Kaspersky: SEA should brace for election-related cyberespionage

One of Kaspersky’s predictions, which may shape the cybersecurity landscape this year, is the continued hunt for geopolitical intelligence and this is not only because of the continuing war in Ukraine but also because of elections in some Southeast Asian countries.

Citing the election in Myanmar this year, the first after the coup d’état in 2021, Kaspersky said the hunt for geopolitical intelligence will likely be the cause of the increase in cybersecurity incidents this year.

“The unstable political situation in the country poses threats and opens opportunities for Myanmar’s neighbors as well as global political powers,” said Vitaly Kamluk, Director of Global Research & Analysis Team (GReAT) for Asia Pacific, in a media advisory. “Since the start of 2021, we have mentioned Myanmar in 10 APT reports. We believe that the country will be in the crosshair of geopolitical intelligence operations in 2023.” 

Ransomware continues to be biggest threat to businesses — Kaspersky
Employee negligence that leads to data breaches worries companies 

Quoting a report from Harvard Kennedy School, the cybersecurity company said Singapore is among the top 20 countries National Cyber Power Index. Because of its technological advancement, Kaspersky said it makes an interesting target because of the deep digitalization of its infrastructure.

Cloud security

Singapore’s Cyber Security Agency (CSA) launched The Cybersecurity Industry Call for Innovation (CyberCall) in 2022 to enable companies to innovate on cybersecurity challenges put out by Critical Information Infrastructure and strategic stakeholders in Singapore.

The call highlighted that the country is interested in cybersecurity innovations in cloud security, IoT, OT, as well as privacy-enhancing technologies and AI.

“These could be possible weak spots abused by the attackers,” Kamluk aid. “In fact, the privacy of Singaporeans, for example, has been a long-term concern, especially after multiple data leaks and breaches, including the SingHealth hack in 2018. In addition, Singapore is a big connectivity and hosting hub as well. In the near future, we may observe cyber incidents related to privacy and cloud infrastructure.”

Data regulation

The same concern about privacy can be observed across the region. To help curb attacks on users’ data, laws on data regulation and privacy have been passed last year, particularly the data privacy law in Indonesia and the Personal Data Protection Act (PDPA) in Thailand.

“While 2022 is a milestone year for the region in terms of countries stepping up their regulations to protect users’ data and privacy, it was also the year of major data breaches,” Kamluk said. “Regardless of the sector or industry you are in, businesses and organizations here must know that opportunists are after your data and they will try to infiltrate your networks through all possible means. A comprehensive defense based on actionable and in-depth intelligence is necessary.”

With the majority of cyberattacks starting through phishing email, Kaspersky suggests companies to invest in increasingly comprehensive cybersecurity measures like XDR (eXtended Detection & Response) as well as deploying more thorough user education to raise cybersecurity awareness.

1 reply »