Bolstering up our defences against Sisyphean cybercrimes

Cybercrime is Sisyphean in nature — the efforts to battle it is a never-ending feat. Cyberthreats are constantly evolving even as technologies that are developed to fight it advance, making cybersecurity a challenging endeavour that leaves no room for complacency.

Country leaders are also cognisant of this. In Asia, regulators like the Monetary Authority of Singapore have collaborated with international banks to hold joint cyber crisis exercises with the aim of testing responses to various cybercrime scenarios and upgrading their financial systems. Cybersecurity professionals now constantly upgrade their skills to keep up with threat actors who tirelessly find new ways to infiltrate defences and retrieve data, echoing once more how organisations cannot afford to drop their guard.

The weight on our shoulders

Cybercrime made up nearly half of all crimes in Singapore in 2020, according to the Cyber Security Agency of Singapore, with global threat actors capitalising on the changes wrought by the pandemic, such as the rise of work-from-home arrangements.

Many traditionally office-based workers now work intermittently or completely from home. This means they have to access work data and platforms from less secure home networks and sometimes over personal devices. For organisations, this translates to a wider exposure of less protected attack surface areas, opening up the corporate network to new vulnerabilities.

Singapore saw a 73% increase in reported data breaches and ransomware incidents this year compared to 2021. This included high-profile breaches, such as a ransomware attack on a clinic called Eye & Retina Surgeons, which saw the data of nearly 73,000 patients exposed as a result of the breach.

What makes ransomware so dangerously rampant is the increased ease of enacting these attacks. Less experienced threat actors are now able to purchase access to ransomware as a service (RaaS) from the dark web. This widespread availability of RaaS means with just a small fee, cybercriminals can gain access to sophisticated tools and launch their attacks against organisations — with the potential to reap high rewards, wreak havoc, and cause irreparable damages.

Not letting the boulder slip

The damage of a ransomware attack goes beyond just the monetary cost. Compounding the initial loss, organisations often also suffer from a disruption in business operations, which can carry serious knock-on effects.

In Japan, a ransomware attack on the Tsurugi Municipal Handa Hospital rendered it impossible to carry out basic functions. Consequently, they were unable to accept new patients for almost two months.

Additionally, paying the ransom does not exempt organisations from future attacks. In fact, this only increases their chances of getting targeted again. Taking multiple hits from cyberattacks damages an organisation’s reputation, and weaken customers’ and partners’ trust as well, causing intangible — and sometimes irreparable — impact in the long run.

Organisations also risk regulatory penalties by various authorities around the world. For instance, organisations in Singapore can be fined heavily for data breaches. The latest change to data protection law here — the Personal Data Protection Act (PDPA), raised the maximum financial penalty for data breaches on companies to SG$1 million or 10% of local annual turnover, whichever is higher.

Onwards we must roll

Reinforcing network security, hence, must be of top priority for organisations now operating in an increasingly digital business environment. The good news is that the technology to ensure proactive security is readily available. Companies can tap on solutions that utilise DDI — a combination of Domain Name System (DNS), Dynamic Host Configuration Protocol (DHCP) and IP Address Management (IPAM) services, which most organisations already use for device connectivity to glean network visibility down to the device level.

Another proactive security measure organisations can take is to implement DNS security. More than 90% of malware touches DNS on their way to entering and exiting a network, making DNS security solutions an ideal tool for detecting threats that other solutions might miss. Once detected, IT teams can remediate and contain the threat. Advanced detection and prevention can help organisations proactively secure their data and assets to minimise breach damage.

Proactivity over reactivity is key to maintaining a robust defence — from the network’s core to the farthest edge. Organisations should adopt tools such as DDI visibility and DNS security as foundations for protecting their cloud-first environments. In addition, organisations need to dedicate resources to employee cybersecurity awareness and education, so that they can develop cybersecurity hygiene across the entire organisation.