A continuous fight against cyber threats
We’re up against an uncertain future when it comes to cyber threats as the attacks can be very unpredictable given the rate of techn evolution.
Symantec Malaysia deemed that we face a new era of cyber crime, predicting a range of widereaching, fearful threats that are very realistic, based on past threats and current technologies in a recent statement.
It noted that rogue nation states could finance themselves by stealing money online.
“There is a dangerous possibility that rogue nation states could align with organized crime for their personal gain, such as what we saw in the SWIFT attacks. This could result in down time for countries’ political, military or financial systems,” it explained.
It also pointed out that fileless malware could increase while we could also see an increased on phishing sites using HTTPS.
New technologies such as drones and Internet of Things (IoT) devices also pose new threats and new vulnerabilities that cyber criminals could manipulate.
“This could be seen in 2017, but is more likely to occur further down the road. By 2025, we can expect to see ‘dronejacking’, which will intercept drone signals and redirect drones for the attacker’s benefit. Given this possibility, we can also expect to see anti-drone hacking technology being developed to control these devices’ GPS and other important systems.
“Connected cars will be taken for ransom. As cars start to have connected capabilities, it is only a matter of time until we see an automobile hack on a large scale. This could include cars being held for ransom, self-driving cars being hacked to obtain their location for hijacking, unauthorised surveillance and intelligence gathering, or other automobile-focused threats.
“This will also lead to a question of liability between the software vendor and automobile manufacturer, which will have long-term implications on the future of connected cars,” it highlighted.
Aside from that, it warned that IoT devices in the enterprise could increase points of exposure as beyond looking simply at computers and mobile devices for vulnerabilities, incident response teams would need to consider thermostats and other connected devices as jumping points into the network. Similar to how printer servers were used for attacks several years ago, nearly everything in an enterprise is now connected to the internet and will need to be protected.
In the hacking realm, ransomware, as we could see today, could be a huge issue we face this year.
Symantec Malaysia believed that aside from personal computers, ransomware could find its way to attacking cloud systems.
“Given the significant shift towards cloud-based storage and services, the cloud is becoming a very lucrative target for attacks. The cloud is not always automatically protected by firewalls or more traditional security measures, so there will be a shift in where enterprises need to defend their data.
“Cloud attacks could result in multi-million dollar damages and loss of critical data, so the need to defend it will become even more crucial,” it said.
Meanwhile, Barry Johnson, country manager (Malaysia) of International Services & Solutions, BAE Systems Applied Intelligence, pointed out that data breaches and cyber attacks are unfortunately very common today and it’s no longer the case of if an organisation will be attacked, but when.
“In today’s hyper-connected world, vulnerabilities are becoming increasingly sophisticated, targeted and difficult to detect. Hence, it is important for businesses to be continually thinking of what they can do next so as to stay ahead of the cyber threat,” he said.
He added, “In the battle for talent and the need to get more out of scant cyber resources, leaders will increasingly turn to gamification to engage with their teams and supercharge innovation.
“In 2017, the volume of personal data being stored and shared throughout the private sector, and between government departments, will continue to increase. As this happens, data privacy will become an increasingly critical discussion topic as the public starts to comprehend how their data is being used, and there will be a continuing tension between privacy and a frictionless customer experience.
“We predict 2017 will see the end of the age of innocence for senior business leaders and boards faced with cyber attacks; we will see more executives being held to account for security failures.”
Therefore, he pointed out that no longer could any internetconnected system be expected to be 100 per cent secure, and no longer could businesses get by without proper investment in cyber defence.
“However, companies will also realise they needn’t view security and privacy as a compliance burden, but as an opportunity to win the trust of their customers and differentiate themselves in the market.
“Just as we have agreed measurement standards for the health of the economy or vital services like education, we predict 2017 will see cyber security readiness measured in a more standardised way in a growing number of countries, and in a more all-encompassing manner; across more industries, threat vectors and data points,” he assured.
However, he pointed out that what that measurement looks like is a question industry, government and the wider business community must work out together.
For Sarawak, the state has taken a step forward in ensuring that a proper system is in place before pushing its digital economy forward.
In April this year, during a study tour to UK and a visit to BAE Systems headquarters in London, Chief Minister Datuk Amar Abang Johari Tun Openg stressed that it is imperative for Sarawak for Sarawak to establish a cyber-security defence system to ensure that the state’s digital economy stays safe, secured and reliable.
“We must have a state-ofthe-art cyber security defence system to insulate our systems from cyber attacks from outside as well as inside perpetrators,” he emphasised.
“There is a dangerous possibility that rogue nation states could align with organized crime for their personal gain, such as what we saw in the SWIFT attacks. This could result in down time for countries’ political, military or financial systems.” Symantec Malaysia