Kaspersky calls for building ICT supply chain cyber resiliency in Thailand to boost digital economy
Against the backdrop of constantly evolving cyber threats, Thailand needs to take a more active stance in prioritizing cybersecurity, Kaspersky’s findings suggest. A critical move towards achieving cyber-resiliency would potentially support the growth of local businesses, foster current digital opportunities, and mitigate dangerous risks to the country's economy.
Cyberattacks on information and communications technology (ICT) supply chains are on the rise. This is dangerous as vulnerabilities can be introduced at any phase, from design through development, production, distribution, acquisition and deployment to maintenance. This can affect governments, enterprises, and the public.
When cybercriminals gain backdoor access to the systems of their clients, infecting thousands of systems at once. The more entry points, the bigger the attack surface becomes. When one part gets affected, a domino effect soon follows.
There have been a number of high-profile ICT supply chain attacks last year. In 2021. while investigating the artefacts of a supply-chain attack on an Asian government Certification Authority’s website, Kaspersky discovered a Trojanised package that dates back to June 2020.
Unravelling that thread, Kaspersky researchers identified a number of post-compromise tools in the form of plugins that were deployed using PhantomNet malware, which was in turn delivered using the aforementioned Trojanised packages. Kaspersky’s analysis of these plugins revealed similarities with the previously analysed CoughingDown malware.
On a larger scale, Kaspersky in Q2 2022 detected 4,740,347 different web threat attempts on the computers of Kaspersky Security Network (KSN) participants in Thailand. Overall, 20.1% of Thai users faced this type of threat.
Attacks via web browsers are the primary method for spreading malicious programs. Exploiting vulnerabilities in browsers and plugins, as well as social engineering, were the most common ways used by cybercriminals to penetrate the systems.
Recognising the risks and impact of ICT supply chain cyberattacks, countries are taking action. As far as the local government is concerned, legal policies and regulatory frameworks on cybersecurity have already been laid out and are currently in place. Kaspersky executives urge the state to collaborate with its neighbors and private companies to further build its cyber-resiliency.
Genie Gan, Head of Public Affairs and Government Relations for Asia Pacific & Middle East, Turkey and Africa at Kaspersky, says that while the cybersecurity landscape in Thailand is distinct from the rest of SEA countries, it is still interconnected with its regional neighbors in so many ways.
"This is why we encourage the government regulators to begin boosting its cyber capacity-building and cooperation efforts. These two are basically the building blocks of cybersecurity," she said.
"Looking at Thailand’s unique cybersecurity landscape and how it is dealing with cyberattacks, it appears that the country is now in the intermediate stage of cybersecurity readiness. Intermediate-level countries are those that have identified cyberattacks as areas they need to look into and have attempted to make some inroads. The goal is to have the country move to the Advanced stage where we hope to see it doing more in terms of development," added Gan.
Gan recommended the following specific action steps to strengthen ICT supply chain in Thailand:
- Develop core principles, technical standards to ensure a consistent level of cybersecurity across all companies involve.
- Actionable national cybersecurity strategies.
- Improve procedures and regulations on ICT supply chain infrastructure.
- Private and public mutual cooperation and cybersecurity capacity building.
From Kaspersky's experience, an effective formula includes constant improvement of security awareness. This includes engagement with the wider cybersecurity community and stakeholders including cybersecurity providers to validate and verify the trustworthiness of their products, internal processes and businesses — an important pillar held by Kaspersky and implemented within the overall framework of its pioneering Global Transparency Initiative (GTI).
One of the GTI's cornerstones included the opening of a network of Transparency Centers — in Zurich (Switzerland), Madrid (Spain), Kuala Lumpur (Malaysia), São Paulo (Brazil), Singapore, Tokyo (Japan), and Woburn, Massachusetts (the United States).
This global network of Transparency Centers serves as facilities for trusted partners and government stakeholders, responsible for cybersecurity, to review the company's code, software updates, and threat detection rules.
The Transparency Centers are fully operational and available for on-site (physical) and remote access.
With guidance from the company experts, visitors at the Transparency Center can conduct transparency review sessions in three different modes:
- Blue Piste: overview of Kaspersky's security and transparency best practices and product portfolio
- Red Piste: review of the most critical parts of Kaspersky's source code by a client or regulatory stakeholder
- Black Piste: deepest and most comprehensive review of the most critical parts of Kaspersky's source code
The GTI also paved the way for the creation of Kaspersky's Cyber Capacity Building Program to help government organizations, academia, and companies around the world develop mechanisms and skills for security assessment of ICT products they use. Requesting access is as easy as sending an email to [email protected].
Kaspersky also advised that countries like Thailand continually promote skills training and enhanced collaboration to support incident response capabilities and ensure the safety and wellbeing of their citizens.
"Cyber threats are here to stay as it is parallel with the digitalization drive in Thailand. A latest study projected a $57 billion digital economy in 2025, a huge opportunity that will be realized best if digitalisation efforts are built upon trusted and transparent cybersecurity foundations,” said Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.
“Organisations, industries, and governments will always be lucrative targets for cybercriminals but through collaborative multi-stakeholder efforts, we can explore strategies and expand our cybersecurity implementation as we enhance our confidence and trust in technology. When a country achieves cyber-resiliency, the digital future no longer becomes a scary unknown realm but a place with endless opportunities for growth," he adds.