Security services take aim at cybercrime hotbed Southeast Asia
Singapore rises as base for companies fighting back
SADACHIKA WATANABE, Nikkei staff writer
TOKYO -- Cybercrime is becoming rampant in Southeast Asia, causing severe losses and service disruptions at businesses and financial institutions, but Singapore is emerging as a fortress of defense.
StarHub, a telecom company in the city-state, on Oct. 22 and Oct. 24 reacted when some of its residential customers had their broadband service interrupted. On each occasion, StarHub was able to resume service within two hours. The cause each time was a sudden surge in traffic to its residential Domain Name Servers.
The surges were part of an operation carried out by parties that had infiltrated countless systems both inside and outside Singapore, then flooded the targeted systems in what is known as a DDoS attack.
StarHub, which had just created a special cybersecurity facility in May, was forced to clean up the mess by sending technicians to check customers' personal computers and other steps.
This is something of a success story in Southeast Asia, where robust economic growth has set off an explosion of Internet use but left cybersecurity measures far behind.
The U.S. internet security company FireEye says 27% of its Southeast Asian customers were victims of cybercrimes in the second half of 2015 -- nearly double the global rate of 15%.
Common modes of attack are DDoS and "ransomware," or malicious software carried in email attachments and other vehicles to infect victim's computers and demand money.
Consumers' lack of awareness adds to the problem. Many people seem to have little reservation about using pirated software, for instance, thus opening corporate computers to infection.
Other data also highlights cyberthreats in the region. The Russian security service provider Kaspersky Lab says five Southeast Asian countries rank among top 20 markets where it has detected virus and malware. The unwelcome No. 1 spot goes to Vietnam.
The scale of damage and economic losses caused by cybercrimes is increasing, too.
A July 2016 system hack at Vietnam Airlines led to a breach of membership information and disruption of airport services. A Vietnamese bank nearly became a victim of cyber theft in late 2015. In August 2016, a state-backed Thai bank incurred losses from a virus infiltrating its ATM machines. Nine people were detained in December, charged with trying to hack Thai government websites. In February of last year, unauthorized access to internal systems of Bangladesh's central bank resulted in a fraudulent transfer of $81 million to the Philippines.
And weak security lets hackers use Southeast Asia as a base for launching attacks outside the region as well.
Building a bastion
Singapore, home to the Asian headquarters of numerous global corporations, is rising as a line of defense.
Singapore Telecommunications, also known as Singtel, has staff monitoring data and maps on large screens and computer displays to check for suspicious activity. When an attack is detected, the company helps customers respond by analyzing countermeasures and sending its technicians, among other steps.
Singtel has 3 million business customers in 96 countries. Its surveillance runs 24 hours a day. Singtel Group Enterprise CEO Bill Chang said cybersecurity can provide the foundation to expand its communications business. After a series of investments, Singtel's cyberdefense operations now employ more than 2,000.
American internet security company Symantec opened a Singapore surveillance center in 2015. With cyberattack targets now broadened to home appliances connected to the internet, the company is spending heavily to enhance security for internet of things technology, said an executive overseeing Asia-Pacific business. NEC and Microsoft opened similar facilities in the city-state in 2016.
These private-sector efforts are helping international organizations tackle cybercrime, too. Interpol launched its global cybersecurity arm, the Interpol Global Complex for Innovation, in Singapore in 2015. Information shared by corporations has facilitated arrests.
The Asia-Pacific cybersecurity market is projected to reach $33 billion in 2019, doubling from 2014, according to research company MicroMarketMonitor.