Malware-enabled scams have increased significantly in APAC, along with the growth in volume and sophistication of cyberthreats in the region.
As organizations in the Asia Pacific (APAC) region embrace new, emerging technologies – such as hyperconnectivity, AI and quantum computing – to stay competitive, they find themselves having to also continually invest in enhancing their cybersecurity capabilities to combat escalating cyberthreats.
In Singapore, for instance, the government has announced that it will be spending $3.3 billion on technology to mitigate cyber risks in 2023. Despite being one of the most digitally advanced countries in the APAC region with a ranking of number 2 in the National Cybersecurity Index, and having one of the best infrastructure and legislation in place to deal with cyberthreats, Singapore still ranks sixth globally for the highest number of exposed databases.
This trend underscores the vulnerability of data in the region on the frontline of targeted attacks. What should be our first and last lines of defense? What roles do governments, financial institutions and consumers play to ensure better cybersecurity in an interconnected world?
CybersecAsia discussed these issues and more with Chris Cruz, CIO Public Sector, Tanium.
How serious is the threat of malware-enabled scams in the APAC region? In APAC, do you see any trends of malware-enabled scams?
Chris Cruz (CC): I think malware is obviously a big issue because malware is tied to a lot of encrypted code and things of that nature. And, many times, it goes undetected. So, it’s very common for malware to come into an organization and then stay within the network for some time. In addition, malware can spread to other parts of the organization’s applications to cause some material defects in your software.
And that’s becoming more prominent. A lot of times it’s attached to keylogging capabilities or other capabilities that folks are using to slip into the backdoor to make the attack more impactful.
I see a lot of malware-enabled scams on the rise here in the APAC region – and it’s on the rise everywhere else. Because it’s an easier way get inside of software code, penetrate a network, and intrude through an “unlocked backdoor”, so to speak. So I see that it’s more prevalent, and it’s on the rise in APAC as well, because they think folks don’t have the proper sniffer tools in place to address it, manage it, and mitigate it appropriately.
I see it as an ongoing problem here. I think most organizations need to have the proper visibility management control upfront of their endpoints to be able to address some of those issues that come in.
Several banks in the region have recently rolled out greater controls that restrict user access to their apps, to guard against malware-enabled scams. What other measures will likely be rolled out in the near future, given how serious malware-enabled scams are in the region right now?
CC: The biggest measure is ensuring that you have multi-factor authentication so people can authenticate when they come into the network. Or, with ATM cards and things like that, there’s a certain amount of encryption involved in those cards to decode some of those issues where scammers come in and commit fraud or to get into bank accounts relatively undetected.
There are certain technologies we can use now with the ability to address these issues. And I know most financial institutions are taking the necessary preventative care mechanisms to address and mitigate those types of challenges.
What it comes down to is at your point of entry. With these financial transactions that happen, having the necessary visibility management control of your endpoints and your devices to be able to determine who’s doing what, by when, and being able to get in and identify what those credentials are to make sure people aren’t committing fraud and misrepresenting other people’s information.
Right now, we’re in the process of looking at POCs and getting involved in banks to talk about risk mitigation components and how we can provide fair equitability and some efficiencies with what our tool or platform does. Tanium works with a lot of financial institutions across the world, and we can take those same standards and mitigation components and apply those here to Singapore financial institutions.
Other than luring users to download malicious apps, what are some other ways scammers are gaining access to banking accounts illegally?
CC: A lot of scammers now have decoders. And they’re able to take information off your credit cards and devices, whether it be in your personal possession or not, and get the right access to your bank or credit cards undetected.
Having a necessary ounce of prevention is worth a pound of care, preventative-based components in place to manage your credit cards, ensure that you’re restricted offline so when you authenticate into a network or do financial transactions online, it’s a secure network. There are also third-party capabilities like multi-factor authentication to ensure at the point of entry that you’re managing and mitigating those risks.
But the big issue I’m seeing is the scammers decoding credit card transactions and other things, not only at financial institutions, but where you put your card in, whether it be at a gas station, a grocery store or other EBT capabilities. They’re still hitting those up and you need to make sure those transactions are secure.
What are the methods that some banking consumers might use to guard against scams that are not foolproof and will still make them susceptible to scammers?
CC: I think what you (as a consumer) need to really do in terms of the scamming capabilities is just go into your financial institution/your bank and talk about what are the preventative-based mechanisms.
What do they have in place for security? On your cards, understand what that level of security is. But I will say the best way to do things is to go into the bank and do financial transactions in front of people. That increases the amount of security and lessens your risk of putting your card into an automation capability where somebody could be stealing your credentials and your personal information.
So until we get to a level of maturity on the front end with these cards or some type of additional security capabilities, we’re still somewhat at risk of having our credentials and our information stolen.
Why is collaborative cybersecurity key to better protection in the financial sector? How should governments, banks and regulators collaborate? What role should other businesses and consumers play in such a collaborative environment?
CC: There needs to be sustained, repeatable solutions in place – and core standards. For incident response and recovery, core technology that we’re using to manage those types of situations and sharing of information in a collaborative way amongst the financial institutions on how they’re seeing the types of scams, developing database capabilities on who these potential hackers are and the types of symptoms that they’re seeing across these institutions.
The more that we can share that information in a common database and leverage best practices and lessons learned, the better we’re going to be in addressing this. Not just on a regional basis here in Asia, but across the globe.
The role that banks can play with the customers is notification – providing a level of detail on putting a prudent business case together, identifying what possible scams are out there, how to go about addressing and managing those, and then identifying what those risks, and threat factors are, so you have that additional information to make intelligent and key decisions.
Sharing that information with customers helps them become a single point of focus and addresses cybersecurity issues and opportunities at the same time. So, a competent and aware customer is somebody who’s going to mitigate risk and pay particular attention not to be careless about the use of their financial cards or other transactional capabilities.
Sharing that information, having it in a repository, having an incident response and management plans, with the bank providing monthly updates to you on what they’re doing with scammers and cybersecurity risks, give you the necessary information to make the right types of decisions that will help limit your liability and risks.
Having a level of transparency and being straight up and honest with your customers – about what are the issues, what are you seeing, and how you recommend addressing them – is important.
Transparency builds trust. And I always say, if there’s a problem, identify what the problem is, disclose the problem, and tell your customers how you’re going to address it to make sure it doesn’t happen again. These are best practices that everybody should abide and follow to better leverage your cybersecurity investments.