Cloudflare’s Field CTO on the state of S’pore cybersecurity

John Engates, Field Chief Technology Officer, Cloudflare. Image courtesy of Cloudflare.

Cybercrimes in Singapore are increasing at an alarming rate. Recently, Senior Minister and Coordinating Minister for National Security Teo Chee Hean reported that cybercrimes have surpassed physical crimes, such as theft or housebreaking incidents.

Now, online scams have increased by 52.9% and made up 51.8% of all crimes in 2021.

In response, the government has thrown huge support behind cybersecurity efforts, particularly a push towards the implementation of zero-trust measures across industries.

But how did the security landscape in Singapore look like for the first half of 2022? Will it be more or less the same for the rest of the year, or will there be new developments down the line?

Frontier Enterprise spoke with John Engates, Field CTO of Cloudflare, to drill down on the matter.

According to Engates, cyberattacks will affect Singapore companies like elsewhere in the world, yet more focus should be given towards the latter part of the year.

“In the back half of 2022, we’ll likely see attack trends similar to what we’ve seen in the early part of 2022. It’s impossible to predict for sure, but we generally see a trend toward increasing numbers of ransom DDoS (distributed denial of service) attacks, and more and larger network and application-layer DDoS attacks targeting companies. The holidays are always an opportune time for attackers, so companies need to prepare for that in the latter half of the year as well,” he said.

Evolving threat landscape

In June, Cloudflare reported on the largest HTTPS DDoS attack the company has mitigated— a 26 million request per second attack, which is considered the largest attack on record.

“Since then, we have been tracking this botnet, which we’ve called ‘Mantis’, and the attacks it has launched against almost a thousand Cloudflare customers. The Mantis botnet was able to generate the 26 million HTTPS requests per second attack using only 5,000 bots. Generating 26 million HTTP requests is hard enough to do without the extra overhead of establishing a secure connection, but Mantis did it over HTTPS. HTTPS DDoS attacks are more expensive in terms of required computational resources because of the higher cost of establishing a secure TLS encrypted connection. This stands out and highlights the unique strength behind this new botnet,” Engates shared.

Meanwhile, the healthcare sector has also been one of the most targeted during the pandemic. According to Engates, even a slight degradation of healthcare applications and networks can seriously hinder medical practitioners to perform their duties.

“The pandemic and the rise in remote or hybrid work means healthcare companies are vulnerable to new attack vectors, and at the same time may be at reduced capacity in terms of ability to respond to attacks,” he said.

Given this scenario, a zero-trust approach towards security would be hugely beneficial in ensuring seamless delivery of healthcare services, Engates said.

“Zero trust introduces the concept that user and device connections should not be implicitly trusted and therefore requests must be continuously validated. By replacing legacy hardware VPN solutions, zero-trust network access better enables remote work and helps prevent attackers from moving laterally from one application to another inside healthcare networks. Because the cost of ransom DDoS is so low for attackers, always-on DDoS protection is another crucial mechanism to help prevent ransom DDoS attacks against healthcare entities,” he remarked.

The road ahead

To combat new and emerging cyberthreats, enterprises – especially those that are currently transforming their IT infrastructure – would hugely benefit from the implementation of a zero-trust architecture, Engates said.

“Singapore companies must invest their cybersecurity resources wisely, and implementing zero trust will likely offer the best ‘bang for the buck’ and immediately reduce an entity’s cyberattack surface. At the same time, implementing zero trust often leads to a better experience for end users and cybersecurity professionals alike,” Cloudflare’s field CTO noted.

“The combination of the pandemic, supply chain disruptions, and the global economic stress present a uniquely challenging situation for companies. If we can take one positive away from this, it might be re-evaluating and simplifying the landscape of cybersecurity solutions and vendors a company deals with. With generally fewer resources available, simplifying things is the name of the game when it comes to the cybersecurity landscape,” he added.

For the foreseeable future, Cloudflare, for its part, has its eyes on helping build a better internet.

“We believe the Internet is more important than ever to businesses around the world, and the Internet needs to be more secure, more reliable, and more private for companies to fully rely on it. Looking forward, we will continue to build out our network capacity and introduce new security, performance, and developer capabilities to keep pace with our customers. We regularly introduce new products and capabilities throughout the year during what we call ‘innovation weeks’, and we have several more planned for the rest of 2022,” Engates concluded.