Logo of Phnom Penh Post newspaper Phnom Penh Post - Sharing intelligence helps us beat cybercriminals

Sharing intelligence helps us beat cybercriminals

Content image - Phnom Penh Post
To best capitalise on new attack strategies in Southeast Asia like botnets, cryptojacking, and ransomware, cybercriminals collaborate through a variety of networks. For example, less tech-savvy criminals simply buy ransomware services or kits from more technical hackers. UNSPLASH

Sharing intelligence helps us beat cybercriminals

Covid-19 has changed the way the financial services industry operates in a very short time. The digitisation of financial products and services has accelerated, and operations, most of which had previously taken place in traditional office and bank branch settings, have rapidly gone remote.

Both trends have increased the attack surface of the industry, giving cybercriminals new avenues to target sensitive customer and company data. Indonesia is particularly vulnerable to these new threats. The country has already been in the midst of rapid digitisation of financial services, with new payment platforms like Gojek’s GoPay and OVO.

GlobalWebIndex reports that Indonesia also has the highest rate of e-commerce use in the world – an overwhelming 90 per cent of internet users between 16 and 64 years old say they shop online.

New, rapidly growing digital platforms and customers who are inexperienced in transacting online are ripe targets for cybercriminal networks, and the pandemic has offered a whole new set of lures. For example, more than 98,000 high-risk domains were created with a Covid-19 theme from January through the first week of April, according to DomainTools.

Financial Services Information Sharing and Analysis Centre (FS-ISAC) found more than 1,500 financially-themed domains offering Covid-19 related credit, loans, insurance and more. The bulk of the domains were created in March. By the second week of April, the numbers of new high-risk domains were down 92 per cent following a crackdown by domain registrars. The sudden rise and fall of this tactic shows how threats are constantly evolving, with cybercriminals quick to exploit a vulnerability and then change tactics once defences are built.

To best capitalise on new attack strategies in Southeast Asia like botnets, cryptojacking, and ransomware, cybercriminals collaborate through a variety of networks. For example, less tech-savvy criminals simply buy ransomware services or kits from more technical hackers. Criminal groups are now not simply holding stolen data for ransom and returning it to the victim after payment, but also posting it online for other threat actors to use and even auctioning it off on the dark web.

Many cybercriminal networks run like formal, legitimate companies, with diverse functions and organisational roles like CEOs, recruiters and even customer service agents who, for example, guide victims through how to pay to recover their data or regain access to their systems.

Now more than ever, the only way to stay ahead of these sophisticated criminal networks is for us to work together as well. In financial services, this is especially crucial, since large-scale attacks on financial institutions could damage overall customer trust in the financial system, which has ramifications for the whole industry as opposed to just the individual victims of the attack.

Sharing cyber intelligence is one key way to reduce cyber risk. Organisations like information sharing and analysis centres (ISACs) facilitate sharing in a trusted environment using a secure member portal, a set of guidelines for how information can be shared, and smaller circles of trust for specific communities within different sectors and regions.

ISACs enable intelligence sharing for the global financial services industry. FS-ISAC in Singapore, for example, serves member institutions across Asia-Pacific, giving them a platform to share country-specific threat activity and cybersecurity best practices in areas such as incident response and third-party risk management.

Through a wide variety of events and meetings, FS-ISAC helps build trust in the community and between members. It also offers resiliency exercises to build our industry’s capacity to protect and defend against new types of attacks.

While financial institutions may be wary of sharing intelligence with their competitors, the faster the intelligence is shared, the higher the chance for other firms to put up defences against the threat. This prevents cybercriminals from using the same attack strategy multiple times, forcing them to find a different approach or at least build new attack infrastructure, lowering their return on investment and making cybercrime more expensive.

As cybercriminals constantly evolve and become more sophisticated, the need for intelligence sharing is more important than ever. The cyberattacks related to Covid-19 have proved how quickly new attack vectors can emerge.

Since no institution can anticipate every threat all the time, the financial services industry needs to learn from the threat actors themselves and build trusted relationships within the industry through peer-to-peer intelligence sharing. Only by collaborating as they do can we beat cybercriminals at their own game.

Brian Hansen is executive director Asia Pacific at FS-ISAC.



  • Prince Norodom Ranariddh passes away at 77

    Prince Norodom Ranariddh, the second son of the late King Father Norodom Sihanouk and former First Prime Minister of Cambodia, has passed away in France at the age of 77. “Samdech Krom Preah Norodom Ranariddh has passed away this morning in France just after 9am Paris-time,”

  • General’s gun smuggling ring busted

    The Military Police sent six military officers to court on November 22 to face prosecution for possession of 105 illegal rifles and arms smuggling, while investigators say they are still hunting down additional accomplices. Sao Sokha, deputy commander of the Royal Cambodian Armed Forces and commander of

  • Rise in planned flights lifts travel hopes

    Six airlines have applied to resume flights in December, while two others have put in for additional flights and routes, according to State Secretariat of Civil Aviation (SSCA) head Mao Havannall on November 29. These account for 43 new weekly domestic and international flights in December, up 16

  • Cambodia, Thailand to discuss border reopening

    Cambodian authorities from provinces along the Cambodia-Thailand border will meet with Thai counterparts to discuss reopening border checkpoints to facilitate travel, transfer of products and cross-border trade between the two countries. Banteay Meanchey provincial deputy governor Ly Sary said on November 22 that the provincial administration

  • More Cambodians studying in US

    The number of Cambodian students studying at US colleges and universities in 2020-21 increased by 14.3 per cent over the previous year despite the Covid-19 pandemic, according to a recent US government report. The 2021 Open Doors report on International Educational Exchange showed that 848 Cambodian students studied

  • Hun Sen: Manet to be candidate for prime minister

    Prime Minister Hun Sen has reaffirmed that his oldest son Hun Manet will be his successor as Prime Minister if he is elected. Speaking during the inauguration of a new sewage treatment facility in Preah Sihanouk province on December 2, Hun Sen said Manet will be