Asian companies have world's worst cybersecurity says study

  • Published
Illustration of a hacker entering a computerImage source, Thinkstock

Many Asian organisations are badly defended against cyber-attacks, a year-long investigation by US security company Mandiant indicates.

The median time between a breach and its discovery was 520 days, it says. That is three times the global average.

Asia was also 80% more likely to be targeted by hackers than other parts of the world, the report said.

It said an average of 3.7GB in data had been stolen in each attack, which could be tens of thousands of documents.

However, the bulk of the incidents were not made public because the region lacks breach disclosure laws.

Grady Summers, the chief technology officer of Mandiant's parent company, FireEye, said the findings were "very concerning".

"We knew responses to cyber-incidents here in Asia often lag those elsewhere, but we didn't know it was by this much," he told the BBC.

Image source, Mandiant/FireEye
Image caption,
The days taken to discover a cyber-attack in 2015

As part of the study, Mandiant hacked into one organisation's network with its permission to see how vulnerable it was.

"Within three days we had the keys to the kingdom," Mr Summers said. "If an expert group of hackers can do the same in three days, imagine what can they do in 520 days."

National threat

Mandiant has published a global security report for the past six years, but this is the first time it has focused on Asia.

The report is based on the company's investigations last year, each of which analyzed an average of 22,000 machines.

Image source, Getty Images

Leaving breaches undiscovered or unreported for too long can ultimately compromise a country's economic competitiveness or national security, Mandiant warns.

Hackers could take over key infrastructure such as power stations, which happened in the Ukraine, and potentially even transport systems in so-called smart cities.

On a consumer level, personal information can be used for fraudulent purposes. More than 500 million digital identities were stolen or exposed last year, an earlier report by security company Symantec suggests.

"Threats to corporate data are now a critical business concern for nearly every company," said Richard Fenning, chief executive of Control Risks, another security company.

"Hackers, whether malevolent teenagers or malicious states, are the leading disrupters of our age. [There's] no simple, single fix.

"Technology can help, but we must also shift how we think about digital security and have nimble leadership when the near-inevitable breach occurs."

State-sponsored attacks

Mandiant suggests that the bulk of cyber-attacks in Asia are state-sponsored and target areas with heightened geopolitical tensions, such as the South China Sea.

Governments, financial institutions, energy, education research, healthcare, aerospace and defence had "long been a favourite target" of hackers who look to either destroy or use the stolen material for extortion, it said.

There had been a decrease in the number of attacks in the US and western Europe by Chinese hackers, Mr Summers added, because China seemed to be refocusing its efforts to other parts of Asia.

'Not doing enough'

Asian organisations were ill-equipped to defend their networks from attackers because "they frequently lack basic response processes and plans, threat intelligence, technology and expertise", Mr Summers said.

"They're not doing enough," he said.

"But they're starting to wake up to the reality of the threats.

"In the US, we were going through this realisation 10 years ago, so we have a head start."