Even though much of the world has been growing accustomed to hearing the term 'cyberthreat', 2017 was a year when cybercriminals really turned on the screws - and that may just be the tip of the iceberg of things to come. From Ransomware to Data Leaks to State-sponsored cybersecurity incidents, increasing large red flags are being hoisted. Will 2018 see a continuation of this trend?
According to new F-Secure new Asia-Pacific and Japan Head of Corporate Business Keith Martin (pic below), the threat landscape has moved far beyond its modest origins and grown into a global nexus of individual players, organised syndicates, and even nation-states.
"With unparalleled access to resources and technology, we strongly believe that modern cybercriminals are already using new-age tech to plan and augment their attacks. It is highly likely that 2018 will bear witness to several first-of-a-kind security incidences, including AI-driven attacks, Big Data-driven attacks, attacks targeting cloud networks, and cyberespionage endeavours," said Martin, who has lived and worked in Japan for more than 25 years, centred entirely on the IT industry.
Prior to joining F-Secure in 2015 as Country Manager for Japan, he spent a decade in the telephony and contact centre space, first working for four years in Avaya Japan as Director of Multinational Account Sales, followed by six years serving as Japan Country Manager for Interactive Intelligence, a pioneer in cloud contact centre technology.
Before that, Keith also spent three years at internet startup ValueCommerce helping build their web hosting platform business before the company was acquired by Yahoo Japan. He got his start at global IT services provider EDS (now HP), delivering IT services to numerous financial industry accounts.
Martin believes that most of these attacks will come from cybercriminals. However, as many international blocs lock horn with each other, and with alleged involved of certain nations in well-known cyberattacks, the possibility of continued state-sponsored cybersecurity incidents cannot be ruled out.
While Ransomware was a huge threat last year, Martin also believes that these have now largely been contained, although the threat of another major incident remains. Ever-increasing digital penetration and the interconnected nature of today's world means that any vulnerability in any one network could very well end up compromising the security perimeter across multiple networks.
As a reminder towards caution, Martin urges a look back at the havoc that ransomware attacks such as WannaCry and NotPetya wreaked on a global scale.
"The most striking thing about both these attacks was that they leveraged similar attack vectors, methodologies, and the same system vulnerability - a vulnerability which was fixed well before the first attack took place. All it took for cybercriminals to breach the security perimeter and bring half the world to its knees was a single vulnerable node that had not run the update patch. Given how riddled with vulnerabilities the global IT infrastructure is, such attacks will only increase, both in size and in sophistication," he said.
Brace for the IoT wave and probable consequences
The next generation of consumer electronics will work in tandem with networks as IoT devices. Security cameras, smart TVs, self-driving cars, all emerge as growing hotspots with large targets painted on them for cybercriminals.
As with any new technology, these and all like them come with a potential host of vulnerabilities that are not even discovered in time to prevent exploits, let alone fixed. The same applies to the IoT infrastructure, which has already been used for some of the most sophisticated cyberattacks to be conducted in recent times.
Take, for instance, advanced persistent threats, which keep a low profile by disguising their signatures in the data traffic and gradually penetrate deeper into the network. The massive Dyn attack that led to the service disruption for Twitter, PlayStation Network, Electronic Arts, Amazon, Airbnb, and many other companies across the globe used this approach, creating a large-scale botnet of IoT devices comprising security cameras, monitors, and printers.
"This is why the rapid deployment of IoT for across-the-board use-cases, from commercial and administrative applications to smart homes, without implementing relevant security measures is such a worrying development," says Martin.
Smarter devices, smarter cybercriminals
Artificial Intelligence (AI) development is one of the rising stars of the digital evolution this time and looks to be raising the bar in gold standards in technology. Sadly, much like cybersecurity professionals, cybercriminals have also been upping their game.
Blooded now through their past years' experiences in massive wave attacks across the globe, cybercriminals have become increasingly dangerous. These individuals, and in some cases organisations, already understand how the latest technology works and have been proven willing to use it to meet their own malicious ends.
"With recent breakthroughs in the field of Artificial Intelligence making it better and more efficient, it won't be long before we see cybercriminals leverage this innovative technology to launch AI-led cyberattacks," predicts Martin.
For this and many other reasons, F-Secure has already been preparing by mounting their own AI-driven defences. By shoring up existing cybersecurity capabilities with cutting-edge technologies such as AI, Big Data, and machine learning, F-Secure is attempting to anticipate and be ready for any and every future threat.
F-Secure has seen remarkable growth over the years and this can be attributed to diversification, both in terms of product portfolio and market strategy. The company has carefully analysed market dynamics and identified the urgent need for a more comprehensive approach towards cybersecurity. This led to it pivoting from being an antivirus company to an end-to-end cybersecurity solution provider.
"We are a very customer and partner centric company and are constantly looking to build on this differentiation by gathering first-hand inputs from our channel partners across markets. This proactive approach allows us to add to our existing product portfolio and building new technologies and features and solutions in keeping with the rapidly-evolving global cybersecurity landscape," concludes Martin.
A safer future with F-Secure
F-Secure is continuing to strengthen its technological foundation and is leveraging state-of-the-art technologies to build a robust and agile cyber defence framework. Apart from progress in developing AI-led security solutions, the company has also been integrating Big Data-based algorithms into its cybersecurity approach to proactively identify and mitigate threats.
2018 will see many more enhancements to existing security strengths. At the same time, F-Secure will constantly be on the lookout for any new developments in the global cybersecurity domain that will help further strengthen its defences.
On the business front, F-Secure also continues to look at and evaluate all potential M&A targets as part its long-term vision for driving growth in the Asia Pacific region. The rapid growth it has registered recently is a result of the company's hybrid approach to business expansion, which maintains the perfect balance between the scalability of M&As and the sustainability of organic growth.
A decade of partnership with Malaysia
Outside of Finland, F-Secure's only other development centre is in Bangsar South, Kuala Lumpur. The company's relationship with Malaysia dates back more than a decade and has been kept strong with close ties to Malaysia Digital Economy Corporation (MDEC) and have remained highly beneficial.
In turn, it too has learned from the Malaysian market.
"Businesses here are thriving and digitization is on the rise. The increasing digital penetration is also the reason behind a rapid increase in the number of cybersecurity incidences in the country. Some of these incidents are very similar to other incidents across the globe, while some are wholly unique to the Malaysian market," commented Martin.
Martin believes that as cybersecurity experts, this gives them a lot of food for thought and helps them in coming up with comprehensive and highly personalized security solutions that are designed keeping in mind the specific requirements of Malaysian businesses.
Given the close similarity that other developing economies such as Hong Kong, India, Philippines, Thailand, and Indonesia bear to the Malaysian market, the company has deployed several innovative solutions across the Asia Pacific region based on the security insights drawn from its experiences in Malaysia.
Sign up for CIO Asia eNewsletters.