Cyber security takes no prisoners

SINGAPORE was the top target for cyber attacks across the globe during the Trump-Kim Summit this month, going by data collected by Seattle-based app security company F5 Networks, in concert with its Vancouver-headquartered data partner Loryka.

The data found that Singapore - which is not typically a top attack destination country - was the No 1 destination for cyber attacks, having received nearly five times more attacks than the US or Canada. This anomaly coincides with the historic meeting between US President Donald Trump and North Korean leader Kim Jong-Un that was held in Singapore on June 12.

The Republic was found to have battled some 40,000 attacks in a 21-hour period, starting at 11.00pm on June 11 through 8.00pm on June 12 - the period immediately preceding, during and following the highly-hyped meeting.

An analysis of the data by F5's threat research intelligence team (which monitors global attacks) found that 92 per cent of the attacks on Singapore were reconnaissance scans looking for vulnerable devices, while the other 8 per cent were exploit attacks.

Russia accounted for 88 per cent of the attacks against Singapore on June 12, followed by Brazil and Germany (at 2 per cent each). In fact, 97 per cent of all attacks originating from Russia during the two-day period were directed at Singapore.

The first attack was found to have begun out of Brazil targeting port SIP 5060, which is used by IP phones to transmit communications in clear text. F5 and Loryka's data analysis found this to be the single most attacked port. The second most attacked port was Telnet, consistent with IoT device attacks that could be leveraged to gain access to or listen in on targets of interest.

Other ports attacked include the SQL database port 1433, web traffic ports 81 and 8080, port 7541 (which was used by malware Mirai and Annie to target ISP-managed routers), and port 8291, which was targeted by malware Hajime to PDoS MikroTik routers.

In a blog post, F5 said: "We do not have evidence directly tying this attacking activity to nation-state-sponsored attacks. However, it is common knowledge that the Russian government has many contractors within Russia doing their bidding, and that a successful attack on a target of interest would make its way through to the Kremlin."

Frequency and scale of attacks increasing

Cyber attacks are not just targeted at governments. Organisations - large and small - are equally vulnerable to such attacks. In speaking to a myriad of companies, The Business Times uncovers each of their distinct challenges and solutions to cyber security.

Gerry Chng, EY's cybersecurity leader for Asean, says that even as organisations have been strengthening their cyber defences for more than two decades, large companies - in spite of their efforts - are still suffering significant financial and data losses due to attacks on their corporate systems.

In fact, the frequency and scale of attacks is increasing, he says. Cyber criminals have been able to prosper because the digital landscape has shifted, explains Mr Chng. He cites the recent exponential explosion of data, which presents more avenues of attack to hackers since data is accessible by a broader ecosystem of consumers and partners on multiple platforms.

Mr Chng adds that cyber criminals are becoming increasingly sophisticated and are leveraging digital innovations to mount their attacks. In summary, cyber security is not new - only the landscape and cyber enemy have completely changed, he says.

Meanwhile, small and medium enterprises (SMEs) face a whole different realm of challenges, argues Paul Hadjy. The chief executive officer and co-founder of cyber security startup Horangi says that the SME space is most affected by the lack of security professionals and the complexity of cyber security findings.

This is why Horangi is focused on developing solutions for SMEs. These solutions, which are usually customised, modular, cost-effective, and easy to implement and manage, go a long way in helping SMEs grow quickly and securely, says Mr Hadjy.

Dutch Ng, who co-founded i-Sprint, a Singapore-based firm that provides security solutions in identity and transactions, says that the company's main challenges come from the ever-changing nature of the tech environment.

To stay ahead of the competition, i-Sprint has built two research and development (R&D) centres with more than 120 engineers and experts, to track the latest changes and incorporate emerging technologies into its own solutions.

Likewise, security and network distributor Netpoleon has over the years refined its business approaches to keep pace with the swiftly changing market. But its most important innovation, says its chief executive officer Francis Goh, is its management philosophy.

Mr Goh believes that an employee can be trained and upskilled as long as the opportunity is given. This means that aside from looking out for experienced personnel, he also hires talented but not so experienced young employees, or experienced individuals who want to switch and start their careers in the IT industry.

He sums up: "The group believes that while we are in the IT space, we are actually in talent management."