From the stolen data from the Democratic National Committee in the United States to cyber-attacks on power grids in Ukraine and Bangladesh’s central bank heists, cybersecurity risks have escalated enormously in recent times.
Individuals, companies, and governmental bodies are equally vulnerable around the globe; however, cybersecurity professionals are of the opinion that Asian countries are most susceptible to such cyber-attacks.
Professionals told CNBC that there were numerous reasons exactly why Asian countries are the major targets for cyber-terrorist.
Potential, large victim to target
Housing almost 60% of the world’s human population, the total number of individuals connected to the World wide web in Asian countries is massive – approximately a billion individuals have an internet connection, with more than 50% of them in China.
Xinhua, China’s news firm, reported that China had 720 million online users as of July 2016, according to a public report from the CINIC (China Internet Network Information Centre).
A regional director at Microsoft’s Digital Crimes Unit, Keshav Dhakad told CNBC in his recent interview “There are lots of people active on the internet, doing business, doing social work, transacting and social media business.”
The necessity of increasing awareness towards cybersecurity and cyber threats
At the same time, professionals say, Asia’s level of knowledge towards cybersecurity and cyber-attacks was relatively lower than other continents, such as the United States of America and European countries.
Consequently, many organizations were less inclined to invest extra sources in protecting their technology system against additional breaches, and their response time to identify such breaches would be sluggish.
FireEye report confirmed that organizations take an average of 146 days to detect a security infringement, while in Asia, that figure is at 520 days.
The delayed reaction time meant assailants were more prone to become successful in stealing data without instant recognition and could possibly make a good return of investment, said Bryce Boland, a chief technology officer at FireEye.
Cyber assailants normally have to invest funds, effort, and time to create new types of attack, and their particular rewards are usually in selling the data files they steal.
Boland told CNBC, “If I invest US$10,500 to try to hack any company, and they keep finding me, I am not going to make any money back.” By staying undetected for a longer time, the same cyber-attack could be applied over and over again to steal information.
Insufficient disclosure legislation
In the United States and the European countries, when any company is violated, and their information is compromised, they’re legally required to report the problem or risk facing penalty charges.
“In Asian countries, it is different. It actually varies from state to state,” a strategic partner at law firm Pinsent Masons in Hong Kong, Paul Haswell told CNBC. “In Hong Kong, there’s no prerequisite under legislation to inform someone if there’s been a data infringement.”
This developed the conception that cyber violence in the area was relatively lower than those claimed in the United States and European countries, reported by FireEye’s Boland, although Asian companies were even more apt to be targeted.
V-Tech, a Hong Kong-based electronic toys company, said that data about at least 7.4 million kids and 5.9 million grownup clients was jeopardized due to a data infringement, in accordance with the Wall Street Journal.
“There was, in fact, no charges for them for not informing because they were needed to,” Haswell explained. He told that it was entirely possible that only 10-20% of the data breaches that occur in Asian countries are documented.
Not too long ago, the Singapore federal government publicized a new cybersecurity act that will certainly make it obligatory for firms in eleven critical information facilities groups to record cybersecurity events to relevant government bodies.
Many of these regulations, nevertheless, are still unusual across the broader region.
Utilization of unlicensed or outdated technologies
Perhaps the most common predicament in Asian countries that authorities pointed to was the usage of outdated technologies by many firms – both public and private.
Microsoft official, Dhakad, explained that it was important for government departments, individual users, and businesses to realize they can’t hold on to outdated technologies. “Most of these technologies were excellent at the time they were made.”
For instance, ATMs (automated teller machines) were susceptible to being compromised since they still depended on outdated os such as Microsoft Windows XP, which is actually threat-prone since Microsoft company ended service for it in 2014. That supposed Microsoft couldn’t launch any new security upgrades to protect the main system from new cyber threats.
Something that’s prevalent in Asian countries is the utilization of pirated or non-genuine software program, which research show cybercriminals are taking full advantage of.
A “cyberpunk” could, for instance, install adware and spyware – the universal term for malware – inside an outdated software. Whenever a person installed it on his or her laptop or computer, it could possibly skimp on the security of the system, and the nuller could obtain access to it. Malware can easily operate your system in even an offline state, which is, without a doubt a very sophisticated attack designed by the hackers.