In this connected world, where consumers can now access financial services more conveniently than ever before, cyber-crime is becoming a more pressing problem for the sector by the day. New reports confirm that financial services firms in South-East Asia are preparing themselves to face these attacks, as it appears they will be top targets for cyber-criminal activity in 2017. Htet Tayza comments.
Financial companies have always been a target for cyber-criminals, as they handle large volumes of money. But as digital technology advances, hackers are becoming more sophisticated, and attacks against financial services are growing more damaging. Globally, Consultancy writes, the cost of cyber-crime for businesses vaulted to US$280 billion in 2016, and finance was the most impacted sector.
It is key that businesses worldwide bolster their cyber-security, to shield their data and cash from hackers. However, regional news portal The Diplomat notes, the region has weak information security infrastructure, which has become a serious issue now cyber-criminals are targeting South-East Asian firms in greater numbers, due to its rising status as an economic powerhouse. Estimates suggest that if South-East Asian firms do not invest in information security, they could lose US$3 trillion by 2020.
One reason why cyber-criminals are now mounting attacks against South-East Asia, is that the region’s financial technology (fintech) market is becoming more lucrative by the day. The region has a high unbanked population, creating demand for convenient financial services, such as those provided by mobile payment apps. A new report indicates that these technologies could promote greater financial inclusion in South-East Asia, potentially lifting the region’s gross domestic product by as much as 6%.
It is important to point out that as a region within the larger Asia-Pacific (APAC) area, South-East Asia is part of one of the biggest fintech markets on earth. APAC, for example, led the world in the mobile payments segment in 2016, with 53% of its consumers buying goods and services via apps. While mobile-based financial services are creating new revenue for South-East Asian financial services, they are also opening these firms up to cyber-crime, for instance mobile has fuelled card fraud in the region.
Bracing for attacks
A new report by cyber-security software developer Fortinet, financial news source MIS Asia writes, claims that South-East Asian financial services will become a more popular target with cyber-criminals in 2017. Fortinet attributed this to rising cloud adoption among financial services providers in the region, arguing that these companies must subject any data that passes through the cloud to same scrutiny that they would other data, as well as maintain data visibility, to shield their operations.
Commenting on the findings of this report, Fortinet’s Vice-President for South-East Asia, Peerapong Jongvibool, said: “The [South-East Asian] financial industry continues to be a prime target given the sensitive nature of its data that is extremely valuable on the online black market. Cyber-criminals are also capitalising on new ways to exploit increasingly complex network environments in FSI and developing new techniques to bypass security and evade detection.”
In their report, Fortinet forecast that South-East Asian financial services firms will increasingly turn to two-factor authentication (2FA), to defend their data from cyber-criminals. This system uses both passwords as well as something already in the user’s possession, such as a one-time pin sent to their mobile phone, for authentication purposes, making it harder for hackers to break through security.
The cyber-security software developer also advised South-East Asian financial companies to deploy a security fabric architecture, going forward. This will supply companies with an increased awareness and visibility of all the security factors they require to bolster their systems from the ever-more complex cyber-attacked which are being launched by hackers, as the global digital landscape evolves.
Continuing, Peerapong argued: “As… attacks grow in both number and complexity, financial services institutions will have to prepare to better detect and mitigate threats in order to protect their organisation.” It is key that in the face of the increased cyber-crime risk they face, South-East Asian financial services firms invest in fintech solutions which are known to prove effective against cyber-criminals, if they want to tap into the potential the region’s digital finance sector currently holds.
Also evidence suggests that some existing fintech, most notably blockchain, can help shield companies from cyber-attacks, providing real financial benefits. Blockchain is a digital ledger which due to its distributed nature, is incredibly hard for cyber-criminals to target, and it could prove incredibly useful to financial services, as forecasts indicate that blockchain could save the sector US$110 billion in costs, over the next three years. If South-East Asian financial companies utilise these fintech solutions, therefore, they could safeguard their operations for cyber-threats and maintain profitability.