Thailand prime target for computer attacks, cyber-security forum told
THAILAND has become one of the prime targets in Southeast Asia for the advanced persistent threats (APTs) that have been hitting computing networks around the world, said Noushin Shahab, a senior security researcher at Kaspersky Lab.
APTs such as the Spring Dragon attacks have become a growing cyber risk for countries aspiring to develop a digital economy and society like Thailand, as exemplified by initiatives under the Thailand 4.0 modernisation programme.
Shahab said during Kaspersky’s recent cyber-securrity conference in Singapore that Indonesia, Vietnam, the Philippines and Taiwan have also been key APT targets since 2012.
Petya and Wannacry ransomware also made headlines recently as they threatened Window-based systems of various organisations in many countries, including Thailand, with massive |attacks.
Vitaly Kamluk, a director of Kaspersky Lab, said while Petya is not real ransomware, it is still a serious threat, especially from its upcoming newer versions.
One solution is to update Window software regularly, but the healthcare sector remains vulnerable because most hospitals do want to update for fear their critical equipment will be incapacitated.
It is necessary to encourage medical equipment vendors to facilitate the updating, especially for the healthcare sector.
Worries also abound when massive cyberattacks could threaten a country’s critical infrastructure|for such sectors as energy and electricity, banks and other financial institutions, aviation, and |hospitals.
Eugene Kaspersky, the cyber-security company’s founder, said all countries need to safeguard their critical infrastructure as well as protect their businesses and industries from cyberattacks.
One of the notable cybercrimes is the theft of about US$900 million (Bt30 billion) from Bangladesh’s central bank.
The funds were found later in casinos in the Philippines, making it impossible to trace the hot money any further.
Internet-connected smart devices from coffeemakers to other gadgets are also vulnerable to cyber criminals.
There will be more hybrid attacks in which physical and online attacks are combined to cause damage, so critical infrastructure, enterprise and industrial system protection is necessary.
For individuals, the survival guide in the digital age is not to trust anyone in cyberspace when you use online banking and other services, as your|personal data are stored in the computer network.
“If you get strange emails, call back,” he said.
Virtually all cyber attackers want your money, so individuals also need reliable security software, he added.
Kamluk said online strangers are comparable to strangers in the physical world like some dubious guys around the corner pretending to ask for directions.
Hunting the hackers
In the end, cyber criminals have their eyes on your money, as seen in cases of massive attacks with ransomware or ATM customised malware.
At the Interpol World Congress in Singapore early this month, Kaspersky held a cybersecurity conference on how to hunt hackers.
The conference showed how private- and public-sector experts work together to collect malware artefacts, map and analyse attacks, and find the trail of hackers responsible for the most sophisticated cyberattacks around the world.
Kaspersky also worked with Interpol, the world’s largest police organisation, to unmask several massive cyberattacks such as the Tyupkin ATM malware attack in October 2014 and the Carbanak bank heist in February 2015.
