KUALA LUMPUR – Cyberattacks on organisations in critical infrastructure sectors have risen dramatically, from less than 10 in 2013 to almost 400 in 2020, according to US-based tech research and consulting firm Gartner Inc.
The findings come amidst increasing cyberthreats on the construction, engineering, and infrastructure sectors in Southeast Asia as businesses keep growing and embracing new technologies as well as digital ways of working.
These industries face cyber security risks, such as data breaches, phishing attempts, and ransomware attacks that can cost them billions of dollars in losses.
On top of that, the widespread use of unlicensed design software in these industries is risky as it makes them extremely vulnerable to attack.
According to authorities, cyberattacks on the Southeast Asian private infrastructure industry are occurring on a weekly basis.
“Cyber security is a matter that should be prioritised. The recent cases of ‘ghost piracy’ (remotely accessing unlicensed software) serves as a warning on the risks of using illegal software for building Malaysia’s future,” said Domestic Trade and Consumer Affairs Ministry enforcement director Azman Adam.
“The construction and engineering industries must take proactive steps to ensure the design software they use is safe, secure, and compliant with professional standards and Malaysian laws.
“We urge business leaders in the construction and engineering industries to review their software assets today and put sound measures in place to end the use of illegal, unlicensed software.”
In a recent statement, trade group The Software Alliance (also known as BSA) senior director Tarun Sawney said Asean member countries have become a prime target for cyberattacks, prompting the group to launch a survival guide which outlines rising cyber risks and offers advice on how business leaders in Southeast Asia can enhance cyber security for their businesses.
“Because we know business leaders face multiple challenges and may not have the time to commit to studying the issue, we endeavoured to create this survival guide.
“Our hope is that the industries building our infrastructure find it useful – and that it helps to keep us all safer,” he said.
The free e-book, titled A Cyber Security Survival Guide for Construction, Engineering and Infrastructure Businesses in Southeast Asia, will help Southeast Asian leaders in the infrastructure industry identify the threats and minimise the risks that the organisation, their clients, and, ultimately, the public, face.
The free e-book can be downloaded here.
It describes four different types of cyber criminals” unethical competitors seeking an edge by gaining access to confidential data; online criminals who seek financial gain through phishing attacks or demanding ransoms; hacktivists who use cyber intrusion to expose or discredit business activities; and hostile insiders or disgruntled employees who use their access to business data or networks to conduct malicious activity.
“The construction, engineering, and infrastructure industries are often targeted as they typically have high-value transactions and use large amounts of data – elements attractive to cyber criminals.
“Construction businesses use the services of subcontractors and suppliers extensively; these transactions involve large numbers of high-value payments, making them an attractive target for spear phishing, an attempt to trick the business into paying money into the criminal’s account.
“Valuable information in the infrastructure industry such as designs, bid data, material pricing, payroll, profit and loss statements, as well as bank information also appeal to cyber criminals who use them for identity theft or phishing attacks,” he said.
With the rise in threats, Tarun said the survival guide recommends practices for leaders to help protect their businesses from cybercrime.
“These include engaging and training staff on how to keep safe from cyberattacks; ensuring all software is licensed and secure as it is the first approach to cyber defence and security; keeping all IT equipment up-to-date; being cautious when connecting to public Wi-Fi hotspots; avoiding the use of predictable passwords as well as using two-factor authorisation for important accounts; and employing cyber security when collaborating with external parties.”
Earlier in June, BSA launched a helpline to assist business leaders with challenges related to software copyright compliance in the wake of reports on ghost piracy cases in Southeast Asia.
The helpline, along with the survival guide, is part of BSA’s continued efforts to ensure organisations are using the appropriate approach to software compliance in order to keep their businesses safe.
The e-book is available in English, Bahasa, and Thai.
“It includes messages from relevant authority figures in Indonesia, Malaysia, the Philippines, and Thailand, stating the danger of cybercrime, the importance of cyber security, and the recommended practices businesses should take,” Tarun added. – The Vibes, September 21, 2022
_pic._Credits_Unsplash_licence..png)
_flanked_by_wong_(right)_and_haryany_(left)_at_the_museum.jpeg)
