Logo of Phnom Penh Post newspaper Phnom Penh Post - Sharing intelligence helps us beat cybercriminals

Sharing intelligence helps us beat cybercriminals

Content image - Phnom Penh Post
To best capitalise on new attack strategies in Southeast Asia like botnets, cryptojacking, and ransomware, cybercriminals collaborate through a variety of networks. For example, less tech-savvy criminals simply buy ransomware services or kits from more technical hackers. UNSPLASH

Sharing intelligence helps us beat cybercriminals

Covid-19 has changed the way the financial services industry operates in a very short time. The digitisation of financial products and services has accelerated, and operations, most of which had previously taken place in traditional office and bank branch settings, have rapidly gone remote.

Both trends have increased the attack surface of the industry, giving cybercriminals new avenues to target sensitive customer and company data. Indonesia is particularly vulnerable to these new threats. The country has already been in the midst of rapid digitisation of financial services, with new payment platforms like Gojek’s GoPay and OVO.

GlobalWebIndex reports that Indonesia also has the highest rate of e-commerce use in the world – an overwhelming 90 per cent of internet users between 16 and 64 years old say they shop online.

New, rapidly growing digital platforms and customers who are inexperienced in transacting online are ripe targets for cybercriminal networks, and the pandemic has offered a whole new set of lures. For example, more than 98,000 high-risk domains were created with a Covid-19 theme from January through the first week of April, according to DomainTools.

Financial Services Information Sharing and Analysis Centre (FS-ISAC) found more than 1,500 financially-themed domains offering Covid-19 related credit, loans, insurance and more. The bulk of the domains were created in March. By the second week of April, the numbers of new high-risk domains were down 92 per cent following a crackdown by domain registrars. The sudden rise and fall of this tactic shows how threats are constantly evolving, with cybercriminals quick to exploit a vulnerability and then change tactics once defences are built.

To best capitalise on new attack strategies in Southeast Asia like botnets, cryptojacking, and ransomware, cybercriminals collaborate through a variety of networks. For example, less tech-savvy criminals simply buy ransomware services or kits from more technical hackers. Criminal groups are now not simply holding stolen data for ransom and returning it to the victim after payment, but also posting it online for other threat actors to use and even auctioning it off on the dark web.

Many cybercriminal networks run like formal, legitimate companies, with diverse functions and organisational roles like CEOs, recruiters and even customer service agents who, for example, guide victims through how to pay to recover their data or regain access to their systems.

Now more than ever, the only way to stay ahead of these sophisticated criminal networks is for us to work together as well. In financial services, this is especially crucial, since large-scale attacks on financial institutions could damage overall customer trust in the financial system, which has ramifications for the whole industry as opposed to just the individual victims of the attack.

Sharing cyber intelligence is one key way to reduce cyber risk. Organisations like information sharing and analysis centres (ISACs) facilitate sharing in a trusted environment using a secure member portal, a set of guidelines for how information can be shared, and smaller circles of trust for specific communities within different sectors and regions.

ISACs enable intelligence sharing for the global financial services industry. FS-ISAC in Singapore, for example, serves member institutions across Asia-Pacific, giving them a platform to share country-specific threat activity and cybersecurity best practices in areas such as incident response and third-party risk management.

Through a wide variety of events and meetings, FS-ISAC helps build trust in the community and between members. It also offers resiliency exercises to build our industry’s capacity to protect and defend against new types of attacks.

While financial institutions may be wary of sharing intelligence with their competitors, the faster the intelligence is shared, the higher the chance for other firms to put up defences against the threat. This prevents cybercriminals from using the same attack strategy multiple times, forcing them to find a different approach or at least build new attack infrastructure, lowering their return on investment and making cybercrime more expensive.

As cybercriminals constantly evolve and become more sophisticated, the need for intelligence sharing is more important than ever. The cyberattacks related to Covid-19 have proved how quickly new attack vectors can emerge.

Since no institution can anticipate every threat all the time, the financial services industry needs to learn from the threat actors themselves and build trusted relationships within the industry through peer-to-peer intelligence sharing. Only by collaborating as they do can we beat cybercriminals at their own game.

Brian Hansen is executive director Asia Pacific at FS-ISAC.



  • Joy as Koh Ker Temple registered by UNESCO

    Cambodia's Koh Ker Temple archaeological site has been officially added to UNESCO’s World Heritage List, during the 45th session of the World Heritage Committee held in Riyadh, Saudi Arabia, on September 17. The ancient temple, also known as Lingapura or Chok Gargyar, is located in

  • Famed US collector family return artefacts to Cambodia

    In the latest repatriation of ancient artefacts from the US, a total of 33 pieces of Khmer cultural heritage will soon return home, according to the Ministry of Culture and Fine Arts. In a September 12 press statement, it said the US Attorney’s Office for the

  • Tina rebuffs ‘false claims’ over falling paddy price

    Agriculture minister Dith Tina has shed light on the trade of paddy rice in Battambang – Cambodia’s leading rice-producing province – in a bid to curb what he dubs a “social media fact distortion campaign” to destabilise the market. While acknowledging that the prices of paddy

  • Cambodia set to celebrate Koh Ker UNESCO listing

    To celebrate the inscription of the Koh Ker archaeological site on UNESCO’s World Heritage List, the Ministry of Cults and Religion has appealed to pagodas and places of worship to celebrate the achievement by ringing bells, shaking rattles and banging gongs on September 20. Venerable

  • Kampot curfew imposed to curb ‘gang’ violence

    Kampot provincial police have announced measures to contain a recent spike in antisocial behaviour by “unruly’ youth. Officials say the province has been plagued by recent violence among so-called “gang members”, who often fight with weapons such as knives and machetes. Several social observers have

  • PM outlines plans to discuss trade, policy during US visit

    Prime Minister Hun Manet is set to meet with senior US officials and business leaders during his upcoming visit to the US for the UN General Assembly (UNGA), scheduled for September 20. While addressing nearly 20,000 workers in Kampong Speu province, Manet said he aims to affirm