Telecommuting, albeit comfortable, has opened up a dark pit where cyber monsters lurk to steal critical data. How do governments and organisations respond?
What is there not to love about the new telecommuting arrangements when you can work in your pyjamas and messy room, answer emails from your bed, wake up late, and take tea breaks as often as you like? Sorry, but there is one thing – cybercriminals poised to exploit this otherwise comfortable "work-from-home" (WFH) setup.
There is increasing evidence of cyberattacks and data fraud happening more frequently during the pandemic, as cybercriminals have been capitalising on the growing anxiety and vulnerabilities of remote working. Governments and businesses, witnessing a surge in attacks from the day the World Health Organisation declared COVID-19 a pandemic, understand that without cybersecurity measures, communities and cities can shut down and negatively impact national security, critical infrastructure, and the industry.
Digitalisation has proven its role in the 21st century during the pandemic, but not everyone is prepared for its takeover. Hence, many have fallen victims to cybercriminals. Becoming more dependent on email communications, employees also face the risk of phishing emails masked as official business communication, especially when their companies do not have sufficient Virtual Private Network (VPN) capabilities, standardised telecommuting policies, and secure mobile infrastructure, says Joanne Wong, Vice President for International Marketing at LogRhythm.
Like vultures, cybercriminals feed on people’s anxiety of the pandemic by posing as government or health officials to do phishing scams, preying on the opportunity opened by the dependence on digital technologies to spread awareness. Trustwave, a Singtel company, reports that fifty per cent of incidents they investigated were results of phishing and other social engineering tactics, a trend observed today with most attacks springing from promises of new information and updates about COVID-19, eventually succeeding to lure users given their increasing worry and fear.
Before COVID-19 was declared a pandemic, electronic crime (eCrime) actors were already capitalising on the outbreak, says Sherif El Nabawi, Vice President of Engineering for the Asia Pacific and Japan at CrowdStrike, finding a 330 per cent increase in eCrime this year.
It was called ‘Mummy Spider’, an eCrime actor using Japanese language spam spoofing a public health centre to distribute the Emotet downloader malware so users would download and install Wizard Spider’s TrickBot. Others sold COVID-themed tools, such as a phishing method disguised as a COVID-19 map.
Southeast Asia has yet to fortify its defences against cyber threats. Countries in the region find themselves popular targets of recent incidents, jeopardising citizens' personal data and national security. Even though some may not acknowledge the seriousness of the incidents, the stakes are undeniably high.
Still apprehensive about previous events that compromised thousands of medical records and personal data, Singapore, because of its intensive internet adoption, remains a favourite among hackers. From March to May this year, more than 1,500 malicious phishing URLs targeting the state were found, according to the Cyber Security Agency (CSA). In April, education institutions have become the newest targets. Students and teachers were seen as “softer targets” as they turned to remote learning and are less aware of advanced security protocols.
One of the top five countries in the world targeted by cyber threat actors, Malaysia, likewise, found a surge in cyberattacks at the start of its Movement Control Order, detecting 20 different coronavirus-related malware during the outbreak.
Recognising these threats and knowing that telecommute is here to stay even after the pandemic, governments and organisations respond accordingly. After all, becoming digital does not come without its worries.
How governments respond
Mitigating cybersecurity risks can be done through increasing awareness, providing opportunities, and partnering with private organisations, governments believe.
For one, CSA announced its plans to utilise television programmes delivered in multiple local languages and dialects, virtual talks, and videos to spread awareness on cybersecurity measures. The agency also published advisories and infographics for the public and businesses, including tips for safer remote working and online meetings. The threat follows in Malaysia, with the Ministry of Education introducing a National Cybersecurity Awareness Module to 300 schools.
Partnerships are also strengthened and forged. CSA acknowledges that "maintaining close ties with [its] foreign counterparts [and] exchanging best practices and information" on cybersecurity cultivate a culture of cooperation to build up cybersecurity measures further. The agency is set to organise the fifth edition of Singapore International Cyber Week (SICW) 2020 that focuses on “cooperation in a post-COVID future,” calling for a coordinated effort among stakeholders to protect cyber data.
Adequate opportunities and resources, too, are seen to improve a country’s cyber defences. The Singapore government plans to ramp up its cyber and data security capabilities over the next three years, committing S$1 billion to protect citizens’ data and critical information infrastructure systems. Additionally, the country’s financial industry will get S$250 million in the next three years to develop its cybersecurity capabilities, including the adoption of Artificial Intelligence (AI) technologies. These are parallel with Singapore's Smart Nation goal, thereby, recognising data security as a vital part of building a robust digital economy.
Other countries in the region are still held-up. In fact, a study finds that countries in Southeast Asia need to spend S$171 billion collectively from their gross domestic product to strengthen cybersecurity. While this might be a massive jump for some, it can create a more secure digital environment for the region.
How organisations respond
Organisations’ responses are somehow consistent with the government’s, both acknowledging investment, awareness, and collaboration as necessary components of their cybersecurity strategy.
LogRhythm, for instance, introduced a resource hub for businesses so they can access best security practices, especially at a time when most companies were caught off-guard with the rapid transition from physical workspaces to virtual ones. Trustwave Security Colony is Singtel’s Trustwave’s version. It is an on-demand resource library aimed at equipping organisations with knowledge about cybersecurity while working remotely.
Partnerships are likewise significant for cybersecurity firms. LGMS in Malaysia recently partnered with Austrian service provider TÜV Austria to launch a Cybersecurity Lab that aims to establish the country as a hub for cybersecurity testing and certification within the Asia Pacific.
Investments, too, can strengthen cybersecurity protection within businesses. In Thailand, for instance, a survey finds that investments in IT and cybersecurity systems have been growing despite budget restraints caused by the pandemic. Forty per cent of Thailand's companies are allocating half of their annual budget to cybersecurity protection.
Vendors have also introduced new tools to help protect clients’ data. LogRhythm’s Remote Workforce Visibility, for example, continues to assist businesses in their work-from-home arrangements, so businesses can still oversee their remote workforce environments, thereby allowing them to respond to cyber threats swiftly, says Wong. In Malaysia, Linkdood launched a communication platform where employees can safely store files and collaborate securely using private cloud technology.
Singtel’s Trustwave, on another note, has also developed a cybersecurity transformation approach by identifying four key pillars, a security-by-design approach, integration of risk incidents and crisis management, sharpening and building threat intelligence, and optimising security operations, which not only secures remote working arrangements but also secures organisations holistically and in-depth, promoting business continuity during and after the pandemic.
Meanwhile, vendors, like CrowdStrike, that have adopted remote working even before the pandemic ramps up its highly diverse workforce. With people working across the world, in different time zones and with varying expertise, the company is confident that every emergency will be dealt with appropriately by a group of experts, regardless of time and location.
What telecommuting has taught us is that cybersecurity is a shared responsibility among government agencies, companies, and individuals. At the height of the pandemic, collaborations between governments and organisations surfaced, increasing confidence to emerge victorious in this battle with invisible criminals in the web.
Nine cybersecurity software firms in Singapore were awarded up to $1 million each in hopes to increase the defence of Singapore's critical sectors. Among these companies are those that will be developing an AI-driven cyber investigation software to probe the dark web and prevent cybercrime targeting critical sectors, including energy and healthcare in the country.
Acknowledging that Singapore “cannot be truly ‘smart’ without first being cyber secure”, LogRhythm has partnered with the government to implement a Security Information Event Management (SIEM) to a key security operations centre for the government project of installing smart lamp posts with cameras and sensors, which will enable smarter urban planning. With this, threats to the collected data from the sensors can be identified and addressed.
Singtel’s Trustwave has been helping small and medium enterprises on their digitalisation journeys through IMDA’s Go Digital and GoSecure initiatives, as it believes that knowledge empowerment can help “cultivate confidence and ownership” which are “key ingredients of a cyber risk thinking culture.”
A culture progressing toward the post-pandemic world is one that’s digital – an opportunity for most, but also a fear for others. Being aware of cyber threats is one step, and building cybersecurity capabilities is second. Should these be resolved, there is probably nothing not to love about working from home.