Besides the COVID-19 pandemic, carried over from 2020 and 2021, what could be the next “pandemic” that would impact businesses in Asia Pacific in 2022 and beyond?

Welcome to the data-driven cloud era! Operating in the digital economy – and largely cloud-based environment – comes with its own set of challenges.

Despite the best efforts of governments, organizational CISOs and their cybersecurity teams, and cybersecurity solution providers, cyber-attacks have been on the rise. APTs, ransomware and DDoS attacks continue to threaten governments and businesses – with greater sophistication, speed and scope.

As we enter the last quarter of 2022, CybersecAsia takes a look at the cybersecurity trends in the region in this interview with Cheah Wai Kit, Senior Director, Security Practice, Asia Pacific, Lumen Technologies.

In the current cyberthreat landscape, what are the most common types of risks and cyber-attacks Lumen has observed in the Asia Pacific region?

Cheah Wai Kit, Senior Director, Security Practice, Asia Pacific, Lumen Technologies.

The threat landscape continues to evolve and expand. The number of cyber-attacks has further increased in 2021, with ransomware growing exponentially since 2019, making it the most common type of cyber-attack on record. There are many examples of large enterprises making huge payout of ransom and the irony is that these payments incentivize the ransomware attackers to be bolder. It was also found that most of these attacks and breaches were due to compromised or stolen credentials.

As worldwide cloud adoption increases, there is an emerging trend of attackers leveraging cloud-based virtual machines (VM) in a fraudulent way to significantly boost their attack capabilities and launch DDoS attacks – this is a key insight within our latest Quarterly DDoS Report. In such scenarios, cybercriminals mask their acquisition and control of cloud-based services through compromised VMs/hosts or anonymizing services.

In fact, DDoS attacks are getting shorter with 72% of attacks under 30 minutes in duration. Recently, Lumen prevented a 1.06 Tbps attack from disrupting its intended target, a gaming service hosted by a telco, where UDP-based traffic was observed to have originated from 1,400 unique virtual machines/hosts, lasting about 12 minutes.

Cyber-attacks on businesses continue to rise in severity and prevalence. There was a significant volume of phishing, smishing and vishing attacks and BEC (business email compromise) attacks. These are increasingly automated using bots and software. We have seen techniques and tactics of these attacks growing in sophistication across the region.

For example, cybercriminals have also increased the use of probing small-scale attacks to identify potential victims while looking for an entry point. Some attackers even use mass small-scale attacks to distract IT teams while they launch a more nefarious campaign elsewhere in the organization

What are some key cybersecurity trends for the rest of 2022 and beyond?

We live in an increasingly digitized and connected world today. We are surrounded by smart TVs connected to the Internet, and other consumer products like IP cameras, smart doorbells, robot vacuum cleaners controlled by apps, networked printers, and even children’s toys. Unfortunately, many of these Internet of Things (IoT) devices’ owners, whether in a consumer setting or commercial use, fail to apply updates and sometimes fail to disable default settings or default logins.

These vulnerable IoT devices are contributing towards an army of compromised devices, collectively referred to as botnets, delivering billions of ransomware, malware, phishing, spam emails, or used to launch DDoS attacks all over the world. These armies of botnets will continue to grow as our world becomes more digitized and littered with IoT devices.

As corporate networks converge, critical operational technology (OT) infrastructures of heavy industries, energies or utilities, and petrochemical industries will increasingly become an agenda in risk committees and board meetings. In the past, OT networks were often air-gapped from IT networks. However, that is no longer true as these networks are beginning to converge through digital transformation. The resulting outcome is that cyber risks which traditionally impacts IT infrastructure and networks are now posing a risk to OT networks too. The challenge most organizations will face is the scarcity of OT talents who understand industrial control systems and cybersecurity.

While the above poses new risks, ransomware will continue to relentlessly seek and compromise corporate assets and disrupt businesses. Likewise, there will be countless phishing emails, scam messages, social engineering attempts, and insider threats. All these will just be compounded by new zero-day vulnerabilities. In light of all these risks, it is extremely crucial for organizations to have a robust cybersecurity posture in place, with threat intelligence to mitigate the occurrence of such attacks.