Cyberattacks on ICT supply chains on the rise; cyber resiliency initiatives needed says Kaspersky
According to cybersecurity provider Kaspersky, cyberattacks on information and communications technology (ICT) supply chains are on the rise with the potential to cause massive damage to governments, companies and people at large.
One potentially successful attack doesn’t just end there as malicious actors can potentially use that one backdoor to penetrate other connected systems and potentially cause a domino effect that can infect thousands of other systems.
This happened as early as last year when Kaspersky discovered a Trojan attack package that dated back to 2020 that targeted an Asian government’s Certification Authority website and which ultimately targeted a government entity with the Certification Authority being a vulnerable weak point in this supply chain that was easier to exploit.
The subtle yet lethal Trojan package discovered by Kaspersky’s forensic cybersecurity teams discovered it’s dangerous payload that saw a host of plug-ins deployed using PhantomNet malware that had similarities to prior recovered examples of CoughingDown malware.
“Supply chain attacks exploit trust relationships – be it a relationship between a reputable body and a government or between a small software supplier and an enterprise. Such attacks have major consequences for all affected parties, impacting the government, enterprises and very possibly individuals like you and me. To prevent this, the defenders need to operate on the basis that their system is compromised and look for signs of an attack rather than assume that they can be prevented using traditional products,” said Genie Gan, Head of Public Affairs and Government Relations for Asia Pacific & Middle East, Turkey, and Africa at Kaspersky
Cyber resiliency and cyber attacks – what’s happening and the solution
This is just the tip of the iceberg though as many cyberattacks are undocumented. In terms of official numbers, 4,94 attacks were reported in 2020, 5,575 were reported in 2021 and 5,626 attacks occurred and were reported in September in Malaysia according to official numbers. Computers used by participants of the Kaspersky Security Network (KSN) on the other hand detected a whopping 20,948,843 different web threats.
Further, 16,498 malicious installation packages were detected and blocked by Kaspersky and 3,285,350 brute force tracks against Windows computers via Remote Desktop Protocol (RDP) were thwarted. Kaspersky’s Anti-Phishing systems also blocked a staggering 1,791,751 phishing attempts in the first half of 2022.
“Looking at Malaysia’s unique cybersecurity landscape and how it is dealing with cyberattacks, it appears that the country is now in the intermediate stage of cybersecurity readiness. Intermediate-level countries are those that have identified cyberattacks as areas they need to look into and have attempted to make some inroads. The goal is to have the country move to the Advanced stage where we hope to see it doing more in terms of development,” added Gan.
Gan recommended the following specific action steps to strengthen the ICT supply chain in Malaysia:
-Develop core principles, technical standards to ensure a consistent level of cybersecurity across all companies involved.
-Actionable national cybersecurity strategies.
-Improve procedures and regulations on ICT supply chain infrastructure.
-Private and public mutual cooperation and cybersecurity capacity building.
“Cyber threats are here to stay as it is parallel with the digitalization drive in Malaysia. Malaysia Digital Economy Corporation (MDEC) reported that the digital economy is currently contributing 22.6% to the country’s gross domestic product (GDP), and the number is set to rise to 25.5% by 2025. A huge opportunity that will be realised best if digitalisation efforts are built upon trusted and transparent cybersecurity foundations,” said Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.
“Organisations, industries, and governments will always be lucrative targets for cybercriminals but through collaborative multi-stakeholder efforts, we can explore strategies and expand our cybersecurity implementation as we enhance our confidence and trust in technology. When a country achieves cyber-resiliency, the digital future no longer becomes a scary unknown realm but a place with endless opportunities for growth,” he adds.
There’s no silver bullet to dealing with cybersecurity threats and it remains an ongoing persistent challenge that needs to be constantly monitored and addressed to stay ahead of threat actors which means engaging with the stakeholders including cybersecurity providers including regularly assessing the trustworthiness of their products – a measure Kaspersky adopts via the deployment of their Global Transparency Centres with one located in Malaysia that allows stakeholders and partners to review Kaspersky’s cybersecurity practices in detail from threat detection protocols down to the code used itself. Kaspersky also regularly releases their Transparency Reports with the latest covering the first half of 2022.