Jakarta, 7 February 2023 – The current acceleration in technology use is accompanied by increased threats and cyberattacks targeting individuals, businesses, governments, and nation-states. Cybercrime is the third largest cause of global economic loss, with losses predicted to reach USD 10.5 trillion in 2025*. Understanding the gravity of the situation, Microsoft released the Microsoft Digital Defense Report 2022, which dives into today’s most pressing cybersecurity issues, and Cyber Signals December 2022, which offers experts’ perspective on the current cyberthreats landscape, and discusses tactics, techniques, and strategies used by global threat actors.
“Cybercriminals continue to act like a business. They develop new techniques to implement their actions, increase the complexity of attacks, while at the same time generating new sources of crime economy through the sales of simple tools or manuals that make it easier for other cybercriminals to carry out their attacks – even without any technical skill,” said Panji Wasmana, National Technology Officer of Microsoft Indonesia.
“In the latest two Microsoft reports, we first highlight the two most prevalent cyberattacks, ransomware and phishing, before setting them in the context of national security threats. Furthermore, we also underline the risks of convergence of IT systems, Internet-of-Things (IoT), and Operational Technology (OT)** to critical infrastructure, and how we can protect ourselves from various attacks,” Panji continued.
Cybercrime Landscape
According to the Microsoft Digital Defense Report 2022, the number of password attacks is estimated to reach 921 attacks per second, an increase of 74% in just one year. Many of these attacks result in ransomware attacks, leading to more than doubling ransom demands. In the past, most ransomware targeted individuals. However, human-operated ransomware–which targets businesses and government institutions alike–has recently become more dominant, with criminals behind these attacks successfully infiltrating a third of organizational targets, with 5% resulting in ransoms.
At the same time, phishing emails exhibit a consistent upward trend from year to year. Phishing attacks—a common entry point for most cyberattacks—have increased by more than 300% worldwide, with more than 710 million phishing emails blocked each week in 2021. Among the various phishing models, business email compromise (BEC) scheme is on the rise, with BEC lure—which uses emails to trick victims into sending money or disclosing confidential company information—dominating the BEC theme by up to 79.9%.
The two cyberattacks were also employed by nation-state threats—cyberthreats from certain countries with the clear intention of advancing their own country’s national interests. In recent years, nation-state threats have heightened international tensions, further emphasizing the importance of strengthening cybersecurity posture. Microsoft’s findings in Digital Defense Report 2022 show that attacks targeting vital national infrastructure increased by 40% in the past year, with the IT, financial services, transport systems, and communications infrastructure sectors as the main targets.
Responding to this situation, Ajar Edi, Director of Corporate Affairs at Microsoft Indonesia emphasizes the importance of integrating cloud computing technology into critical systems and infrastructure. This is because cloud computing services operate on secure data center networks around the world, have reliability in data backup and disaster recovery, and can offer security from their service providers through technology that can protect various elements of society and the nation from potential cyberthreats.
“Digital resilience cannot be separated from the government’s role, namely creating policies that support the acceleration of cloud computing technology, cross-border data policies, and cybersecurity adoption. This is a spirit that has been reflected in the Bali G20 Leaders Declaration and Law No. 27 Year 2022 regarding Personal Data Protection (PDP),” said Ajar. The next task is to prepare derivative regulations for the PDP Law and harmonize other regulations to support the nation’s digital economy ecosystem.
Cybersecurity Practices in Banking
As a crucial sector that needs to uphold cybersecurity, the financial services industry is required to protect the confidentiality of its customer data from all potential cyberthreats according to applicable laws, including the PDP Law.
One of them, Bank Central Asia (BCA), consistently strives to increase customer and employee understanding of the potential and impact of existing risks, ensures that the company always complies with relevant government regulations, and adds layers of security. The Bank does this by requiring learning about cybersecurity during employee on-boarding, establishing a special team that focuses on protecting and strengthening cybersecurity, and working with technology provider companies such as Microsoft to ensure company systems remain secure, among others.
“Oftentimes, our employees need to access important documents remotely. However, remote access is also not free from risks. After conducting comprehensive due diligence, we have decided to work with third-party technology providers, including Microsoft, who can help us mitigate these potential risks. Microsoft, through Microsoft InTune, helps protect our end-point devices, both by using Multi-Factor Authentication, the Encryption feature, and in building a Company Portal,” said Lily Wongso, Executive Vice President of IT Security BCA.
Adopting the Latest Cybersecurity Practices
Technological updates and innovations that continue to grow rapidly, such as increased connectivity for the convergence of IT, IoT, and OT, encourage individuals and corporations alike to regularly review and strengthen their access control and implement the latest security strategies. This is relevant as outlined in Cyber Signals December 2022 that:
- High-severity vulnerabilities in industrial control equipment manufactured by popular vendors increased by up to 78% from 2020 to 2022.
- High-severity vulnerabilities were found in 75% of the most common industrial controllers in customer OT networks.
- Over 1 million connected devices publicly visible on the Internet running on Boa, an outdated piece of software that is no longer receiving official support but is still widely used in IoT devices and software development kits (SDKs).
Therefore, basic security hygiene needs to be widely implemented. Microsoft Digital Defense Report 2022 shows that 98% basic security hygiene can protect us from 98% of cyberattacks. The five steps of basic security hygiene are:
- Apply Zero Trust principles: a) do not assume, but verify explicitly, b) use the least privileged access, c) build confidence that every element in the system used can be breached.
- Use multi-factor authentication (MFA) to verify a user’s identity. Some examples of MFA include non-password technologies such as biometric device systems, Windows Hello, or the Microsoft Authenticator app when the hardware does not have a biometric system.
- Use anti-malware
- Keep your hardware and software up to date, for example, by updating Windows regularly.
- Protect data. When storing documents on OneDrive, for example, data can be protected by creating a strong password, adding security information to a Microsoft account, using MFA, and enabling encryption on mobile devices.
###
* Cybersecurity Ventures 2021 Report
** OT is a hardware and software combination of various programmable systems or devices that interact with the physical environment (or manage devices that interact with the physical environment). Examples of OT could include building management systems, fire control systems and physical access control mechanisms such as doors and lifts.