As the year 2024 draws to a close, cybercriminals appear to still have an edge over cyber-defenders. What’s new and what should we do about it?

2024 marks a year where CISOs and cybersecurity vendors are finally all agreed that all the security tools, solutions, strategies, approaches and expertise together still cannot prevent cyber breaches.

Bad actors are getting more organized, tools and techniques are getting more sophisticated, and AI-powered threats are on the rise.

CybersecAsia discussed with Jess Ng, Country Head, Singapore and Brunei, Fortinet, what’s been developing in the region and what we can do about it.

Botnets and malware have also evolved, with threats like AndroxGh0st focusing on credential theft and Prometei targeting lateral movement and cryptocurrency mining. At the same time, attackers are increasingly exploiting vulnerabilities in IoT devices, many of which have outdated security protocols, broadening the attack surface.

A growing trend is the use of “living off the land” tactics, where attackers leverage legitimate productivity and office tools for malicious purposes, blending their activities with everyday business operations. Additionally, cybercriminals are deploying open-source administration tools to facilitate their attacks, making detection even more challenging.

The integration of AI is accelerating the pace of these attacks, enabling automated vulnerability scanning, AI-powered phishing campaigns, and the creation of polymorphic malware that evades traditional detection methods. This increased sophistication allows attackers to act faster and more effectively, posing a serious challenge for organizations to stay ahead.

Tell us more about deepfake technology and how it is affecting APAC?

Ng: Deepfake technology is becoming a significant concern globally, including in APAC, as it enables cybercriminals to convincingly impersonate individuals, including public figures. This makes it increasingly difficult to distinguish real from manipulated content.

We have already seen several high-profile incidents involving disinformation scams, where deepfake videos or manipulated messages mimic trusted sources like news outlets, health organizations, and celebrities. Recently, deepfakes of celebrities have been used to promote fraudulent investments, treatments, and online gambling, further blurring the lines between fact and fiction.

Beyond investment fraud, deepfakes are now used in business email compromise (BEC) scams, where AI-generated voices mimic executives to deceive employees into transferring funds or disclosing sensitive information. Synthetic Identity Fraud is also on the rise, combining real and fictitious information to create fake identities for financial fraud and extortion. A new threat, Deepfake Ransomware, uses fabricated blackmail videos to extort victims, causing immense emotional and financial harm.

The growing sophistication of deepfake scams underscores the need for increased public awareness and stronger verification processes, especially in financial and business transactions. For example, the Singapore government is taking action, with Prime Minister Lawrence Wong and Senior Minister Lee Hsien Loong publicly warning against scams involving their deepfakes.

What steps can individuals and organizations take to combat and protect themselves from deepfake technology?

Ng: To protect against the rising threat of deepfake technology, individuals and organizations must implement robust verification processes. Multi-factor authentication (MFA) and cross-verifying sensitive requests through multiple channels can help prevent falling victim to scams, especially those involving financial transactions or confidential information. Ensuring that communication requests are authentic before acting is key to mitigating risks.

Employee training and awareness are essential in the fight against deepfakes. Regular education sessions can help staff recognize the signs of manipulated content and foster a culture of scepticism around unusual requests, even if they appear to come from trusted sources. Informed employees are a critical defence against deepfake-driven scams.

Organizations should also invest in AI-powered detection tools that can identify manipulated audio and video content. These tools, when updated regularly, can stay ahead of evolving deepfake technology and help mitigate its impact. Strengthening cybersecurity systems like Endpoint Detection and Response (EDR) and Intrusion Prevention Systems (IPS) can further bolster defences against deepfake-related cyberattacks such as phishing and ransomware.

Raising public awareness is also crucial. Educational campaigns that inform individuals and businesses about the dangers of deepfakes will make it harder for scammers to exploit unsuspecting victims. Public vigilance is key in minimizing the effectiveness of deepfake scams.

Finally, stronger legal and regulatory measures are needed to combat the malicious use of deepfake technology. Governments should enforce stricter penalties for those creating and distributing deepfakes for fraudulent purposes, ensuring that there are real consequences for misuse.

How can stakeholders encourage transparency about vulnerabilities in product development?

Ng: Transparency is crucial for maintaining trust in cybersecurity, yet there are some instances where organizations hesitate to disclose new vulnerabilities. To foster transparency, stakeholders should implement industry standards and regulatory frameworks that promote responsible disclosure.

Bug bounty programs can encourage ethical reporting, and collaboration between vendors, cybersecurity experts, and agencies can ensure shared threat intelligence. Increasing awareness and education around vulnerability disclosure will help build a more open and secure digital ecosystem.