Kaspersky urges PH gov’t to take steps in boosting cyber resiliency

“The nature and vectors of crimes have taken a different spin altogether as everything is very focused on the cyberspace and cyber domains,” Genie Gan, Head of Public Affairs and Government Relations for the Asia Pacific and Middle East, Turkey and Africa at Kaspersky, said on the sidelines of the company’s media briefing in Manila held recently. “We are looking at criminal activities taking place in cyberspace.”

Deriving from Kaspersky’s permitted user data, the Philippines climbed from 30th to fourth spot in the most attacked countries in 2021 globally. This is supported by Kaspersky Security Network’s (KSN) data which shows a 432.75% rise (from over 9 million in 2017 to a whopping 50.5 million in 2021) in web threats attempts against Filipino internet users in the Philippines.

Recently, the company released its findings on remote desktop protocol (RDP) attacks on local businesses which increased by 141% from 2019 (2.5 million) to 2021 (6 million). RDP attacks targeted remote workers and the increase can be linked to the rise in work-from-home setup when the pandemic hit and companies were forced to telecommute to ensure business continuity.

More by Genie Gan, Kaspersky
How strengthening ICT supply chain resilience is everyone’s business
Filling the gaps: The story of APAC’s cyber capacity building

The number of mobile malware attacks dropped to 69% from 2019 to 2021 but attackers more than made up for it by devising a more sophisticated strategies. According to Kaspersky, “there are indications that Trojans are injected into third-party ad modules and new Trojans are being discovered.”

Bolstering cyber defenses, not only by the private sector but also by the government, can help mitigate and minimize the severity of the attacks.

Gan pointed out the growing trend in public-private partnerships among governments in the APAC region in terms of building a cyber resilient strategy and infrastructure. This is what she noted in Kaspersky’s APAC Online Policy Forum held four times during the pandemic wherein cybersecurity experts and public officials shared their strategies for fortifying their government’s cyber defenses.

Partnerships with different stakeholders

“A lot of resources and expertise reside with the private sector and we’re able to value add in ways that they never realize could be possible before,” Gan told Back End News. “We have many active MOUs (Memorandum of Understanding) with various governments, which means that we have increased our footprint in terms of public-private partnerships.”

In a separate media release, Gan said the government can start by boosting cyber capacity-building and cooperation efforts in building cyber resiliency.

Gan recommended the following specific action steps for the Philippines’ cybersecurity:

  1. Promote security awareness and digital education for users
  2. Grow talent pool
  3. Public-private partnerships
  4. Regional/ International cooperation

(The regional and international cooperation will enable governments to take measures should criminals launch attacks from another location while victims are in another country.)

In 2018, Kaspersky inked an MOU with the Philippines’ Department of Information and Communications Technology to develop public sector cybersecurity capability.

As part of its initiative to work with different stakeholders, including governments, Kaspersky developed the Global Transparency Initiative (GTI), which also comes with a network of Transparency Centers. Three weeks ago, the company opened three transparency centers Singapore, Tokyo (Japan), and Woburn, Massachusetts (the United States) in addition to existing centers located in Zurich (Switzerland), Madrid (Spain), Kuala Lumpur (Malaysia), and São Paulo (Brazil).

Capacity building

This global network of Transparency Centers serves as facilities for trusted partners and government stakeholders, responsible for cybersecurity, to review the company’s code, software updates, and threat detection rules. The Transparency Centers are fully operational and available for on-site (physical) and remote access.

To address the skills gap in cybersecurity, the GTI also offers Cyber Capacity Building Program to different stakeholders in the public, private, and academic sectors.

“Organizations, industries, and governments will always be lucrative targets for cybercriminals but through collaborative multi-stakeholder efforts, we can explore strategies and expand our cybersecurity implementation as we enhance our confidence and trust in technology,” said Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky. “When a country achieves cyber-resiliency, the digital future no longer becomes a scary unknown realm but a place with endless opportunities for growth.”

(Updated to insert the YouTube video, July 13, 2022)