On the sidelines of Asia Tech x Singapore (ATxSG) 2023, Yeo Siang Tiong, general manager, South East Asia, Kaspersky, talked about how the company is leading the way to foster cyber immunity against a rising threatscape. In an interview with Telecom Review Asia, Yeo emphasized how Kaspersky has adopted a preventive approach rather than being reactive when dealing with cyber threats.
Can you provide an overview of the current global cyber threat landscape and the most significant trends or developments that you have observed recently?
In recent years, there has been a significant surge in cyber threats. In 2019, for instance, we observed approximately 300,000 unique malicious files being collected daily. By December last year, this figure had risen to a staggering 420,000 new and unique malicious files per day, which becomes a cause for concern.
To provide further context, during the short span of time in this interview, we would have already collected 4,500 malicious files. This sheer volume highlights the gravity of the situation.
The current threat landscape comprises a mix of amateur players to highly skilled professional hackers. The extent of damage incurred depends on the capabilities and intentions of these threat actors.
Artificial intelligence and machine learning are increasingly being utilized by both cybercriminals and cybersecurity professionals. How are these technologies shaping the future of cyber threats and cybersecurity?
Kaspersky operates in a dynamic landscape where the sheer magnitude of 420,000 new malicious attacks gathered daily presents a significant challenge. To effectively address this, we employ a combination of AI-based algorithms and human-machine learning processes. In this case, these tools are essential to distilling the vast amount of data to benefit our customers.
But, of course, a tool is a tool. If these tools fall into different hands and are used differently, they have the potential to cause significant damage. While some are already leveraging AI to automatically generate malware, the most damaging and sophisticated attacks are still carried out by professional hackers.
As a cybersecurity company, we are vigilant in tracking the activities of professional hacker groups worldwide. In just three years, our monitoring efforts have expanded from tracking over 200 groups to close to 900 professional hacker groups. These multinational entities are very well organized and well funded, and they inflict damages that pose substantial risks.
The key point is that AI can be used for malicious purposes. For instance, the generation of phishing emails presents a growing concern. Previously, the authenticity of such emails could be discerned through grammatical and spelling errors. However, with generative AI, these emails can now appear much more professional, making detection and prevention more challenging for us. As such, we need to stay ahead to address any loopholes.
We have been fronting cybersecurity for the last 26 years and continue to maintain our lead in this domain. We recognize that, in this ever-evolving landscape, staying ahead requires brushing up on knowledge. But we have also realized that a reactive approach is no longer sufficient from a technological standpoint. The focus has shifted towards prevention rather than mere reaction. As a result, we are actively advocating the concept of cybersecurity immunity.
We have recently developed an operating system (OS) that is compatible with different hardware, allowing it to be utilized in securing Internet of Things (IoT) devices, essentially ensuring robust security from the core.
We have observed that IoT device manufacturers often prioritize electronic product functionality over cybersecurity. Therefore, having a cyber-immune OS developed from scratch becomes paramount in safeguarding these devices. By pioneering the concept of immunity and introducing our cyber-immune OS, we aim to establish a new standard in IoT device security and advance the resilience of connected systems.
As the world becomes more interconnected and reliant on technology, how does Kaspersky help organizations enhance their cybersecurity posture to better protect against evolving threats?
Kaspersky’s cyber-immune OS is a long-term solution, as it needs to be incorporated into the OS of devices before they are manufactured at scale. In the interim, we leverage extensive telemetry based on the information we have gathered about malware over the years.
This data forms the foundation of our various product offerings, ranging from software embedded in devices like mobile phones, PCs, laptops, and servers, both on-premises and cloud-based, to network anomaly detection software. All this information is then correlated for us to enable automated detection and response mechanisms.
For customers already equipped with sophisticated software solutions, the strategic advantage lies in our threat intelligence capabilities. With our monitoring of over 900 professional hacker groups, we gain insights into their behavior and the software they employ. Leveraging this intelligence, we provide early warning signals to larger customers with dedicated security teams, allowing them to proactively protect their environment.
Our threat intelligence offerings include incident response services that help customers clean up the whole environment, close up backdoors and identify the source of breaches, thereby enabling them to enhance their resilience for future incidents.
Education is also a key aspect of our approach. We offer gamified cybersecurity courses to empower regular IT users with a better understanding of cybersecurity. Our researchers also train security teams to effectively safeguard their customers' security teams. As we monitor and have continued exposure to different threats around the world, we offer customized updates and ongoing training for customers whose exposure is specific to their unique environment.
Can you share with us some partnerships?
We have partnerships in different forms. In the consumer market, we offer products tailored for home users and telco users. We partner with telcos so they can bundle our products with fiber-to-the-home products or their mobile phone plans. We also work with telcos as our customers, as telco infrastructure serves as the backbone for connectivity.
We also partner with governments. For instance, we work with many governments at the regulation and security agency layer to help them build nationwide security infrastructure. Hence, there are multiple fronts that we work on.
Looking ahead, what do you envision as the future of cybersecurity? Are there any emerging technologies or trends that you believe will significantly impact the industry in the coming years?
Cybersecurity will continue to be relevant in our evolving digital landscape. Through some of the initiatives that we are advocating, such as cyber immunity, we hope that with greater awareness, security becomes an integral part of the design process rather than an afterthought. This alone would be a significant milestone in the evolution of cybersecurity.