Threat Intelligence needs to rise to the challenge with increase in financial transactions in Southeast Asia, says Kaspersky

If there’s one thing that Malaysians do well, besides being foodies one and all, it’s shopping and with the ongoing pandemic, most Malaysians are conducting more of their financial transactions online to buy groceries, pay bills and more. 

Based on the MasterCard impact Study 2020, Malaysia led Southeast Asia in e-wallet use at 40% compared to the Philippines (36%), Thailand (27%) and Singapore (22%). This trend is set to continue with the Malaysian Ministry of Finance aiming to ensure all payments for government services will be cashless by 2022 via their MyDIGITAL initiative.

This uptick in financial transactions also unfortunately draws in a veritable rogue’s gallery of cyber threat actors looking to exploit the negligent and the unwary be they mom and pop or even a financial institution. In the ever escalating cybersecurity arms race, financial service providers need to up their game and both preemptively and rapidly upgun their threat intelligence capabilities to stay ahead of the competition and potentially crippling losses or litigation.

“For the large majority of cybercriminals, easy money is the prime motivator. And the financial sector is uniquely positioned to be a target of attacks regardless of season because it’s always where the money is. The growth of digital financial services in Malaysia, like in other parts of the region, is creating new and heightened risks for both service users and service providers. In this case, technology will be the game-changer,” said Yeo Siang Tiong, General Manager for Southeast Asia, Kaspersky. 

Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky

It’s not an idle threat either. In 2020 when the pandemic was in full swing, the ShinyHunters hacker group successfully hacked an American digital banking app and made off with the personal details of 7.5 million users, further exposing these users to additional phishing or cyberattacks.

With the plethora of threat actors, the deluge of financial transactions, array of potential cyberattack vectors and a constantly changing digital battlefield combined with budget cuts, it’s safe to say that in-house security teams with companies and financial institutions have their work cut out for them with filtering out posers from false positives and actual threats. In Kaspersky’s IT Security Economics Report, only 41% of enterprises and 39% of SMBs considered threat intelligence an area of response.

“Digital transformation always presents new challenges, especially for the financial sector. Malaysia is at the forefront of a digital revolution where the use of online payment gateways and e-wallets is expected to expand. While it is a huge responsibility for banks and financial service providers to secure their virtual systems, investing in the most intelligent solutions is essential as they build their cyber defenses to better protect their customers and their businesses. From a cybersecurity standpoint, threat intelligence is an advanced, specialized framework that the financial sector will significantly benefit from,” Yeo added.

What is threat intelligence?

For the uninitiated, threat intelligence in the context of cybersecurity s the ability to identify and analyse cyber threats targeting a business. It’s not as gripping as what you see in the movies and like most intelligence work, it involves a ton of forensics with analysts sifting through piles of data to identify problems and then plug potential security loopholes.

This differs from threat data which refers to the practice of IT specialists or sophisticated tools ‘reading’ and analysing possible threats, leveraging knowledge of prior threats to ascertain if a threat is authentic and then how to tackle it.

Rather than rummaging around in the dark and potentially fumbling a potential cybersecurity incident, organisations can avail themselves of something that solves this potential problem in one fell swoop. Enter Kaspersky Threat Intelligence Services.

With Kaspersky’s Threat Intelligence Services, organisations are supplied with constant feed of updated information that covers the latest threats, phishing links and websites, and malicious objects that target Android and iOS platforms. This curated feed of information is sourced from Kaspersky’s own  own cloud infrastructure called Kaspersky Security Network, web crawlers, an always-on unique proprietary platform called Botnet Monitoring, email honeypots, research teams, and the company’s global partners.

This up-to-the-minute threat intel enables security teams to rapidly deploy an automated incident response and sift through alerts to see which should be investigated further. By employing Kaspersky’s Threat Intelligence Services, organisations, especially like financial services can benefit from:

1. Prevent data loss – a well-structured cyber threat intelligence (CTI) program means your company can spot cyberthreats and keep data breaches from releasing sensitive information
2. Provide direction on safety measures – by identifying and analyzing threats, CTI spots patterns used by hackers and helps businesses put security measures in place to safeguard against future attacks
3. Inform others – hackers get smarter every day so cybersecurity experts share the tactics they’ve seen with the IT community to create a collective knowledge base to cybercrimes.

For more on Kaspersky’s diverse range of services, check out their official page at www.kaspersky.com and their SecureList which has the the latest threat update bulletins in cybersecurity and which makes for surprisingly gripping reading.