Three weapons for the new cyber battlefield

By Yun Xuan Poon

Biometrics, education and global partnerships will help nations and organisations safeguard their networks.

The cyber battlefield is an unforgiving place. You must narrowly avoid ambushes in the dark of the jungle, fighting to keep the unrelenting drones of bugs and viruses back. You’re exhausted, but you can’t afford to stop - another wave is always coming.

Cybercriminals attack their targets from every angle. At a time when people are under more distress, countries and organisations have to constantly be on guard to stop malicious attempts to steal money or valuable information.

Huang Shaofei, President of Singapore Computer Society Cybersecurity Chapter, shares three ways organisations and nations can defend their networks.

1. Enter the Armory

There are three tech tools that can help boost cybersecurity: biometrics, analytics and AI. Huang explains.

Replacing passwords with biometric verifications can be particularly useful against social engineering threats, Huang believes. These types of attacks usually seek passwords through personal conversation, but human features such as fingerprints, facial features and gait, are impossible to steal and difficult to replicate. “Passwordless authentication really reduces the chance for security and credential risk,” he said.

Biometric authentications aren’t limited to just physical traits, either. Behavioral biometric tools can pick up on subtle patterns that users may not even be conscious of. For instance, cybercriminals who would be very familiar with computer programmes could give themselves away when they use an unusual keyboard shortcut.

One bank has successfully used behavioral biometrics to weed out fraud, wrote Information Age. The Royal Bank of Scotland was able to stop an unauthorised online transfer of a seven-figure sum. Its behavioural biometrics tool identified that the person used the scroll wheel on their mouse and used the number keys at the top of the keyboard rather than on the right - two things that the actual owner never did - and blocked the transfer.

Voice, geolocation and the device can also aid security staff in identifying impersonators, according to a McKinsey & Company report. With more e-transactions happening now, there is a huge opportunity for hackers, and fraud analytics will be part of the cybersecurity strategy going forward, Huang said.

Many cyber defense responses can be automated, Huang said, which will be useful as stretched security teams battle an increasing number of threats. Ideally, when threats are reported, they will be assessed by humans straightaway, but “that doesn't happen in the real world, unless you have a huge security budget that most organizations do not have,” he said.

2. Education and awareness

Companies should use employees as their “eyes and ears” on the ground, Huang said. Although security teams aren’t able to see everything going on within their network with remote working, they can get employees to flag suspicious emails as they pop up.

The same principle extends to national measures against bogus emails. The UK’s National Cyber Security Centre, for one, has launched a service for the public to forward suspicious emails for investigation.

Good cybersecurity goes beyond buying the latest tools in the market, said Huang. “The most important part is educating and increasing awareness amongst employees to know what they are dealing with in terms of the threats,” and what they should do when they are attacked, he explained.

Governments will have a role to play in helping citizens stay safe against cyber attacks, said Chief Executive of Singapore’s Cyber Security Agency, David Koh recently. This is important for Singapore, where citizens “do not yet have these instincts” in the cyber world for avoiding suspicious emails or messages, told a World Economic Forum webinar.

The need to train these instincts has grown more urgent. Singapore has seen a rise in phishing scams during its lockdown period, reported CNA. The government will continue to teach cyber hygiene skills to the public - a process that “had already started and was moving on gradually” before the pandemic, but will accelerate now that citizens work from home “almost exclusively”, Koh said.

3. Sharing information

Sharing intelligence is something that cybercriminals do very well, said Huang, but the good guys “don't do as much or as well”. “That really is a disadvantage to the people who are trying to defend the systems because you do not know what the threats are,” he added.

This needs to be done on a global scale. “Whilst Covid-19 and cybercrime threats related to this crisis are global, responses must also be global: countering cybercrime in one jurisdiction reduces risk around the world,” the United Nations Office on Drugs and Crime wrote in a cybercrime and Covid-19 report.

Singapore is one country that recognises the need for regional cyber efforts. It established the ASEAN-Singapore Cybersecurity Centre of Excellence, which will have a S$30 million budget over five years to conduct policy and technical cybersecurity training.

“It is important not just to build defense for cyber threats of today but also to develop infrastructure, capabilities, and relationships that will enable us as an international community to tackle cyber challenges of tomorrow,” said Cyber Security Agency Singapore’s Koh in a press statement.

Countries have also made moves to strengthen internal sharing. Israel has set up a data centre that pools information on cyber attacks to bolster the defenses of banks and other critical institutions, Brigadier General Doron Tamir, former Chief Intelligence Officer of the Israeli Military, told GovInsider.

It’s time for cybersecurity teams to put on their armour and take up their shields. As the cyber tanks advance, biometrics, cyber hygiene education and global collaborations will help organisations stand their ground.