Barbarians at the cybergate: When defending cyberspace means life and death for many
NUMBERS never lie. But when couched in malicious code, numbers could lie and compromise systems.
Hence, from a sphere involving solely the private sector, cybersecurity has become a major agenda in talks among representatives of advanced economies, like US President Joseph Biden Jr. and Russian leader Vladimir Putin in this week’s summit between the previously opposite poles of a slumbering Cold War.
Moreover, cybersecurity was recently in the limelight when cybercriminals attacked two major American establishments through ransomware.
These cybercriminals didn’t spare lesser-developed economies.
According to Russian cybersecurity firm Kaspersky Lab ZAO, data breach is a major challenge facing not only the Philippines but other countries in the Association of Southeast Asian Nations (Asean) region as well. Singapore, Malaysia, Thailand and Vietnam all share the same predicament, making the region a flashpoint of data breaches.
Citing 2020 figures, Kaspersky said it would cost a small enterprise and medium business a hefty $101,000 (P4.8 million) if they get hit. Meanwhile, an enterprise-level company’s potential losses would be hefty at $1.09 million (P52.4 million). Further, organizations both big and small also expected to see their reputation damaged, resulting to a loss of customers.
Breach in data
REPUTATION would be the least of problems for governments when highly-classified information is compromised.
“For an individual, it is possible becoming a victim of burglary or car theft if your home address, location or vehicle registration details are shared publicly,” Kaspersky said.
According to the Russian network security provider, the worst-case scenario is if an individual becomes a victim of identity theft.
“If your device is hacked, you could potentially lose priceless personal photos and videos, lose access to your online accounts like social media and email and then get blackmailed, lose money if cybercriminals get hold of your financial information, be charged for loans if they get your social security or passport details—all because someone else now has your data and could easily pretend to be you.”
Kaspersky has long emphasized that governments must immediately address the threat of data breach.
In April, almost 900,000 Facebook accounts of Filipino users were reportedly included in a large-scale data leak that affected over 506 million users worldwide. In the same month, some 345,000 sensitive court documents of ongoing legal cases were found to have been made publicly available.
Earlier this year, data of about 3.3 million users of an online lending platform was reported to have been sold on the Dark Web.
IN 2019, Kaspersky said private details of 900,000 clients of a pawnshop operator were affected by a breach.
There were several more but the massive leakage of personal information of 55 million Filipino voters in 2016 remains to be the biggest data breach in the history of the Philippines.
“Generally, a data breach happens due to weaknesses in user behavior (human) and technology. Our devices get more connective features so there are places where data could slip through. There is no specific sector or person that’s being targeted as cyber criminals do not discriminate,” Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky, said. “Anyone is vulnerable.”
Yeo Siang pointed out that cybercriminals behind data breaches use manipulation techniques like social engineering to exploit human error and penetrate the system. He added that cybercriminals use many forms of social engineering tricks. These include: offering time-sensitive opportunities; mass phishing; carrying out personalized and targeted attacks; intercepting communications; posing as someone legitimate; and, a dozen creative others.
Kaspersky product users in the Philippines reported a 160.43-percent rise in detected web threats under social engineering attacks from the first quarter of 2019 (7,674,407) to the first quarter of 2021 (19,987,120).
CYBERSECURITY has been thrust into the top in the agenda of many with the continuing over-reliance on technology to move the gears of the economy.
But unlike its neighbors in the Association of Southeast Asian Nations (Asean), the Philippines has been slow in adopting digital technology. In 2011, only about 31.33 percent or 33.6 million of its 100 million-plus people were Internet users.
Of the Internet users in the country, 75 percent use personal computers while 25 percent use their mobile phones to access the Internet, whether for personal or business purposes.
The average age for Internet users in the country is estimated to be 23 years old and below. Most of them spend around 21.5 hours per week browsing the Internet. About 51 percent of these Internet users have active profiles on YouTube.
As of 2012, the Philippines ranked sixth in the total number of Internet users in Asia but third in the world in the number of Facebook users. About 48 percent of these users are male while 52 percent are female.
ACCORDING to Christina Liang-Boguszewicz, founder of BI Consulting Group LLC, the Philippine National Police (PNP) reported a total of 2,778 cybercrime-related offenses from 2003 to 2012.
“This trend in criminal activity necessitates the need for a dedicated unit within the PNP to go after these offenders and improve its cybersecurity posture,” Liang-Boguszewicz said.
According to data she obtained, the PNP has recorded a total of 1,184 incidents from 2010 to 2012, with the highest being the attacks targeting government websites where a total of 940 website defacements have been recorded.
Liang-Boguszewicz defines cybersecurity as involving the protection of key information and devices from cyber threats.”
“The classification of information and its protection, the cyber culture in an organization and the critical understanding that cybersecurity is a business level and company-wide are imperative” for many, she added.
Liang-Boguszewicz added that cybersecurity encompasses a complex suite of practices, tools, strategies and people; a culture that now form part of the business across all functions,
As a result, tackling cybersecurity requires a holistic picture to be understood.
LIANG-Boguszewicz points out that conventional strategic thinking will not be effective in meeting the demands of digital growth and cybersecurity. Therefore, it needs a shift in strategic thinking where it treats cybersecurity as fabric, “where all transformation is built upon.”
“There needs to be a top-down cyberculture actually implemented across the board,” she said.
In crafting a comprehensive cybersecurity plan, each member of the C-suite should possess a mindset that considers the impact of digital transformation, Liang-Boguszewicz said.
According to her, the CEO must know what he or she should do about digital disruptions in the industry.
“How does digital help me grow the business, enter new markets, or strengthen the position? And how does it threaten my value chain ecosystem of customers, suppliers, and business partners?”
The chief operating officer (COO), meanwhile, must know how to use digital to align the organization for increased speed to market and more flexibility.
“How can the COO deploy digital solutions to improve business process efficiency? Does digital change the level of vertical and horizontal integration?”
THE Chief Information Officer (CIO), meanwhile, must consider several factors in the crafting of a comprehensive cybersecurity plan, Liang-Boguszewicz said.
She added that the CIO must know where information technology (IT) helps create new business models and opportunities.
“Does the IT organization have the capabilities to facilitate innovation and enable the business strategy? Where does the CIO need to invest in order to be ahead of the technology curve?”
Last but not the least, the chief finance officer (CFO) must address the economics of the building of a cybersecurity infrastructure, according to Liang-Boguszewicz.
“How can digital help me to improve financial performance? Where is the profitability of our product/services threatened by digital, new market entrants with much lower cost structures?”
The CIO must know how he or she can better control the business with real-time information.
“Management must collaborate on the digital agenda to properly react to digital disruption in the industry,” Liang-Boguszewicz said.
Both government and the private sector must raise their digital and cyber maturity level to get a clear picture of the situation, she added.
This means each organization must utilize a standard approach, and understand clearly the direction they are going to. The two parties also need to determine their current status to be able to devise a solution blueprint, Liang-Boguszewicz added.
In fledgling state
LIANG-Boguszewicz described the Philippines as “enhancing [the] capability to combat cybercrime but woefully unprepared to deal with cyberterrorism and cyberwar.”
Joanne Wong, LogRhythm Inc. vice president for international markets, agrees saying the country’s cybersecurity infrastructure is still in its fledgling stage.
According to Wong, Covid-19 has accelerated cyber risks and threats which unleashed its own cyber pandemic.
As organizations increasingly embark on digital transformation journeys and shift to remote work and consumers rely on digital services during a global lockdown, there is a huge risk when people expose themselves to opportunistic cybercriminals looking to cash in on cyber vulnerabilities, she added.
“The Philippines, while growing rapidly as a digitally-savvy nation, is still in the nascent stages of its cybersecurity maturity; so [it] remains extremely susceptible to cyberattacks,” Wong said.
“For instance, we saw phishing attempts increase by 200 percent since the start of the domestic lockdown last year, and 44 percent of Philippines-based consumers have reported being targets for digital fraud within the first quarter of 2021,” Wong added. “Organizations have not been exempted either, with a Filipino fintech platform recently entangled in a high-profile data breach that resulted in close to 3.3 million user records being stolen and sold online.”
AS the Philippines continues to contain the pandemic and drive economic recovery, Wong underscored giving importance to cybersecurity as a key pillar in its strategy towards economic recovery.
Failure to do so, according to Wong, would have disastrous consequences as the nation will only continue to face heightened threats as digital and online services become more prevalent; including phishing, ransomware, data breaches and online fraud schemes.
Pamela Ong, sales director for Asia-Pacific of Slovakian Internet security firm ESET spol. sro, said the advent of Covid-19 has brought to the table the increasing importance of cybersecurity, especially when the work-from-home concept became more popular in the Philippines.
At a time when businesses are relying on resilience to rebuild, Ong warned that malicious actors are continually exploiting the security vulnerabilities that accompany remote working.
“With employees accessing business data and corporate network remotely from home, ESET had detected an almost 10-fold increase in [Microsoft Corp.] Window’s remote desktop protocol (RDP) attack attempts in the Philippines in the last four months of 2020 against the [first trimester] (T1) [of that year],” she said.
Globally, Ong pointed out these attacks remained prevalent in the first four months of 2021 (T1 2021) “as our telemetry had recorded close to 27 billion password guesses trying to compromise Internet-facing systems via RDP, which are widely used to allow connecting to the corporate network from remote computers.”
Adopting a model
WONG said the Philippines is on the right track as it has committed to strengthening its National Cybersecurity Plan 2022 to safeguard critical ICT infrastructure and enhance cyber resilience competencies.
She noted that the National Privacy Commission (NPC) has also been proactive to release updated security guidelines during this Covid-19 period, in a bid to support organizations’ remote working efforts, protect personal data for consumers and penalize the private sector for data privacy violations.
Wong emphasized it’s quite important for the Philippines to continue to double-down on its cybersecurity efforts and keep a tight eye on potential threats and vulnerabilities in its system. She urges the Duterte government to establish clear guidelines for both public and private institutions on how to conduct cybersecurity operations as well as put in place dedicated systems and processes to maintain visibility across their entire network.
“Only then will they be able to detect and remediate threats with speed and ease,” she explained. “Furthermore, they must look to adopt a Zero Trust model to tailor controls around sensitive data and networks based on user roles, so as to minimize the impact of data breaches in the organization.”
ACCORDING to Canalys Pte. Ltd., cybersecurity will remain a high priority this year, “as the range of threats broadens and new vulnerabilities emerge, while the frequency of attacks is unlikely to subside.”
The Canalys cybersecurity market global forecast assumes current investment trends will persist. It correctly predicted in January that the first half of the year will be affected by ongoing lockdown restrictions and furloughs in response to the pandemic.
“Covid-19 vaccine approvals and the start of mass vaccination programs have set a timeframe for reopening economies and a sustained global recovery from mid-year.”
Canalys expects the overall cybersecurity market value to reach $60.2 billion this year, covering shipments of endpoint security, network security, web and email security, data security, vulnerability and security analytics and identity access management.
Even in its worst-case scenario, Canalys’s outlook for the cybersecurity market is for annual growth of 6.6 percent.
Canalys said the market’s growth is based on the assumption that “a deeper and protracted economic impact from lockdowns and considers the emergence of new variants of the virus.”
NONETHELESS, Canalys said in January that “cybersecurity budgets have been resilient during the pandemic.” So far.
However, the company said SMB spending was affected and workforce reductions and furloughs hurt some renewals and multi-year deals, especially in the hardest-hit sectors, including hospitality, retail and transport.
“Supply chain issues were also a factor in hardware fulfillment earlier in 2020 but have since eased,” Canalys said.
Despite the continued growth in cybersecurity investment, the number of data breaches and records being compromised, as well as ransomware attacks, reached an all-time high last year, according to Canalys.
The company said over 12 billion records, containing a range of personal identifiable information, were reportedly compromised last year, while the number of known ransomware attacks increased by nearly 60 percent.
“Misconfigurations of cloud-based databases and phishing campaigns targeting the vulnerabilities of unsecured and poorly trained remote workers were key factors,” the research firm said. “Sadly at this time, with the healthcare and education sectors under extraordinary pressure, more attacks and online fraud were directed at them. Ongoing mass remote working and learning, and the acceleration of digital transformation projects will maintain this trend in 2021.”
THE Philippines must also reckon with the dearth of cybersecurity personnel and low level of cybersecurity awareness among its citizens.
A country’s cyber defense strategy is only as strong as its weakest connection, Wong said, citing a need to increase cyber literacy among Filipinos to prevent them from falling victims to cyberattacks.
There is also a need to upgrade the skills of the Philippines workforce to ensure that there are enough cybersecurity professionals that can help support and safeguard today’s digital operations.
Indeed, according to Canalys Chief Analyst Matthew Ball, “cybersecurity professional services engagements in response to this latest issue will be one of many factors contributing to sustained investment this year, especially in newer solutions to mitigate emerging threats.”
Exacerbating the situation
KASPERKY’S Yeo Siang noted that current threats have become increasingly complex and malicious.
To exacerbate the situation, the attacks do not recognize boundaries such that an attack targeting Southeast Asia may be originating from Europe and vice versa, he added.
“A successful defense requires a new approach—one that is proactive and adapts to the threat environment as it changes,” Yeo Siang said. “In short, building an advanced specialized framework with the most intelligent solutions is a recommended countermeasure that any sector in the Philippines needs to have in place to respond quickly to new threats.”
Yeo Siang said an ideal formula must be composed of three elements: continued education on all levels of cyber hygiene; active collaboration between private sectors and the government to combat cyber-attacks; and, use of the most current technology.
This is important as, Ball said, “the biggest threats are always those not yet known.”
Indeed, barbarians are at the cybergates, using numbers that appear harmless but lie in wait to breach cyberdefense.