IT disruption and data loss and provide recommendation for mitigation or technical solution
Cyber Security Investigation – Preserving and Analysing computer systems in a forensic manner, providing reports identifying root cause and recommendation for mitigation
3 https://www.mindef.gov.sg/imindef/press_room/details.html? ame=28feb17_nr&date=2017-02-28#.WjchVlWWapo