Hackers stepping up attacks on South-east Asia's govt organisations, companies: Security provider

(Bloomberg) - Hackers have stepped up their attacks on government organisations and companies in South-east Asia and made the region one of the most targeted in the world amid heightened regional tensions, according to security provider FireEye.

Disputes over territorial waters and ongoing trade talks mean that organisations in the region were 45 per cent more likely to be targeted than the average for rest of the world, FireEye wrote in a report released on Thursday (Oct 1).

The security firm looked specifically at sophisticated cyber attacks, those typically used by governments or professional criminal organisations, rather than amateur efforts.

"A lot of it is intelligence gathering surrounding border disputes and trade negotiations," Mr Bryce Boland, chief technology officer for Asia-Pacific at FireEye, said by phone on Thursday.

Companies and governments in South-east Asia bear some responsibility themselves, he said. The threat is more intense because victims are not required to report or share details of attacks, so there is typically no coordinated effort to develop best practices and mount defenses.

"When a company gets targeted, other companies generally will not find out about it, because there's no disclosure and therefore other companies will remain vulnerable," Mr Boland said in a separate interview on Bloomberg television today.

Thailand, where political tensions have risen, was twice as likely as the global average to see attacks in the first half of this year, according to the report. The report comes after the US and China, which have traded accusations about intelligence-gathering efforts online, agreed last month to curb commercial hacking.

Security breaches cost the global economy more than US$400 billion (S$570 billion) annually, the Center for Strategic and International Studies estimates, with Asian countries among the most hurt as a percentage of their respective gross domestic products.

Outside of South-east Asia, Hong Kong and Taiwan were the most at risk during the period, with around half of organisations exposed to attacks, FireEye said, without identifying victims or perpetrators.

Telecommunications, technology and financial services companies and government organisations were the most targeted in the Asian region, it said.