ISMG's Weekly Cybersecurity News in APAC
Every week, ISMG rounds up the latest and the most impactful cybersecurity news and developments from across the Asia-Pacific. This week, our editors look at the role of AI in tackling human error and how banks could reduce instances of payment fraud by giving their customers more flexibility in instant payments.
We also covered how nation-state actors are tapping into legitimate cloud systems to spy on organizations, Singapore’s first quantum-safe network, North Korean espionage attacks on South Korea’s construction industry, and cyber incidents becoming more worrisome for Australian CEOs than natural catastrophes or macroeconomic flip-flops.
Don't miss the blog by Sujit Christy's expert blog on managing supply chain risks
Human error is a major contributor to payments fraud, but only about 5% of organizations have fully automated their payment processes to reduce mistakes. Experts say artificial intelligence-enabled automation will help reduce risks, but the potential benefits of AI-based automation are limited by the costs, time and resources needed for integration with complex payment ecosystems. In a deep dive on the role of AI in battling the menace of human error, ISMG editors gauged insights from payment industry experts to pen down the top challenges that banks and financial institutions face when using AI-based solutions, but also look at ways some organizations have done it right.
Cybersecurity company Symantec says it uncovered three cyberespionage campaigns that used legitimate cloud services, including Microsoft OneDrive and Google Drive, to host their malware infrastructure and carry out attacks. All three espionage operations targeted victims in East and Southeast Asia. Symantec also found cyberespionage actors using Microsoft OneDrive to host a multi-stage backdoor in attacks against IT services companies in the U.S. and Europe.
领英推荐
Singapore-based telecom giant Singtel launched the country's first quantum-safe network across its identity and authentication platforms to help enterprises protect data from potential future quantum computing-related threats. The telecommunications company on Thursday offered to let enterprises to test the National Quantum-Safe Network Plus, or NQSN+ technology, prior to adoption.
Several South Korean agencies, including the National Police Agency, the National Intelligence Service and the Cyber Operations Command, said in a joint cybersecurity advisory this week that the two North Korean cyberespionage groups - Kimsuky and Andariel - exploited website and software supply chain vulnerabilities to infect the systems of domestic construction and machinery organizations. The latest cybersecurity advisory follows a similar one earlier in July in which U.S., British and South Korean government agencies blamed Andariel for targeting their defense, aerospace and energy sectors to steal Western nuclear and military technologies to advance Kim Jong Un regime's military and nuclear ambitions.
The 2024 edition of the Allianz Risk Barometer has set the facts straight when it comes to measuring the impact cybersecurity risks have had on organizational decision-makers over the past year. For the first time in history, Australian executives ranked the possibility of cyber incidents as the greatest risk to their businesses, ahead of natural catastophies such as extreme weather events or wildfires; supply chain risks; macroeconomic developments; or a shortage of skilled workers. Cyber incidents were also ranked as the top risk by business decision-makers in India and Japan, but ranked lower than business interruption events in South Korea, Singapore, Malaysia, and Thailand.
In today's interconnected digital landscape and global economy, chief information security officers face an increasingly complex challenge: securing not just their own organizations, but also the intricate web of suppliers, vendors and partners that make up their cyber supply chain. The cyber supply chain encompasses all entities involved in the development, production and distribution of IT products and services, including hardware manufacturers, software developers, cloud service providers and even the vendors used by direct suppliers.