BusinessToday speaks to Yuri Zaharin, Country Manager for Malaysia at Exclusive Networks
- How secure are companies in Malaysia in terms of cyber security? And where does Malaysia stand in a global view of cybersecurity or cybercrime?
2020 has seen a surge in cyberattacks around the world as hackers take advantage of WFH requirements to attack companies. Malaysia has not been immune to this and cybercrime has emerged as a growing trend. This year, according to the Malaysia police 9,215 commercial crime cases have been recorded nationwide involving losses amounting to RM717.2 million for the period January to April. Additionally, cybercrime has surpassed drug trafficking as the most lucrative crime and 70 percent of commercial crime in Malaysia can be classified as cybercrime cases.
Rapid ICT development will only increase cybercrime in Malaysia and it is important that companies engage experts and third parties to protect their systems.
Malaysia itself has introduced a number of organisations and regulations aimed at tackling cybercrime. The first was the Computer Crime Act, introduced in 1997 and over the years we have seen a number of legislative acts passed in an attempt to get ahead of the problem. The National Cyber Security Agency was set up to implement the National Cyber Security Policy which aims to protect critical infrastructure and facilitate Malaysia’s move towards a knowledge-based economy, among other things.
- What is stopping Malaysians from investing in a good cybersecurity system?
We are living in a new age of remote work where companies are increasingly having their employees work from home using multi-cloud or hybrid ecosystems, this has created a new challenge for Malaysian firms. Many companies have employees dotted around not just Malaysia, but also Asia and the world, communicating sensitive information with each other across the internet using different devices. This has also created a dependence on the Cloud, leading to firms depending entirely, or at least in part, on a cloud environment.
For many firms, understanding how to protect themselves both in the cloud and across a disparate organisation can be a challenge.
Firms such as Exclusive Networks are able to merge cloud and cybersecurity solutions. By bringing together some of the best cybersecurity and Unified Communications solutions in the world, we are able to offer cost-effective solutions that protect a company at scale. This is also backed up by a pre- and post-sales team of system integrators and engineers who are able to work closely with the firm to ensure they have a holistic package to secure their ecosystems and ensure their operations can continue smoothly in a work-from-home environment.
- The advancement of technology is also making the bad players excel in what they do. So, what’s your take on this and how can organisations overcome this?
The Covid-19 pandemic has forced organisations and individuals to embrace new practices such as social distancing and remote working. There are now multiple devices and device origins connecting to the same network that employees are using to get their work done, and cyber criminals around the world are capitalising on this crisis. The reality is that working from home and the collaboration apps that keep employees connected and productive are here to stay.
We are in a new world of cybersecurity, one where employees can connect from anywhere from almost any device, to any application either on-premises or in the cloud. Previously, there would be a border between the company and the outside world (i.e. the internet). We believe that an ‘Identity Defined Security’ approach is important in this new threat landscape, one that understands the user, his/her behaviour and identity at all times, combined with true endpoint security, will provide the best protection.
- Could you share more on AI-powered cyberattacks?
There are two key threats I see involving Artificial Intelligence (AI). AI has the ability to automate attacks at scale, it can also mimic and learn human behaviour that will increase the sophistication of attacks. we are already seeing the scale that AI allows with over 90% of e-commerce sites’ traffic coming from cybercriminals’ programs according to Shape Security.
AI is also predictive, allowing it to better identify password patterns, breaking passwords more easily and at speed. This will allow it to overcome Captcha and other techniques as well as quickly recover and resume attacks if detected.
The second area of concern regarding AI is in data, specifically the data legitimate AI algorithms consumes in order to make decisions. In order for AI to ‘learn’, it requires high volumes of accurate, good quality data. The more data it consumes the better the final decisions it makes are.
However, bad data will result in poorer decisions. If hackers could manipulate the data that algorithms use they could cause considerable damage to systems that rely on AI to make all or part of their decisions. Gartner predicts that some sort of data manipulation will make up 30% of cyberattacks by 2022.
Solutions to these threats include Machine-Learning Next-Generation Firewalls (NGFW), which embeds machine learning (ML) in the core of the firewall to proactively assist in intelligently stopping threats, securing IoT devices, and recommending security policies.
- Regarding insider threats, how should companies identify and prevent this, especially companies with mass employees.
Many of the defence techniques are applicable across multiple threat types. For instance, it is imperative that companies deploy endpoint protection for their organisation. This protects their firm’s networks right through to the endpoints – i.e. the end devices. CrowdStrike’s Falcon platform, for example, will provide cloud-delivered endpoint protection for enterprises, leveraging Artificial Intelligence (AI) to proactively detect threats within networks and across devices to block attacks. This will protect against hackers and bad actors in general.
Regarding ‘inside threats’, User Entity Behaviour Analytics (UEBA) is a cybersecurity process about detection of insider threats, targeted attacks, and financial fraud. UEBA solutions look at patterns of human behaviour, and then apply algorithms and statistical analysis to detect meaningful anomalies from those patterns—anomalies that indicate potential threats. Instead of tracking devices or security events, UEBA tracks a system’s users and their behaviour. Many quality cybersecurity solutions will include UEBA within their solutions.
- What could be the upcoming threats that netizens should be aware of?
The Internet of Things (IoT) is also playing an increasing role in the cybersecurity space. As more products with the ability to connect to the Internet become available, opportunities for hackers to access data through outside-the-box ways have risen. IoT connected devices may have weaker or fewer protections against malware and older devices with old software may not be updated with the latest protections and thus provide an opening for hackers. For example, compromised devices can be controlled by a botnet and be made to participate in Distributed Denial-of-Service (DDoS) attacks on other organisations.
A famous example was the 2017 hack of a US casino via their internet-connected fish tank. In 2017, hackers attempted to acquire data from a North American casino by using an Internet-connected fish tank. The fish tank had sensors connected to a PC that regulated the temperature, food and cleanliness of the tank. The hackers got into the fish tank and used it to move around into other areas (of the network) and sent out data. 10 GB of data were sent out to a device in Finland.
Education is crucial here. Organisations need to ensure there is continuous end-user education and communication and end-users need to have quick and ready access to IT support. Stringent e-mail security measures should also be employed.