Checking out a basket of groceries at an online store using cashless payment has become second nature to many today, especially with the accelerated adoption of e-commerce during the pandemic. Yet behind the scenes, this seemingly simple task is fraught with potentially devastating cyber security risks.
For a transaction to go through without incident, there has to be cyber security set up at multiple stages or layers.
For one, the online store is a genuine site. The credit card is used by its rightful owner. The buyer, on his or her part, has to trust that the transaction is secure and his details are kept safe.
The IT infrastructure that is used by the shop, for example, has to be top-notch. If a hacker were to infiltrate that, he would be able to disrupt online transactions and potentially even steal user data.
This was what happened to scores of companies in July, when Kaseya, a supplier of IT management services, was hit by hackers. Those that depended on Kaseya to manage their IT infrastructure were hit as well, resulting in their customers being unable to transact with them digitally.
That big corporations and governments are only as strong as their weakest link is especially clear in recent months, with the discovery of high-profile attacks made governments and businesses realise that cyber security goes hand in hand with digital transformation.
Late last year, SolarWinds, a supplier of network monitoring software that was used by thousands of organisations around the world to manage their networks, had its systems hacked.
Through this, the cyber attackers went on to install malware on the systems of some of its high-profile customers, including US government agencies.
Third-party IT suppliers being targeted
This year, hackers have also targeted cloud providers, who supply the IT infrastructure for much of today’s digital services, aiming to steal data and spy on their customers.
Though such supply chain attacks are hard to pull off, because of the complexity involved, each successful attempt could affect multiple organisations simultaneously in a “chain reaction” of sorts.
“Supply chain attacks are highly impactful to criminals because they turn your IT infrastructure against you,” says Ms Eva Chen, co-founder and chief executive officer of Trend Micro. “In the past we looked for clues that software had been tampered with or exploited.”
“Now we must use machine learning and AI technology to monitor even trusted software that it is not behaving in ways that indicate it has been tampered with earlier in the supply chain,” she explains.
In Singapore, the Cyber Security Agency of Singapore (CSA) has also warned of the threat from supply chain attacks that have affected organisations connected to some of the largest IT suppliers in the world.
To deal with such threats, there is a need to constantly monitor for anomalous activities and behaviour within networks, the government agency recommended in an annual cyber security report released in July.
In the longer run, a “zero-trust” model would be crucial to enhancing organisations’ cyber security posture against similar threats, it added.
This calls for users to be authenticated whenever they access a digital asset, say, a file or database even if they appear to be doing so within the office network.
“There’s no magical wand that finds backdoors in the software that we all purchase and trust,” says Mr Steve Ledzian, vice-president and chief technology officer for Asia-Pacific at FireEye Mandiant.
To stand a chance, he stresses, organisations need a network that is pre-wired for investigation such as capturing as much data as possible, and having forensic software already deployed for that purpose.
Prevention is the best strategy
Stronger identity and data management will be critical in the years ahead, not just to prevent sophisticated supply chain attacks but also the more common scourge of ransomware and phishing attacks that are routinely carried out by criminal gangs.
These two types of threats were also on the radar of CSA’s report, as they continue to disrupt and threaten individuals and organisations in Singapore and around the world.
In Singapore, there were 89 ransomware cases reported to CSA in 2020, a sharp rise of 154 per cent from the 35 cases in 2019.
Instead of indiscriminate, opportunistic attempts, ransomware attacks have evolved into more targeted “Big Game Hunting (BGH)”, that is, targeting large businesses in hope of higher ransom pay-outs, CSA has warned.
Key to improved cyber security is collaboration. For example, gaining insights from the experience of other organisations that have faced cyber attacks would enable one to better prepare one’s defences.
“A complacent and compliance mindset that is not focused on security outcomes is a major problem,” says Mr Lee Fook Sun, chairman of Ensign InfoSecurity. “And, it need not be prohibitively costly to implement a clever cyber defence system that is effective if we are focused on the security outcomes that we want to achieve.”
To discuss supply chain attacks and the latest in cyber security, some of the world’s foremost experts, from both the public and private sectors, will be speaking at the GovWare Conference from Oct 5 to 7 this year.
Mr Yuval Illuz, group chief information security officer and chief operations officer, Trust, Data & Resilience, Standard Chartered, will share his experiences at the event.
Other highly respected speakers in the industry include:
- General (Ret) Keith Alexander, founder, chairman and co-chief executive officer of IronNet Cybersecurity
- Mr Tim Brown, chief information security officer of SolarWinds
- Ms Eva Chen, co-founder and chief executive officer of Trend Micro
- Mr Lior Div, chief executive officer and co-founder of Cybereason
- Mr Lee Fook Sun, chairman of Ensign InfoSecurity
- Mr Kevin Mandia, chief executive officer of FireEye Mandiant
GovWare Conference 2021 welcomes cyber security practitioners, business leaders and policymakers from around the world to tune in online and address this year’s theme “Living with Covid-19 - Reimagining Digital Security Risks and Opportunities”, together. Registration is complimentary.
GovWare is the anchor industry trade event at Singapore International Cyber Week (SICW), organised by the Cyber Security Agency of Singapore (CSA), since SICW’s inception in 2016.
“Today, the world is living in an age of rapid digitalisation, accelerated by the Covid-19 pandemic,” says Mr David Koh, chief executive of CSA. “At the same time, we have to grapple with the attendant downsides of digitalisation: increasingly frequent and complex cyber risks and threats posed by cyber threat actors.”
“We are heartened that GovWare continues to share our vision of fostering crucial conversations among stakeholders to address these challenges and pursue innovations to capitalise on the new opportunities brought about by digitalisation,” he notes.
- Find out more about GovWare Conference 2021 here.