Kasperksy security researcher Suguru Ishimaru. (PNA photo by Priam Nepomuceno)
YANGON, Myanmar -- Countries like the Philippines whose militaries are just starting to beef up their cyber defenses should first train personnel on how to use and protect their data along with their devices, a researcher from a global cybersecurity company said Thursday.
"They should learn to use the device first, because if they don't use this, they could (not be) familiar with these devices of course," Suguru Ishimaru of Kaspersky said in an interview on the sidelines of the 5th Cyber Security Weekend.
During this familiarization period, Ishimaru said these individuals will hopefully know the vulnerabilities of their equipment so that they could take steps on how to protect their database.
Acquisition and installation of an affordable and yet efficient security product will greatly help in this initiative, he added.
"Using (the security product) is not enough, they have to be familiar (with) the security product and they have to understand it 100 percent, then (how to use it) to protect (their data)," Ishimaru stressed.
Also, they must ensure that all their subsidiaries or third- party suppliers are also protected from such threats before allowing them access to their equipment or networks.
In April, reports claimed that the website of the training school of the First Scout Ranger Regiment, one of the Philippine Army’s (PA) elite units was hacked.
This reportedly led to the leak of personal data of 20,000 soldiers.
Ishimaru also said Kaspersky has detected new infection attempts from APT10 (advance persistent threat) against organizations located in Southeast Asia.
The attacks potentially targeted health and medical facilities in Malaysia between October to December last year and Vietnam between February to May 2019.
The malware used in the two countries is different from the known tricks APT10 is known for, but the goal remains the same – to steal credentials and confidential information from the infected machines.
“We have been monitoring several operations of APT10, particularly in Japan where they caused information leakage and serious reputational damage. They are known in the industry for their stealthy and large-scale cyber espionage campaigns, always hungry for confidential information and even trade secrets. Now they are extending their geography of attack towards Southeast Asia, potentially setting eyes on some medical organizations and associations in Malaysia and Vietnam,” he added.
APT10 -- also known as MenuPass, StonePanda, ChessMaster, Cloud Hopper, and Red Apollo -- is known for several high-profile attacks against different industries, including information and technology, government and defense, telecommunications, academic, medical, healthcare and pharmaceutical since 2009.
In December last year, a report from PwC revealed that the alleged nation-backed group has successfully infected key MSP (managed service provider) companies such as Hewlett Packard Enterprise Co and IBM.
Through this breach, the culprits have stolen sensitive corporate data from the affected firms’ clients. Among the alleged targets were Australian corporations. Several latest reports also revealed researchers spotting APT10 infections in the Philippines, as well as against telecommunication providers in Europe, Africa, the Middle East, and Asia.
The group is widely known in the cybersecurity industry as a Chinese-speaking cyberespionage group.
While their target sectors have been changing since their first known attack, their goal to steal important information including confidential data, defense intelligence, and corporate secrets remains unchanged. (PNA)
