Industry analysis: Harry Cheung, Managing Director, Kaspersky Lab Asia-Pacific
Social and political commentators have written volumes on the impact of globalisation on national economies and the way societies conduct business. One of the defining features of this global integration has been the centrality of technology and its impact on the myriad of transformational changes across all levels of society.
As countries, including Australia, move towards an increasingly digital economy, the global security landscape is rapidly shifting from the physical to the online world.
Myriad of Global Threats
Kaspersky Lab has conducted first-hand analyses of this redefined global security landscape. When the International Telecommunication Union, a specialised agency of the United Nations, approached Kaspersky Lab to conduct research into what is now known as the ‘Flame’ virus, it led to the discovery of what has since been described as one of the most complex threats ever revealed.
This redefining discovery put into sharp focus the need to reconsider how both IT security risk assessments are conducted and vulnerability controls are applied across all levels of government, as well as the business-to-government chain.
Analyses of recent Advanced Persistent Threats (APT) show an intersecting map of target victims across a range of industries. It reflects a trend which shows that the threat landscape has shifted from large blanket attacks designed to capture random targets, towards more highly focused and sophisticated attacks aimed at achieving specific outcomes.
Kaspersky Lab’s security research team recently announced the discovery of “Icefog”, an APT that focuses on targets in South Korea and Japan, hitting the supply chains for Western companies.
The discovery sheds light on a new emerging trend centred on smaller hit-and-run gangs who are going after company supply chains and compromising targets with surgical precision. Instead of the traditional approach of staying in a compromised network for an extended period of time, “Icefog” reveals how cybercrime is being outsourced to ‘for-hire’ groups hired as ‘cyber-mercenaries’ to conduct swift cyber-espionage and cyber-sabotage activities on demand.
The analysis of “Icefog” further reveals that auxiliary companies, whose security parameters are more susceptible to breaches, are being used to gain access to the parent target. The very nature of this trend makes attribution even more difficult, as data exfiltration can be used for several different purposes.
Accordingly, this trend, which is expected to grow in future, means we can expect to see the emergence of more small groups of cyber-mercenaries available for hire to perform surgical hit and run operations. This new reality will clearly have a significant impact on the IT security landscape.
The paradox of the contemporary technology environment is that in the era of service delivery, technologies are extended far and wide to ensure end-user accessibility. If however, isolation is key to information security, then the IT security landscape, particularly for government agencies, presents a precarious situation.
Consider a typical Local Government Area; it is not just council offices which require the implementation of security solutions, but also the myriad of different council operated facilities located across the municipality.
In an era of service delivery which is increasingly being shifted from the physical into the online world, local councils serve as an ideal channel for targeted attacks.
For local government, let us consider two critical areas of IT security relating to employee devices and digital services; mobility in the BYOD age, and cloud technologies.
The prevalence of technology has completely transformed the way government services are delivered, as well as impacting on the way commercial contracts for key infrastructure projects are fulfilled.
The workforce of yesterday was ‘hardwired’ and rigid; today’s can be called ‘software-wired’ and mobile. ‘Knock off time’ used to mean logging off and going home. Today, workers carry with them sensitive information across different platforms and devices. Exchanges which used to be confined to a fixed phone line are now carried across different devices and through public Wi-Fi hotspots.
The impact this has had on the way business is conducted and services are delivered is a reflection of the transformational impact of technologies.
However, the applications and devices used to enhance productivity operate in the very same space in which cyber-attacks take place. The target victim’s online activity has become the cyber attacker’s tools from which the prize of private data and information is monitored and acquired.
To those in the business of cyber-attacks and cyber-espionage, each device presents a gateway that is vulnerable to security breaches. If we think about the number and ease in which employees carry out their communications using these devices, the problem becomes much more apparent.
Across most organisations, there is at least a recognition that the scope of IT policies needs to be extended to include rules for employer-issued mobile devices as well as BYOD guidelines.
In maintaining controls over these complexities, local governments around Australia are beginning to assess cloud technology options as part of the latest security offerings. It’s crucial to recognise however, that implementing cloud-based security solutions alone is not enough to provide reliable protection against today’s complex threats.
Because of the connectivity between local network activity and cloud-based computing, Kaspersky Lab maintains that the application of IT security strategies needs to evolve towards hybrid security solutions which address these new integration challenges.
Accordingly, these challenges require a holistic security solution which combines proactive cloud technologies that are supported by local anti-malware technologies.
Embracing the future
Although cyber security is understandably often spoken about in grim terms, from a business development and public infrastructure perspective, there are many advantages of understanding how security solutions can be applied to full effect. This is particularly important for both the public and private sectors as online network connections are increasingly becoming the contemporary world’s business and trading routes.
What is ultimately required however is that both business and government engender an organisational cultural change which embraces the opportunities that come with maintaining controls over IT security complexities.
On a local government level, this will help securely bring services to the fingertips of residents; just as doing so federally helps extend the national economy to the world.
Harry Cheung is Managing Director for Kaspersky Lab Asia-Pacific.
Comment below to have your say on this story.
If you have a news story or tip-off, get in touch at email@example.com.
Sign up to the Government News newsletter