Two Decades of Digital Defence: Why Cybersecurity Must Remain a Top Concern for Everyone

Director, Security Technology & Strategy APJ, Akamai

Two decades after the first Cybersecurity Awareness Month, the frequency and severity of cyber-attacks have reached unprecedented levels. With our daily routines, family interactions, and even recreational activities intertwined with digital platforms, our exposure to potential threats has never been greater.

Today, people and businesses effectively exist online, transacting and communicating in the digital realm. Staying constantly aware and vigilant against cyber threats is vital.

In addition to safeguarding against increasingly sophisticated cyber threats with modern and effective protection technologies, businesses, governments and individuals must continue to raise awareness of current cyber threats and adopt best practices to protect against them. For businesses, this can mean educating both employees and customers on how to spot suspicious digital events and artifacts, such as social engineering attempts and scams. Organisations should also continue to invest heavily in embedding cyber security into the working culture and strategic vision. 

Different regions across the world face distinct types of cyberattacks based on their dominant industries and vulnerabilities. According to Akamai’s latest State of the Internet report, the Asia-Pacific and Japan (APJ) region’s financial services faced over 3.7 billion attacks experiencing a growth of web application and API attacks by 36 percent from Q2 2022 to Q2 2023. 

Australia, Singapore, and Japan were named the top three most targeted countries in the region. The report also found that Local File Inclusion remains the top attack vector, and that 92.3 percent of attacks against APJ’s finance sector were targeted at banks, posing a huge threat to both financial institutions and their customers.

The APJ region overall is also witnessing a huge spike in ransomware. The use of Zero-Day and One-Day vulnerabilities has led to a 204% increase in total APJ ransomware victims between Q1 2022 and Q1 2023. Most of these victims are small and medium enterprises with victims of multiple attacks six times more likely to experience a second attack within three months of the first attack. In addition, 1.15 billion web attacks were recorded in APJ’s commerce sector, across retail and hotel and travel verticals, with India and China as top web attack target regions. 

New cybersecurity threats on the rise

Advances in artificial intelligence (AI) have seen the rapid evolution of cyber threats. Cybercriminals are using AI to develop much more sophisticated and automated attack strategies. AI-powered cyberattacks also have the potential to adapt in real-time as they learn how a targeted organisation’s cyber defences work, making them particularly challenging to detect and defend against. In response, cybersecurity experts are also leveraging AI in defence, primarily to identify, automate and mitigate threats before and as soon as they occur. As the industry intensifies its desire to understand the potential of how AI can be effectively applied to cyber, we do expect more use cases to be developed and tested for both offensive and defensive purposes for the foreseeable future.

For example, Generative AI (GenAI), a subset of AI, has made phishing and email scams look more authentic and dangerous. Instead of obvious clues like grammar mistakes, automatic translation and errors, AI-generated phishing emails allow impeccable grammar and vocabulary to be used, making them much harder to distinguish from legitimate communication. Another issue is users using GenAI tools to process potentially sensitive information such as source code or confidential internal documents, where the AI may use it as training materials.

A related attack method seeing a sharp rise is Vishing or Voice Phishing. GenAI can be used to mimic the voices of specific individuals or even generate entirely synthetic voices that sound convincingly human. Victims believe they’re interacting with a trusted entity, such as their bank or a government agency, and are tricked into providing sensitive personal information or financial details. AI can even be used to imitate the voice of a co-worker or family member, greatly increasing the level of risk of scams. Similar to how voice activated AI assistants work, a person’s voice could potentially be cloned by recording a few spoken sentences from the said victim. 

Supply chain attacks are another growing concern. They involve targeting an organisation’s partners and suppliers who may have access to the organisation’s network or systems, usually to automate digital transactions and update data. These attacks are particularly dangerous as they can compromise the security of an organisation indirectly through its supply chain as these external parties are usually deemed as trusted entities and part of its larger business ecosystem. 

Defence strategies against cyber attacks

While tools and technology are critical for defending against cyber-crime, they are not a silver bullet. Educating users on cyber risks must continue to play an integral part and be a shared responsibility among organisations, businesses and consumers. Private companies must continuously update their awareness campaigns to remain effective, while the public sector needs to intervene with new or updated regulations and standards when necessary to safeguard citizens. 

Cyber threats tend to target the weakest link in the chain, which is often an individual user. The mitigation of human error can come from implementing security awareness training for employees thereby arming staff with the knowledge to make better decisions. Humans have long been viewed as the weakest link in cyber security; however, when properly trained to be more security savvy, humans are also the first and last line of defence for the organisation, providing huge benefits to the business. Finally, consumers must also be accountable for learning about basic cyber hygiene and practising safe online behaviour.

Organisations should also consider adopting a Zero Trust strategy, which assumes that every user, whether internal or remote, is a potential threat. For example, instead of connecting a remote user to a corporate network via a traditional VPN, it leverages a reverse proxy technology, commonly known as Zero Trust Network Access to grant remote users access to only the specific applications that are necessary to carry out their roles.

Another effective strategy for achieving cyber resilience is Zero Trust Segmentation, also known as Microsegmentation. It involves isolating and containing breaches within an organisation, limiting damage and allowing for recovery while under attack. Instead of relying on network-based controls that are coarse and often cumbersome to manage, microsegmentation separates security controls from the underlying infrastructure, offering much more granularity and flexibility.

This is often essential as organisations transition to the cloud, with new deployment options like containers that make traditional perimeter security less relevant. Securing the cloud involves a range of practices, policies and controls. It needs to protect not only data but also application workloads running in the cloud and the users who interact with them. As security is usually a shared responsibility between the cloud provider and the customer in today’s multi-cloud world, it is imperative that organisations clearly understand their overall security posture.

The need for collaboration against cyber crime

Collaboration between public and private sectors is paramount to countering cyber threats effectively. Cybercriminals themselves frequently collaborate to run more effective and profitable attacks. The cybersecurity industry needs to do likewise, with not only research and standard setting but also practical actions. 

Various working groups and initiatives have been formed to address emerging threats, develop standards and build frameworks for cybersecurity, including MITRE‘s Center For Threat Informed Defense and the FIDO Alliance. We’re also seeing more instances of successful cooperation between technology companies with law enforcement agencies like the Federal Bureau of Investigation. These collaborations involve sharing insights, data and evidence to identify and apprehend cybercriminals. 

When it comes to consumer cybersecurity, scams are a significant threat. Scammers are targeting digitally connected consumers through methods such as phishing, social engineering, and fraudulent schemes. Awareness campaigns by private organisations, the implementation of public sector regulations and individual consumer vigilance are all important in combating scams.

As cyber criminals increasingly evolve their attacks, organisations and security experts must make a continuous commitment to cybersecurity awareness and preparedness and instil good cyber hygiene. As countries and societies become more digitally connected and reliant on technology, the attack surface for cyber attacks will grow along with it. Ongoing vigilance and a collective effort continues to be critical to safeguard our digital lives.