GlobalSign Blog

Optimize Cybersecurity; Avert Wasted Revenue Potential

Optimize Cybersecurity; Avert Wasted Revenue Potential

CYBERSECURITY PROVIDES SIGNIFICANTLY wide, experience-defining services used by billions worldwide. Much like electricity, it’s so quiet in its efficiency that we only really notice when it’s gone. In the 70s and 80s all we really thought we needed was antivirus, until all of Earth went online in the 90s. Technology mirrors biology as threats merely diversify and multiply as we live and breathe today.

Countries with Reliable Cybersecurity in Asia (Warning: Major Caveats)

Malaysia, Singapore, and South Korea lead cybersecurity awareness and preparedness to prevent and manage cyber threats in the Asia Pacific (APAC) region. All three countries have strong data protection, privacy, and cybersecurity acts dedicated to the task.

Discounting the actual state of preparedness, though, a surprising 85% of Malaysian companies profess moderate to high level of confidence in their cybersecurity defenses. Malaysia remains to be involved in and targeted by a significant number of cyberattacks and data leaks, which raise questions about the country’s readiness to face threats within the evolving landscape.

In the same vein, more can be done to leverage cybersecurity in Singapore towards increased business revenue. Its story is similarly unhappy in that most of their organizations had encountered at least one cyber incident in the year before being surveyed. Granted, they have adopted 70% of essential security measures in hardware and software configuration, access control to data and services, and software updates on devices and systems. This adoption rate is reasonably encouraging, but if reaching actual revenue potential is the goal, 70% is not enough.

Meanwhile, small and medium enterprises in Singapore have higher adoption rates in terms of software updates and incident responses, but they struggle in virus and malware protection and access control, where the adoption rate was well below 20%.

There’s also a real lack of knowledge or experience to implement cybersecurity effectively, given the metastatic nature of viruses. This has contributed to the pervasive issue of critical talent shortages in that even the most sophisticated organizations struggle to keep up. This is something that not just Malaysia, but the entire globe can relate to.

Cybersecurity’s Importance in Countries with High Data Breach Density

Countries with the highest data breach density in APAC include Australia, Hong Kong, Indonesia, Philippines, and Thailand. Interestingly, a significant number of these have occurred to health insurers and related organizations.

  • AU (OCTOBER 2022) A cyber-hack compromised data of nearly 4 million Medibank Private Ltd (Medibank) customers. It warned of a USD$16 million to USD$22.3 million hit to first-half earnings, as reported by Reuters. Shares in the company fell by 14%.

    “This is a terrible crime – this is a crime designed to cause maximum harm to the most vulnerable members of our community,” Medibank said in a statement covered by Reuters.

    The Medibank hack is the latest in a string of alarming incidents in Australia. Optus, one of its largest telcos, said about 10 million customer accounts (40% of the Australian population) had data taken by a hacker demanding payment.

  • ID (MAY 2021) Universal health coverage provider BPJS Kesehatan alleged breach of personal data involving millions of people. Reuters has reported that the trove of social security data stolen from the state health insurer could be used for fake online loan applications. It was posted on a hacking forum.

    According to The Jakarta Post, the private information of more than 200 million Indonesians alive and deceased includes their full names, email addresses, phone numbers, ID card numbers, dates, and places of birth, as well as salary details.

  • PH (SEPTEMBER 2023) After the Medusa ransomware infected the systems of state health insurer Philippine Health Insurance Corp. (PhilHealth), cyberhackers posted the stolen data on the dark web, and have demanded a ransom of USD$300,000 as reported by The Philippine Star.

    Medusa is distributed by exploiting publicly exposed Remote Desktop Protocol servers either through brute force attacks, phishing campaigns or by exploiting existing vulnerabilities. When executed, it terminates more than 280 Windows services and processes for programs that could prevent file encryption.

    Containment measures have been taken and PhilHealth’s system has returned. According to PhilHealth, no information has been compromised; the agency assures its more than 104 million Filipino members that benefits can still be availed from accredited healthcare facilities. They, however, remain mum on the ransom demand.

  • TH, MY, HK, PH (MAY 2021) Branches of insurance giant AXA based in Thailand, Malaysia, Hong Kong, and the Philippines were struck by Avaddon ransomware group’s cyber-attack. Curiously, the announcement of the attack came days after AXA’s cyber-insurance policies dropped support for ransom payments.

    Avaddon claimed that they had stolen 3 TB of sensitive data belonging to AXA including customer medical reports (including sexual health diagnosis), claim forms, payment records, bank account statements, private fraud investigations, agreements, denied reimbursements, contracts), national ID cards, passports, etc. Some of it was leaked on the group’s site.

    Additionally, Bleeping Computer observed an ongoing Distributed Denial of Service (DDoS) against AXA's websites based in Thailand, Malaysia, Hong Kong, and the Philippines making them inaccessible for a few hours.

    Noteworthy that Avaddon announced the shutdown of their operations in June 2021, and gave thousands of victims a decryption tool for free, as reported by ZDNET.

Organizations teaming up to seek worthwhile resources together to address these challenges as one puts an incredibly heroic dimension towards accelerating a nation’s investment in (cyber)security. In the Philippines, we call this spirit of communal unity and cooperation, “bayanihan,” from the word bayan meaning town, nation, or community. The word literally means “being a bayan,” which, in both a modern and ancient sense, is now impossible without cybersecurity.

Better Cyber Safe Than Sorry: Cybersecurity Awareness and Measures to Adopt

Upgrading existing solutions, deploying new technologies, and seeing the real value in raising cybersecurity awareness and investments are key points to sell to your organization’s board of decision makers. First, there must be secure configuration settings for hardware and software. Second, organizations need to control access to data and services. This is where GlobalSign’s Managed Public Key Infrastructure (PKI) can come in as a dedicated Certificate and Identity Authority offering SSL Certificate Management & Automation, IoT Certification, and Authentication. Thirdly, organizations are well-advised to do prompt software updates on devices and systems.

You might have questions in mind after reading this article, which we can quickly answer over the phone or via email. If you’re interested, schedule a quick chat (or maybe even a demo) with us at today!

Share this Post

Related Blogs