Almost half of threats detected in Asia Pacific are targeted threats
In talks with Malaysian telcos to offer security solutions via the cloud
MALAYSIA was one of the top 10 countries exposed to advanced persistent threats (APTs) in Asia Pacific and Japan (APJ), with variants from the malware families DarkComet and Mirage being used in more than half of the attacks, said cyber-security specialist FireEye Inc in its recent Advanced Threat Report for the APJ region.
In the report, it was also revealed that close to half of malware detected in the region were targeted malware. For FireEye Asia Pacific vice president and chief technology officer Bryce Boland (pic), the findings of the report were extremely alarming.
“This means that there is a person behind the attack specifically going after those companies. Close to 50% of malware were targeted, that’s a lot. This is no longer an opportunistic attack, it is a focused attack,” Boland told a media briefing in Kuala Lumpur on Aug 20.
“When someone is targeting a company or government, they won’t stop when they don’t succeed. They will keep trying,” he added.
During the media briefing, the company demonstrated how easy it is for a cybercriminal to infiltrate a company and steal data from it.
Hackers can simply disguise themselves as job applicants and send docx résumés to the human resource department. The malicious code, embedded inside the Word document, would become active once the file is opened.
“Many companies do not even realise that such threats may be already in their system,” Boland said.
To counter these targeted threats, he said that FireEye will help its customers to build a specific environment that will allow the company to see all the behaviour of the piece of code.
“We have a sophisticated algorithm that can classify any sets of code, traffic and documents, into whether they are malicious or not.
“The mentality that companies should have is that these targeted threats have a high chance of already being in the system. So the key now is to detect them quickly and address it quickly,” he said.
Meanwhile, FireEye Malaysia country manager Alan Yeow said that the company is in talks with telecommunications service providers to offer security solutions via their cloud platforms.
“Talks are still underway. However, if they go through, we are talking about offering services to the enterprise market.
“Telcos today sell lines, so the thing is lines are not fully equipped to address targeted threats. If everything goes smoothly, we will end up bundling it as a service, as a check-box for the enterprise customers to select.
“Customers which want to address these threats will just add the service on top of what they plan to subscribe to on the existing platform,” said Yeow.
There are also plans to offer security services to the consumer market, he said, adding that this would however come at a later stage.
Yeow declined to reveal which telecommunications service provider FireEye Malaysia is in discussions with.
Advanced threat activities by Iran-linked group: FireEye
Govt malware: Why and how it’s used, and is it cyber-war?
Cyber-war: Time for our agencies to step up
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.