Tuesday Dec 24, 2024
Monday, 27 May 2024 02:22 - - {{hitsCtrl.values.hits}}
Korean cybersecurity company NPCore’s Chief Strategy Officer David Sehyeon Baek
|
By Harsha Udayakantha Peiris
In today’s increasingly interconnected world, robust cybersecurity measures are more crucial than ever. As digital threats evolve at an unprecedented pace, both organisations and individuals face heightened risks of cyberattacks that can compromise sensitive data, disrupt critical infrastructure, and undermine trust. From ransomware to phishing schemes, the spectrum of cyber threats is vast and ever-changing, necessitating proactive and sophisticated defences.
“The frequency and sophistication of cyber threats are not just increasing—they are evolving. Advanced Persistent Threats (APT) and ransomware attacks have become dramatically more common, posing significant risks to individuals, corporations, and governments alike. “Recognising and addressing these dire cybersecurity vulnerabilities has never been more crucial,” says David Sehyeon Baek. “Therefore, protecting networks and endpoints is essential, as these are often the first lines of defence against cyberattacks,” he says.
Korean cybersecurity company NPCore Chief Strategy Officer David Sehyeon Baek, is a seasoned cybersecurity expert specialising in network cybersecurity, email security against APTs, and advanced technologies like EDR, CTIP, and XDR. His expertise extends beyond any single organisation, having collaborated with various cybersecurity firms across different sectors. David also serves as a deal-sourcing partner for a prominent international bank based in Singapore, playing a crucial role in raising funds for various industries, with a particular focus on cybersecurity initiatives. He is actively engaged in promoting cybersecurity awareness and advanced technologies across several Asian markets, including Korea, Japan, Singapore, Indonesia, Malaysia, Vietnam, and Thailand, with the goal of effectively combating cybercrime in these regions.
The monetary motivation behind Cyberattacks
Emails remain a common vector for cyber threats, often exploiting simple phishing schemes to access sensitive information. Therefore, robust email security and employee awareness training are crucial. According to David, hacking thrives primarily due to financial incentives. Cybercriminals are attracted by the significant financial gains and low risk of detection and prosecution. The rise of Ransomware-as-a-Service (RaaS) platforms has further simplified the process, allowing even low-skilled individuals to conduct ransomware attacks. Understanding this ecosystem is key to developing effective defence strategies.
The role of Dark Web in cybercrime
“Hackers often use dark web forums and marketplaces to exchange information, sell stolen data, and trade hacking tools. These anonymous platforms facilitate the spread of malware and planning of cyberattacks, highlighting the need for robust cybersecurity measures. Compromised IDs and passwords are powerful tools for hackers, allowing easy breaches of systems and networks,” David says.
The dark web is full of these credentials, available for purchase. Once obtained through phishing, data breaches, or dark web transactions, hackers can impersonate legitimate users and bypass security protocols. This access enables them to infiltrate corporate networks, steal data, install malware, and commit financial fraud. The consequences include significant financial losses for businesses and severe privacy invasions for individuals. This situation underscores the importance of robust password management and multi-factor authentication to mitigate risks.
The role of Crypto currencies in cybercrime
The role of cryptocurrencies in cybercrime is a major concern, particularly in the context of ransomware attacks. Therefore, David highlights the need for ongoing discussions to understand this issue. Cryptocurrencies like Bitcoin offer anonymity, allowing cybercriminals to receive payments without easily traceable transactions. This anonymity complicates law enforcement efforts to track and apprehend perpetrators. As a result, the ease of anonymous transactions has significantly increased ransomware attacks, highlighting the need for advanced blockchain forensics and regulatory frameworks.
David also points out that social engineering is highly effective in breaching systems by exploiting human vulnerabilities. Cybercriminals use techniques such as phishing, pretexting, baiting, and tailgating to manipulate individuals into revealing confidential information or performing actions that compromise security. These methods bypass technological safeguards by targeting human behaviour, underscoring the necessity for comprehensive security training and awareness programs within organisations.
The critical role of EDR and XDR in mitigating advanced cyber threats
Traditional antivirus software, while essential, has significant limitations as it relies on signature-based detection, which can only identify known malware. Research by professionals like David has shown this method to be ineffective against zero-day exploits and sophisticated threats that can evade signature recognition. To address these gaps, Endpoint Detection and Response (EDR) systems are crucial. EDR solutions continuously monitor system behaviour to detect anomalies that may indicate potential threats, rather than just searching for known virus signatures. This proactive approach enables early identification and mitigation of advanced threats, highlighting the importance of integrating EDR technologies into organisational cybersecurity frameworks.
According to David, at present, Extended Detection and Response (XDR) is gaining attention in cybersecurity for its comprehensive threat detection and response across various data sources. Unlike traditional solutions targeting specific security domains, XDR unifies multiple security products into a single platform, offering a unified view of threats across endpoints, networks, and clouds. This integration leverages correlated data and advanced analytics, enhancing threat detection accuracy and response times. As cyber threats grow more sophisticated, organisations value XDR’s holistic, proactive security approach, making it a crucial element in modern cybersecurity strategies.
Enhancing Cybersecurity with automation, AI, and architectural design
Automation, Artificial Intelligence (AI), and robust cybersecurity architecture are crucial for enhancing organisational security. Automation speeds up detection and response, reducing reaction time and minimising human errors. AI improves security by learning from data to identify patterns and anomalies that traditional methods might miss, offering predictive capabilities to prevent breaches. A well-designed cybersecurity architecture integrates multiple security layers, protecting data across all endpoints and networks. Together, these elements boost the efficiency and effectiveness of cybersecurity measures, dynamically adapting to the evolving threat landscape to ensure continuous protection in a complex digital world.
A learning experience on cybersecurity from neighbourhood
David Sehyeon Baek, who recently organised a cybersecurity workshop in Bangkok, highlighted the global issue of cybersecurity lagging behind rapid digital transformation. He emphasised that while many countries have advanced digital infrastructures, their cybersecurity measures and awareness have not kept pace, leading to increased cybercriminal activity worldwide.
At the workshop, David noted that Thailand was the base for Alexander Cazes, the Canadian founder of AlphaBay, the largest dark web marketplace from 2014 to 2017. This platform facilitated the trade of illegal products and services until Cazes’s arrest, underscoring the need for robust global cybersecurity solutions.
Thailand’s rapidly growing digital economy, expected to reach $ 20 billion by 2024, has brought increased cybersecurity challenges, particularly in sectors like Banking, Financial Services, and Insurance (BFSI). Cyber incidents surged from 135 in 2021 to 772 in 2022, according to the National Cyber Security Agency (NCSA), highlighting the need for stronger cybersecurity measures. Despite government efforts to improve cybersecurity infrastructure, financial losses, operational impacts, and low awareness of security measures continue to hinder effective responses.
Sri Lanka’s potential as a developing country in global cybersecurity initiatives
David points out that developing countries like Sri Lanka can benefit significantly from joining international cybersecurity alliances such as the Global Forum on Cyber Expertise (GFCE) and the ITU Global Cybersecurity Agenda.
“These collaborations provide access to best practices, technical assistance, and capacity-building programs. Therefore, participation in global cybersecurity training programs offered by organisations like the United Nations and ITU is essential to enhance the skills of local cybersecurity professionals and build a robust workforce in such countries. Engaging in public-private partnerships (PPPs) with global tech companies and cybersecurity firms can help develop local capabilities through the transfer of knowledge, technology, and resources,” he emphasises.
Adopting international standards, such as ISO/IEC 27001 and the NIST Cybersecurity Framework, can improve the cybersecurity posture of local businesses and government institutions. Involvement in international cybersecurity exercises, like Cyber Storm and the ASEAN Cyber Drill, provides practical experience in handling cyber incidents and fosters international cooperation.
David says that a strong cybersecurity framework can also attract foreign investment by providing a secure digital environment, crucial for Sri Lanka’s economic growth and the development of its tech industry. “Ensuring the security of critical sectors such as finance, energy, and telecommunications is vital for national security and economic stability, preventing significant economic costs from cyberattacks,” he points out.
Enhancing digital transformation by securing digital infrastructure is therefore essential for implementing e-governance, digital banking, and other ICT initiatives, enabling the safe expansion of digital services. Strengthening cybersecurity builds trust among citizens, businesses, and international partners, which is crucial for the widespread adoption of digital services and international cooperation.
Promoting Cybersecurity awareness through education
Including cybersecurity in education is equally vital for developing a skilled workforce. Integrating cybersecurity into curricula at all educational levels ensures a continuous pipeline of skilled professionals, preparing students for careers in cybersecurity and related fields, and addressing the global shortage of cybersecurity talent.
“Therefore, educating students about cybersecurity risks and best practices fosters a culture of awareness and equips individuals to protect themselves and their organisations from cyber threats. This education also encourages innovation and research, with higher education institutions becoming hubs for developing new cybersecurity technologies and solutions. This offers an excellent opportunity for foreign university-affiliated institutions in developing countries like Sri Lanka to promote a new sector in higher education and foster public-private partnerships for investment,” says David.
According to him, a well-educated populace is better equipped to recognise and respond to cyber threats, enhancing societal resilience against cyber incidents. For countries like Sri Lanka, participation in global cybersecurity initiatives is crucial for economic development, national security, and the protection of critical infrastructure.
David emphasises that despite technological advances, there is no perfect solution to cybersecurity. “The landscape is constantly evolving, with new threats emerging as quickly as old ones are mitigated, businesses and individuals must stay informed about the latest threats and defence mechanisms.Therefore, investing in reliable cybersecurity solutions and understanding the associated risks and protections is essential,” he says.