Intelligence-driven cybersecurity amid digital revolution in Southeast Asia

More from author

Diaz empowering women weightlifters in Malaysia

RIO 2016 Olympics silver medalist Hidilyn Diaz is not only lifting iron as her training intensifies in...

Saso 3 shots behind with 1st round 68

MULTI-TITLED Ai Suzuki is back with a bang, so did Player of the Year frontrunner Yuka Saso.

Obiena bags bronze medal in Rome meet

THE stars continued to align themselves in Ernest John “EJ” Obiena’s pursuit of a successful Tokyo Olympics...

By Yeo Siang Tiong

Among the obvious effects of this pandemic is the rapid rise of online payment services and digital banking across Southeast Asia. Due to various social distancing restrictions, people from across the region now opt to avoid the brick-and-mortar bank branches deemed as a public space where coronavirus may flourish, in turn kicking off the increased use of the physically safer option—
e-wallets and mobile payment applications.

It is, however, far beyond surprising. As early as late 2019, before Covid-19’s massive effect across Southeast Asia, I’ve read an article which revealed that online financial transactions in the region will be a $1 trillion business by 2025 and the digital wallet segment is set to jump fivefold to $114 billion during the same year. 

I believe these two key sectors will go far beyond these predicted numbers as we try to minimize human contact for the sake of our physical health. In fact, a latest study noted that 40% of consumers in the region admitted to using e-wallets more than ever. Malaysia is leading the way when it comes to this area. On the other hand, cash is slowly being dethroned as king as lesser people use banknotes to purchase or trade goods and services. 

Fertile land for online payments

What makes the region a fertile land for digital banking and online payment systems is the fact that it houses countries with young population—millennials and Gen Z’s who are not used to physically visiting financial buildings, queuing for a long time to fill up forms, like how the generations before them have done. 

Another important factor is that there is still a significant percent of individuals who are unbanked or underbanked, which means those without any bank account or credit statements to begin with. This is particularly true in still emerging countries like Indonesia, Malaysia, Thailand, the Philippines, and Vietnam.

In Singapore, the public and the private sector are also campaigning to improve the online financial literacy of the country’s older population. Several groups are hosting a series of training to drive the 54 and above age group in embracing payment apps and e-wallets. Based on the recent survey, the efforts are bearing fruit as the older Singaporeans now agree to use these remote tools and apps to do their monetary transactions.

Financial sector’s growth pains

AT the center of this digital revolution is trust. Customers are using e-wallets, mobile banking, and web applications driven by necessity. Now more than ever, they need to trust financial institutions to secure their hard-earned and definitely much-needed money.

Digital transformation, of any sector, always presents new challenges, especially for banks and for financial services. To put it simply, revolutionizing banks’ way of doing transactions means overhauling their legacy systems including people, process, and technology.

Humans remain the weakest link. Customers, especially those that are not digitally native, lack the proper awareness about the simplest risks like phishing and spam. Internal employees require new training and third party services should also be assessed comprehensively.

Processes have to be adapted to the digital world. Data required a sophisticated level of encryption, access and data management should be reviewed and given intelligently, additional security also required additional security budget.

When it comes to security, endpoint should be the foundation and banks should have known this by now. Financial services, as they transform and carry more data behind their back, should be looking at adaptive approach in security, which should be proactive rather than reactive – ready before an attack happens.

Banks and e-wallet providers

The future may be foggy as different technologies continue to be developed, AI, 5G, Internet of Things, cryptocurrency, name it. But the past offers concrete lessons the financial sector could learn a lot from. 

The unfortunate answer to the questions why banks and e-payment service providers should take cybersecurity seriously is the $81 million Bangladesh Bank Heist, which rocked the world in 2016. This incident, which started with a spear-phishing e-mail clicked by an unsuspected employee, ended up costing a lot of professional, reputational, and financial losses. 

Based on our telemetry, financial phishing is still being used rampantly with our solutions blocking more than 40 million financial-related fraudulent e-mails just from January to May of this year.

The cybercriminal group responsible for this incident, based on pieces of evidence gathered by our researchers as well as other investigators, is the infamous Lazarus group. It is the same cybercrime group responsible for the Sony Pictures attack in 2014 and even the Wannacry ransomware attack in 2017.

Our very own Research and Development Team at Kaspersky, which we call GreAT (Global Research and Analysis Team) has been monitoring Lazarus group closely for years. Through this intelligence, we can detect the possible tactics, techniques, and procedures (TTPs) they may use when they try to get into an enterprise’s or an organization’s system. We can block them, analyze, and alert the team on which TTPs to look out for based on the previous behavior of this actor. This is how critical threat intelligence is. It can supply enterprises with the essential data needed for you to combat future cyberattacks against your organization. 

At Kaspersky, we deliver threat intelligence in different forms but with one aim—to give enterprises and organizations a 360-degree view of the current threat landscape. For instance, our Threat Data Feeds provides actionable data, saving your IT workforce’s time spent dealing with false flags. We also have Financial Threat Intelligence Reporting which is specifically made for the financial sector, focusing on the threats and tools cybercriminals are using or selling to target banks, payment processing companies, ATMs and POS systems.

Threat intelligence, however, is just one part of a proactive approach to cybersecurity. Again, it’s people, process, and technology. Proper and effective training for all employees should be done regularly. Awareness matters as the biggest cyberattacks usually start with a simple human error.

Given the evolving nature of cyber threats that are expected to become more sophisticated, it is also important that financial institutions have the necessary tools that can help track threats that can evade regular endpoint solutions, even before they hit you. For example, solutions such as Kaspersky Anti-Targeted Attack can help you pre-empt what is out there and how it can affect you before such an attack commences. 

We are at the middle of a digital revolution and the use of online payment gateways and e-wallets are certainly here to stay and even increase. While it is a huge responsibility for banks and financial service providers to secure their virtual systems, I am certain they can pilot their way to the future as long as they build their cyber defenses intelligently.

The author is the General Manager for Southeast Asia at Kaspersky, a global cybersecurity company founded in 1997.

- Advertisement -

LEAVE A REPLY

Please enter your comment!
Please enter your name here

More updates

- Advertisement -

Editorial: Madness and character

There are two quotes that are particularly applicable to 2020 and all that has happened. The first is from the German philosopher Friedrich Nietzsche. He died in 1900 and has had an amazing impact on late 20th and early 21st century thinking. At age 44, he suffered a...

Dispatch from Bicol: The canceled feast

Not in my lifetime, I told myself. Not in my lifetime that the biggest, most important festival in the Bikol region would be canceled. When acquaintances asked some weeks back if it was possible for them to travel to Naga so they could attend the Peñafrancia fiesta,...

Amal Clooney: The world’s Most Fascinating Person

I was intrigued when I received my invitation to join the 18th MAP International CEO Web Conference 2020 the other week. The theme of the conference sounded interesting enough, “A Whole New World: Reigniting the Stalled Global Economy,” but I was more allured by the name of...

ARISE, not CREATE!

Bayanihan to Recover as One Act, Part 2 (Bayanihan 2) was signed by the President on September 11, 2020. Many businessmen, non-government organizations and progressive legislators find the allotted P165.5 billion of the law too trifle and small in comparison to the earlier act passed by the...
- Advertisement -

In case you missed it