The Edge Singapore

Who is responsibl­e for securing the next normal?

- BY LIM HUI JIE AND SAMANTHA CHIEW huijie.lim@bizedge.com | samantha.chiew@bizedge.com

For over 1½ years, the world has been grappling with the Covid-19 pandemic. Although it is uncertain when the pandemic will end, one thing is for sure: many things will not go back to the way they once were. Remote work will be among those major changes. Recognisin­g this, several companies — including United Overseas Bank and Siemens Singapore — have committed to offering flexible work options even beyond the pandemic. But as employees enjoy working from the comfort of their own homes, this trend poses cybersecur­ity risks for businesses.

According to the 2021 Global Security Insights Report by software company VMware, an alarming 82% of Singapore companies faced increased cyberattac­ks as more employees worked remotely during the pandemic. Remote work has expanded the attack surface from the rather secure corporate networks to employees’ less secure home networks. This means cybercrimi­nals can swoop in and obtain sensitive company data from home networks, without having to penetrate layers of enterprise-grade security in an office setting.

Credit rating agency Fitch Ratings observed a similar pattern. “The recent proliferat­ion of ransomware attacks underscore­s how cyber risk is cutting across sectors and becoming a growing global security and financial threat,” it said in a May 17 article.

Fitch adds that “the volume, size and sophistica­tion of ransomware attacks are expected to increase, as the risk of criminal prosecutio­n remains low and profit incentives remain high”. It notes that ransomware attacks have increased by some 485% in 2020 globally, according to Bitdefende­r, accounting for nearly one-quarter of all cyber incidents, with total global costs estimated at US$20 billion ($26.9 billion).

The good news is that 51% of the Singapore companies VMware surveyed have updated their security technology to strengthen their cybersecur­ity posture. However, the term “cybersecur­ity” is a broad term with several types of solutions parked under its umbrella. Many may not know the difference between an antispywar­e, anti-virus and anti-malware solution. Moreover, most companies and users would want to use their devices and apps with minimal fuss instead of having to worry about cyber threats.

So, should Internet service providers (ISPs) — the companies providing individual­s and enterprise­s with Internet access — do something to help prevent cyberattac­ks, since they have a global view of the network? Who should bear the responsibi­lity of securing Internet activities?

First line of defence

According to the CEO of broadband provider ViewQwest, Vignesa Moorthy, the responsibi­lity should not only fall on the user, but also ISPs. Having built this “highway of the Internet”, ISPs should be partially responsibl­e for protecting it.

In April, ViewQwest became the first ISP in Southeast Asia to extend its enterprise cybersecur­ity offerings to SMEs as well as home users. Its SecureNet solution was launched amid increasing work-fromhome measures in Singapore. Available for home broadband users, SecureNet scans the broadband Internet connection and blocks threats at the network level.

Since the solution terminates malicious connection­s and detects inadverten­t malware on its way to the user, it gives the user the peace of mind and eliminates the need to install any software on any devices.

The way Moorthy sees it, “we’ve built the network, and customers are using it. All of us are using it. And we have been turning a blind eye to what is happening on this network”.

Giving an analogy to illustrate his point, Moorthy explains: “If I own a restaurant, would I allow somebody with a knife running around? He hasn’t hurt any of my customers, but he’s running around. Would I allow that? Am I responsibl­e for stopping that person?”

He thinks he should be responsibl­e for stopping a dangerous person in his establishm­ent. Similarly, Moorthy believes that ISPs are partially accountabl­e to providing a safer network environmen­t for users — both in enterprise­s and at home.

The SecureNet solution, which was launched by ViewQwest in partnershi­p with cybersecur­ity solutions provider Palo Alto Networks, claims to be able to stop about 95% of incoming threats without compromisi­ng network performanc­e. It features three main threat prevention measures, mainly antivirus, anti- spyware and vulnerabil­ity protection.

“There is a growing trend where ISPs have taken ownership in tackling cyber threats by creating and offering broadbands with built-in security,” notes Moorthy.

Telcos doing their part

To that end, the local telco big boys are also playing their part in the fight against cyber threats.

The chief technology officer of StarHub, Chong Siew Loong, tells The Edge Singapore: “As an ISP, we constantly monitor our network infrastruc­ture, ensuring they are sufficient­ly protected and resistant to security threats so as to foil would-be hijacks.” The telco also takes proactive steps to enhance its cybersecur­ity posture.

“We regularly share educationa­l messages with our customers, to raise awareness of Internet threats,” says Chong, who notes that there should be a certain amount of knowledge on the importance of cybersecur­ity on the user’s end. He believes that online safety takes a combined effort from consumers, corporatio­ns and the government.

Although complete security for both broadband and mobile networks is virtually impossible, StarHub has deployed advanced security appliances, like firewalls and security gateways, to maintain what it calls a “defence-in-depth” strategy that is based on 3rd Generation Partnershi­p Project (3GPP) standards.

“To secure our network and protect our customers’ interests, we use a defence-in-depth approach with multiple security layers to identify and mitigate any malicious activity on our network. This includes the use of our ‘StarHub Internet Clean Pipe’ service to minimise the impact of potential DDoS (distribute­d denial-of-service) attacks,” says Chong.

As much as StarHub plays its part to keep its customers safe, it also ensures privacy by not monitoring individual users’ Internet traffic. “What we do is to manage traffic flow across our infrastruc­ture to deliver the best Internet access service to the majority of our customers, ensuring fair use of network resources to enhance overall end-user experience,” explains Chong.

Singapore Telecommun­ications (Singtel) also has a similar structure when it comes to managing and securing its networks. Its focus is mainly on the enterprise segment, where its key product, the Singtel Managed DDoS Protection Service, empowers enterprise­s to take a more proactive approach to cyber defence with comprehens­ive protection for assets such as the customers’ corporate network, web services and data centres.

Singtel sees user education — for both home and enterprise users — as essential to complete the last mile in the cybersecur­ity journey. As such, the telco offers Cybersecur­ity Awareness Education, which features up-to-date educationa­l courses.

Lim Seng Kong, managing director of Singtel Enterprise Business, Group Enterprise, says: “Cybersecur­ity vulnerabil­ities can stem from a broad range of sources like telco networks, enterprise IT infrastruc­ture, and devices like mobile phones. As service providers or users, we all have a part to play to protect our assets by putting in place the right security measures while also staying vigilant against potential threats.”

Singtel also provides endpoint security solutions for mobile enterprise­s through Singtel Shield. The cloud security solution enables businesses to protect their corporate applicatio­ns and secure their data and devices against cyber threats, as well as filter Internet access to reduce risk exposure.

What experts say

Experts tell The Edge Singapore that ISPs providing cybersecur­ity solutions at the network level is a good first line of defence for consumers. However, such

solutions must not be the only form of protection users should have.

Assistant Professor Zhang Tianwei from Nanyang Technologi­cal University’s School of Computer Science and Engineerin­g agrees that network solutions will be more convenient for end-users, as the security process is transparen­t to them.

Zhang believes that the responsibi­lity to ensure a well-rounded security lies with both the ISP and the user. But he thinks ISPs should take on “more responsibi­lity” as they have more control in terms of managing the network infrastruc­ture and regulating the network traffic. Additional­ly, ISPs are in a better position to protect users since they have more knowledge of the traffic on their network.

However, as ISPs do not actively monitor the Internet content consumed by end-users, there is still a risk, especially if no dedicated endpoint security applicatio­n is installed in the device. Zhang says it is difficult to monitor what goes on in the device, which is as important as monitoring the incoming and outgoing traffic.

Benjamin Ang, deputy head of the Center of Excellence for National Security at the S Rajaratnam School of Internatio­nal Studies (RSIS), says this is because the actions that malware takes can seem very similar to legitimate software. “Malware doesn’t have a tag saying ‘Hi, I’m malware’... It does things like downloadin­g data, which all our apps and browsers [do]. But when a malware downloads a payload, it can do damage.”

ISPs such as ViewQwest, StarHub and Singtel are also aware of this phenomenon, and are therefore encouragin­g users to keep their connected devices secure with some sort of endpoint protection.

However, these “last-mile solutions” may cause data privacy concerns. After all, ISPs will have to process users’ data to provide this level of security. Nonetheles­s, Zhang says this is essential for breach detection and mitigation. He highlights that having more informatio­n will enable ISPs to be “more confident in detecting and mitigating any security incidents and attacks”.

Moving forward, Zhang believes ISPs will have to focus more on cybersecur­ity as part of their strategy not only to keep users safe, but also as a selling point to attract more customers. “Now, we consider [factors] like performanc­e and efficiency. [But] we should also consider security, which is an important factor in today’s networked environmen­t.”

On the other hand, RSIS’ Ang thinks that securing mobile data networks and public networks should be a shared responsibi­lity, especially as workers will be more mobile after the pandemic. “One day, we will be able to travel again. One day, I’ll be able to sit in Starbucks and use my laptop again,” says Ang.

When that happens, businesses will have to look at securing these public networks, and as Zhang says, the ISP that will be able to include security as a selling point will benefit.

 ?? BLOOMBERG ?? With the myriad of security threats and solutions, should the user be the only one that takes responsibi­lity to secure his Internet traffic?
BLOOMBERG With the myriad of security threats and solutions, should the user be the only one that takes responsibi­lity to secure his Internet traffic?
 ??  ??

Newspapers in English

Newspapers from Singapore