Asian companies are the world’s most poorly protected against cyber-attacks, according to US security company Mandiant.
A year-long study revealed that cyber security breaches took almost three times longer to be identified within the region compared with global figures. Businesses in the US take on average four months to discover a breach whereas it can be as much as 17 months in Asia; this lands the region with the undesirable status of being 80% more likely to be targeted.
Most incidents in Asia are never made public because of the lack of breach disclosure laws in the region. An estimated 3.7 gigabytes of data had been stolen in each attack according to Mandiant, which could equate to tens of thousands of documents. With permission, the company was tasked with hacking into one organization’s systems to see how vulnerable it was.
“Within three days, we had the keys to the kingdom. If an expert group of hackers can do the same in three days, imagine what they can do in 520 days,” said Grady Summers, chief technology officer of Mandiant’s parent company FireEye, in an interview with the BBC.
The annually published global security report, which analyzed 22,000 machines, revealed that many companies in the Asia Pacific region are spending a disproportionate amount on first line defense such as firewalls and are still relying too heavily on anti-virus tools to detect malware or hacking attempts.
Mandiant suggested that the majority of cyber-attacks in the region are state-sponsored and are targeting areas of high geopolitical tension such as the South China Sea. A large part of the problem is regional operators and well known collectives of hackers working in Asia that are willing to exploit the weaknesses in security of local companies and government organizations.
Asian companies are “not doing enough, they frequently lack basic response processes and plans, threat intelligence, technology and expertise,” according to the researchers.
The number of attacks in the US and western Europe originating from Chinese hackers has decreased as their focus has been realigned to other parts of Asia, the report went on to say. Two recent victims in the region were a bitcoin exchange in Hong Kong called Bitfinex and Bangladesh Bank. They experienced estimated losses of $60 million and $80 million respectively.
In a separate report earlier this year by global consulting firm Deloitte, Australia, Japan, New Zealand, Singapore and South Korea were dubbed the “cyber five” as they have been judged to be nine times more vulnerable to cyber-attacks relative to their larger Asian counterparts China and India.
China is gradually overhauling its cyber security standards and has drafted several security laws over the past year that tightens regulation over suppliers of technological equipment and services. It is also beginning to allow foreign companies to join a government committee in an effort to ease concerns over cyber security within the country. Earlier this year, the body allowed Microsoft, Intel, Cisco Systems and IBM to take an active part in drafting new cyber security rules rather than being simply observers.
According to a report in the Wall Street Journal, “Beijing has been intensifying efforts to secure its technology supplies since Edward Snowden’s revelations in 2013 about the US government’s use of American products for espionage. US trade groups and other critics have said that China is using security issues as a way to favor domestic tech companies.”
The issue of cyber security threats in Asia is not going away fast. Earlier this year, security software company BitDefender ranked India, Indonesia, China, Vietnam, and Thailand as the top five cyber-security risks in the region.
Last year, Microsoft named Thailand as one of the top 25 malware-infected countries out of the 200 surveyed across the globe. A senior Microsoft executive also pointed to Asia Pacific as the most actively targeted region for online crime. Just last week, ATMs in the Kingdom were hacked using new malware called Ripper, with over $350,000 stolen in the heist.
FireEye, who exposed the Ripper malware, also points fingers at India in earlier research, claiming that about 24% of Indian organizations were exposed to advanced threats, compared with 15% globally. A recent study by the Indian Computer Emergency Response Team (CERT-In) confirms this with findings that India has seen a 350% surge in cyber crime cases from 2011 to 2014.
The combined findings of cyber security research firms all conclude with a similar statement; Asian companies and governments need to do a lot more to combat the ever increasing threat of cyber-attacks within the region.