Since 2007, the overall global security industry has grown by about 40 per cent. However, during this same timeframe, legacy security technology went from stopping 97 per cent of all malware to only stopping 40 per cent today. Consequently, the economic impact of cyber crime has grown by well over 400 per cent, creating a worldwide cost impact in excess of US$100 billion. Economic costs of cyber crime are estimated to have grown about 376 per cent since 2007, a much higher rate than the estimated 41 per cent increase in IT-security expenditure over the same period.
In Asia, cyber crime is on the rise and the malware is becoming increasingly sophisticated, just like every other geography in the world. These cyber criminals worldwide are acting with near impunity as the chances of getting caught and prosecuted are minimal. Many countries in Asia have Computer Crimes Acts and associations such as the Monetary Authority of Singapore - who help to not only combat the issue, but to also dissuade attacks by making them harder to successfully execute. However, even these focused efforts are not able to bridge the malware gap. It doesn't matter where cyber criminals are physically located, they will always go after the easiest targets.
Looking at Singapore as an example, where 82 per cent of households have access to a home computer and are connected to the Internet, this provides a large enticing target for attackers. And considering that 34.7 per cent of all computers are infected with worms, just one type of malware, demonstrates that the current reactive security-protection technologies are not keeping up and protecting users anywhere near like the vendors tell you. The cyber criminals have taken the bait and are targeting areas like Singapore and other countries in Asia with high degrees of Internet-connected populations (e.g. South Korea) - and they are winning. They quickly find out what type of attacks in which geo-locations yield high-infection rates and are successful. It's encouraging to see that Singapore recently launched a Cyber Security Awareness Day, which is a great initiative to educate the population about the threat from crimeware.
Real-time detection is vital
The problem with reactive technologies is that they rely on signature-based security technology that is more than 20 years old when they are trying to cope with today's advanced, dynamic and highly targeted malware attacks. Proactive technologies are the future! The ability to detect malicious activity or attacks, without having seen the attacks beforehand, is paramount to successful Internet protection today. In the current economic climate and the increasingly competitive business landscape, some businesses may be tempted to play outside the rules to survive or stay ahead of the game. All businesses need to re-evaluate their risks and the controls they have in place to mitigate those risks.
Sign up for CIO Asia eNewsletters.