ASEAN Region Highly Vulnerable to Cybercrime

Banks and financial institutions need to take strong measures to counter the growing incidence of cybercrime in the ASEAN region

Last year, Dark Pink, a new advanced persistent threat (APT) group, successfully hacked the computer systems of military bodies, government ministries and agencies, and religious and non-profit organisations in seven countries including Cambodia, Indonesia, Malaysia, Philippines, and Vietnam.
The group used spear-phishing emails — or emails that are ostensibly sent from a known sender to induce targeted individuals to reveal confidential information — and a sophisticated, custom-designed toolset to exfiltrate sensitive corporate, government, audio, and messenger data from infected devices and networks.
Cybersecurity threats in the ASEAN region are growing and spreading to the financial services and banking sectors given the increase in online, mobile, and open banking, and the rising popularity of fintech applications.

SOUTH-EAST ASIA: ARENA OF CYBER ATTACKS

The National Cyber and Encryption Agency (BSSN) official Nur Achmadi Salmawan reported that the agency recorded 361 million traffic anomalies or cyber attacks in Indonesia from January 1 to October 26, 2023. Further, the number of scam and cybercrime cases increased by 49.6% to 50,376 in 2023, compared to 33,669 cases in 2022. Scams (including malware-enabled scams) accounted for 92.4% of the 2023 cases, with the total number of scam cases increasing by 46.8% to 46,563 in 2023, from 31,728 cases in 2022.

Meanwhile, Singapore witnessed a 25% increase in scams and cybercrimes in 2022 over the previous year, according to the Singapore Police Force. The country’s central bank asked its second-largest lender, Oversea-Chinese Banking Corp (OCBC), to maintain additional capital of S$330 million for operational risks in 2022 after it reported S$13.7 million in losses following a phishing scam that affected 790 customers. The bank made goodwill payouts to affected customers.

Malaysia, too, reported several data breaches in 2022 including the theft of personal details of 22 million Malaysians allegedly from the National Registration Department and a sophisticated data intrusion at an online payment provider.

According to IBM Security’s threat intelligence index, Asia was the most targeted region for cyberattacks in 2022, and Singapore-based cybersecurity firm Group-IB too has identified the Asia Pacific region as a “key arena” of APT activity.

HACKING WAYS AND MEANS

Emails, spear-phishing campaigns, and smishing attacks via mobile text messaging are the most common methods used by hackers to gain access to networks.

Phishing has become more sophisticated with hackers using machine learning to create convincing phishing emails that will appeal to specific targets. Hackers are also using new methods to deliver the malware in phishing emails such as through OneNote attachments.

Then, there’s the rise of ransomware-as-a-service and growth in artificial intelligence-driven malware and spam. Business email compromise attacks are also on the rise.

SECURING THE FORTRESS

The best way to deal with a risk is understand it. So also with cybercrime. Banks and financial institutions need to stay abreast of advancements in cybercrime to take appropriate steps to secure their IT infrastructure, networks, and applications, including using AI to detect cybercrime.

A multi-layered approach helps maintain cyber-hygiene. This includes multi-factor authentication, anti-malware mechanisms, robust patching, network and system segmentation, incident response procedures, regularly tested business continuity back-up plans, and importantly, education and awareness programmes for employees and customers.

Cybersecurity firm Akamai estimates that around 80% of cyber-attackers target customers of financial firms for monetary gain. A strong awareness campaign can enable them to identify phishing emails.

The points of entry for hackers have also risen as banks are increasingly on the cloud, share data with fintech firms, or rely on third-party service providers. ASEAN banks and financial institutions need to collaborate with their partners and service providers and also across borders to build cyber resilience. They can draw lessons from the upcoming implementation of the Digital Operational Resilience Act (Dora) in the Euro region, which will lay down regulatory requirements for enhancing security in the financial sector, including on cyber-threats and information sharing.

With DORA, the European Union (EU) is looking to standardise risk management requirements and processes for reporting cybersecurity incidents. Under it, all EU-regulated financial institutions are required to monitor and report security events, and tech service providers are subject to oversight by European regulators. It may not be possible to eliminate cybercrime, but financial firms can certainly reduce the risks.

SOME HIGHLIGHTS:

[molongui_author_box]

Developer

No bio available for this author.