The think tank Center for Strategic and International Studies puts the cost of global cybercrime at the equivalent of nearly S$819 billion per year. It estimates that up to a third of that cost is borne by East Asia and the Pacific, the highest of any region analyzed.
Singapore, meanwhile, boasts a GDP within the top fifty nations, worldwide. This economic success makes it a target for cybercrime in an area already heavily impacted. In addition to financial motivations, its government and businesses must contend with the typical political and economic espionage, hacktivism and other computer-related criminal acts common in a growing cyber threat environment.
The Cyber Security Agency of Singapore reported for 2017:
- 2,040 website defacements
- 23,420 phishing attempts using Singapore URLs
- 750 Command and Control (C&C servers)
- Daily average of about 2,700 botnet drones with Singapore IP addresses
- 25 cases of ransomware reported
- 5,430 cybercrime cases reported
- Annual growth in cybercrime from 15.6% to 16.6% of total crimes
To meet this challenge, companies are spending enormously on training, security tools, cyber insurance and mitigation consultants. And they often defend themselves independently, occasionally working with law enforcement. However, in a growing number of industries there are now collaborative communities for businesses to exchange security information, for mutual defense.
Just as we see threat actors working collectively, obtaining malicious solutions from forums and sharing criminal best practices with peers, responsible security professionals can also support each other.
In the last few years there has been significant maturation in information sharing and analysis centers or ISACs. These bodies operate in a hub-and-spoke model in which members from a certain industry or region gather to share cyberthreat data to centrally located analysts, who enrich and disseminate intelligence back to the community.
In this model, businesses can engage to exchange security information on phishing campaigns, malware attacks, systems vulnerabilities or other threats in order to strengthen each other with indicators and prevent incidents before they can impact the broader group. These communities typically adopt rules to manage the dissemination of the information, allowing anonymous sharing to protect companies’ reputation.
Simply put, this is a cost-effective model for crowdsourcing additional security but among a vetted, trusted group of professionals with a common interest, using common technology and with supporting, independent analysis.
With impacted businesses spending an average of S$3.55 million as a consequence of malware attacks, it makes sense to band together. If responsible actors can make it harder for criminals to steal, manipulate or impact an industry or region, the financial determinations by criminal enterprises will shift. Even irresponsible nation-states operate on limited budgets.
Operating independently, many companies are a more appealing target with static security practices and information streams. By pooling data, best practices, analysis and warning, companies can gain a competitive edge that strengthens their security and in turn, their financial position and continued reputation.
Join Global Resilience Federation at Marina Bay Sands (Singapore), at 9:30am on 16 July 2019 in Peony room 4401AB-4402 to learn more about the power of threat information sharing within an ISAC.