Logo of Phnom Penh Post newspaper Phnom Penh Post - Sharing intelligence helps us beat cybercriminals

Sharing intelligence helps us beat cybercriminals

Content image - Phnom Penh Post
To best capitalise on new attack strategies in Southeast Asia like botnets, cryptojacking, and ransomware, cybercriminals collaborate through a variety of networks. For example, less tech-savvy criminals simply buy ransomware services or kits from more technical hackers. UNSPLASH

Sharing intelligence helps us beat cybercriminals

Covid-19 has changed the way the financial services industry operates in a very short time. The digitisation of financial products and services has accelerated, and operations, most of which had previously taken place in traditional office and bank branch settings, have rapidly gone remote.

Both trends have increased the attack surface of the industry, giving cybercriminals new avenues to target sensitive customer and company data. Indonesia is particularly vulnerable to these new threats. The country has already been in the midst of rapid digitisation of financial services, with new payment platforms like Gojek’s GoPay and OVO.

GlobalWebIndex reports that Indonesia also has the highest rate of e-commerce use in the world – an overwhelming 90 per cent of internet users between 16 and 64 years old say they shop online.

New, rapidly growing digital platforms and customers who are inexperienced in transacting online are ripe targets for cybercriminal networks, and the pandemic has offered a whole new set of lures. For example, more than 98,000 high-risk domains were created with a Covid-19 theme from January through the first week of April, according to DomainTools.

Financial Services Information Sharing and Analysis Centre (FS-ISAC) found more than 1,500 financially-themed domains offering Covid-19 related credit, loans, insurance and more. The bulk of the domains were created in March. By the second week of April, the numbers of new high-risk domains were down 92 per cent following a crackdown by domain registrars. The sudden rise and fall of this tactic shows how threats are constantly evolving, with cybercriminals quick to exploit a vulnerability and then change tactics once defences are built.

To best capitalise on new attack strategies in Southeast Asia like botnets, cryptojacking, and ransomware, cybercriminals collaborate through a variety of networks. For example, less tech-savvy criminals simply buy ransomware services or kits from more technical hackers. Criminal groups are now not simply holding stolen data for ransom and returning it to the victim after payment, but also posting it online for other threat actors to use and even auctioning it off on the dark web.

Many cybercriminal networks run like formal, legitimate companies, with diverse functions and organisational roles like CEOs, recruiters and even customer service agents who, for example, guide victims through how to pay to recover their data or regain access to their systems.

Now more than ever, the only way to stay ahead of these sophisticated criminal networks is for us to work together as well. In financial services, this is especially crucial, since large-scale attacks on financial institutions could damage overall customer trust in the financial system, which has ramifications for the whole industry as opposed to just the individual victims of the attack.

Sharing cyber intelligence is one key way to reduce cyber risk. Organisations like information sharing and analysis centres (ISACs) facilitate sharing in a trusted environment using a secure member portal, a set of guidelines for how information can be shared, and smaller circles of trust for specific communities within different sectors and regions.

ISACs enable intelligence sharing for the global financial services industry. FS-ISAC in Singapore, for example, serves member institutions across Asia-Pacific, giving them a platform to share country-specific threat activity and cybersecurity best practices in areas such as incident response and third-party risk management.

Through a wide variety of events and meetings, FS-ISAC helps build trust in the community and between members. It also offers resiliency exercises to build our industry’s capacity to protect and defend against new types of attacks.

While financial institutions may be wary of sharing intelligence with their competitors, the faster the intelligence is shared, the higher the chance for other firms to put up defences against the threat. This prevents cybercriminals from using the same attack strategy multiple times, forcing them to find a different approach or at least build new attack infrastructure, lowering their return on investment and making cybercrime more expensive.

As cybercriminals constantly evolve and become more sophisticated, the need for intelligence sharing is more important than ever. The cyberattacks related to Covid-19 have proved how quickly new attack vectors can emerge.

Since no institution can anticipate every threat all the time, the financial services industry needs to learn from the threat actors themselves and build trusted relationships within the industry through peer-to-peer intelligence sharing. Only by collaborating as they do can we beat cybercriminals at their own game.

Brian Hansen is executive director Asia Pacific at FS-ISAC.



  • Would you like fries with that? US burger chain makes Phnom Penh debut

    California-based The Habit Burger Grill restaurant chain is all set to serve up a delicious array of charbroiled burgers and sides at its newest international location in the centre of Phnom Penh. The Habit is “renowned for its award-winning Charburgers grilled over an open flame,

  • Phnom Penh underpass opens to ease traffic

    Prime Minister Hun Sen has announced a temporary opening of the 488m underpass at the Chaom Chao roundabout in Phnom Penh’s Por Sen Chey district, which was recently completed to connect traffic from National Road 4 to Russian Federation Blvd. The move is to reduce

  • Banteay Meanchey flood victims receive aid

    Prime Minister Hun Sen on Wednesday provided aid to more than 10,000 families affected by flooding in Banteay Meanchey province’s Mongkol Borei district and offered his condolences to the 18 victims who drowned in the province over the past week. He said flooding had occured in

  • ‘No chance Cambodia booted out of ASEAN’

    A group of former and current Cambodian diplomats on Tuesday fired back at retired Singaporean diplomat Bihalari Kausikan after he proposed that ASEAN dismiss Cambodia and Laos from the bloc. In an open letter, the Cambodian diplomats said Kausikan’s remarks were made from a

  • PM urges caution as Polish man tests positive for Covid

    The Ministry of Health on Wednesday reported that a 47-year-old Polish man tested positive for Covid-19 after arriving in Cambodia on Monday. There are a total of six Covid-19 patients currently in the country, all of whom are being treated at the Khmer-Soviet Friendship Hospital

  • Woman seeks answers after arrest of American partner

    Filipina Lalaine de Guzman, 48, is demanding answers for the detention of her American partner by Cambodian immigration officers after he was arrested at their home almost 90 days ago. She said without an arrest warrant or proffering any criminal charges, Stephen Sidney Greatsinger, 56, is being detained