What will shape cybersecurity in 2020?

By Nurfilzah Rohaidi

How technology, policy, and processes need to change to overcome evolving cyber crimes.

Cyber attackers learn and evolve at a much faster pace today, devising ever-more sophisticated ways to carry out their nefarious goals.

The consequences could be devastating in multiple ways - besides the loss of sensitive data, the average cost of a data breach to a business is $3.86 million, according to IBM estimates.

Governments need to learn how to adapt, and work with the private sector and citizens to improve cyber safety all around. Three cybersecurity experts discuss what will shape the landscape in the year ahead.

1. Online trolls

The first trend to watch is the evolution of internet trolls. With the existence of “troll farms” and the like, there are ever-more elaborate and subtle methods of manipulating people, said Aivar Jaeski, former Deputy Director of the NATO Strategic Communications Centre of Excellence.

These trolls were intricately designed to target online users in specific ways - for instance, hate trolls spread hate, while conspiracy trolls spread conspiracies. Attachment trolls, on the other hand, create chaos by infecting computers with malware and spyware, Jaeski said, referencing a real-life example where this happened: his native Estonia.

When anyone with a WiFi connection, anywhere in the world, is able to be an information creator, it becomes a lot trickier to stop them from influencing others, he continued. “The manipulation that we have observed was created in order to create confusion, mistrust, destabilised and hamper political decision makers - but it is sometimes very, very dangerous,” Jaeski noted.

2. Cryptocurrencies

Cryptocurrencies play a massive role in enabling illegal cyber activity, according to Alexandru Caciuloiu, Cybercrime and Cryptocurrency Advisor at the United Nations Office On Drugs and Crime (UN ODC). A digital payment system that promised anonymity, criminals naturally gravitated towards cryptocurrency - and developed the dark web as a result, he said.

Law enforcement constantly needs to be a step ahead, he said. “Cryptocurrencies are being used by criminals to launder money; they're being used to finance terrorism; they're being used by criminals to pay for illegal services. Because of that, governments need to adapt,” Caciuloiu explained.

He works with public safety agencies and central banks around the region to develop regulations for cryptocurrency, allowing suspicious transactions to be traced. Prosecution and conviction processes are important too: “We have to work with law enforcement and governments around the world to train them how to make investigations and how to conduct these types of cases,” he went on to say.

Faced with this complex new reality, how else can governments adapt their defences? First and foremost, Asia needs to have a clear definition of what constitutes a cyber threat. “There is no universally accepted definition of cybercrime,” Caciuloiu said.

In addition to threats such as malware, ransomware and advanced persistent threats, some countries in the region also consider extortion, internet scams and defamation as cybercrimes, he went on to say.

3. Transparency during crises

Does the buck stop with the government? Private sector cybersecurity firms have their role to play, too. There are ways for companies and governments to communicate better with each other - and with citizens - to manage and contain any crises as much as possible.

For instance, when Indonesian airline Malindo air suffered a massive data breach last year, it was a cybersecurity firm that broke the news. Their investigation revealed that the data of 30 million passengers had shown up on the dark web, according to Wan Zuhamli Bin Wan Abdul Rahman, Head of Strategic Research & Advisory at Cybersecurity Malaysia.

He went on to point out how organisations sometimes avoid reporting these breaches and other such incidents, fearing a blow to their reputations. But with so many incidents happening on a day-to-day basis, it certainly helps everyone to be transparent and share knowledge, according to him. “Let's say the data in the dark web was not reported to us. We may not know what the issues are,” Wan Abdul Rahman said. “Cybersecurity in the current situation - you cannot work in siloes.”

UN ODC’s Caciuloiu works closely with these firms as well, as they “see a different part of the cyberthreats” that governments may not. The UN ODC is currently working on a cyber crime and threat assessment report of Southeast Asia, after which “we will have a lot more definite threat picture”.

Meanwhile, NATO’s Jaeski shared how in 2007, when Estonia suffered the first known cyber attack on an entire country, public and private sector banded together in response. “With the private sector, banking services, also media service providers, they stood up and worked together in order to raise resilience and protect the networks under the DDoS attack,” Jaeski shared.

All these trends form the new cyber battlefield, blurring the lines between online and offline threats. The response needs to change too, so that governments can continue to protect citizens both physically and virtually.

Panellists were speaking at GovInsider Live, held at the UN Conference Centre in Bangkok on 16 October 2019.