Elections
Malaysia has recently stated that it will conduct re-elections once the pandemic has been overcome. Which if it follows through, should come to fruition some time in 2021. Vietnam is also planning to conduct its general elections in 2021, while the Philippines is scheduled to hold its national elections in 2022.
As highlighted earlier, COVID-19 pushed a large number of users to come online for the first time across the region. Malaysia reportedly has the highest social media penetration rate, followed only by Singapore and Thailand. It also has the second highest penetration rate of smartphones after Singapore.
In short, the whole region is quite ripe for potential disinformation campaigns, and Kaspersky researchers will undoubtedly see such tactics being increasingly employed by the various stakeholders as each country draws near to their elections in 2021 and onwards.
These stakeholders can potentially be both internal and external. More than that, due to an increased user base for social media and mobile devices, such campaigns are likely to see a much larger effect on opinions than was ever seen previously.
Indonesia had its general elections in 2019, and just this year we saw a breach where private information of voters were leaked online by a group of hackers. Just as some of these other countries are gearing up to collect updated information on voters during their upcoming elections, it is certainly not far-fetched that similar intrusion attempts might be made here as well.
5G Rollout
2019 saw the introduction of 5G networks and this year, Kaspersky researchers saw a widespread adoption of 5G technology in mobile devices with hardware vendors like Apple updating their complete lineup to be 5G compatible.
Telecom operators in Southeast Asia have been trying to keep up with this technological evolution as well. Thailand, for one, specifically seems to have ramped up this adoption. This has been in part fueled by a need to support solutions like telemedicine to decrease contact following COVID-19 restrictions. This is only going to speed up in 2021, with other countries in the region following suit.
The way 5G has been designed is such that more of its operational functionality has been switched to software rather than hardware. This opens up various avenues for potential attack surfaces (the number of possible vulnerable points in a computer system where an attacker can get through), as generally software is considered more accessible and arguably easier to discover vulnerabilities for. It may only be a matter of time when researchers start to find potential software based flaws, and threat actors will definitely not be much behind, if not ahead.
Health Sector
The healthcare field as a cyber threat target is a worldwide trend. In previous forecasts, Kaspersky experts have projected an increase in attacks on medical equipment in countries where digital transformation in healthcare is burgeoning. In 2020, interest in medical research surged among cybercriminals specializing in targeted attacks, spurred by the development of the much anticipated COVID-19 vaccine and its potential significance for the global community.
All across the SEA region, there has been an increased push towards remote health monitoring solutions and online health consultations, motivated by the goal of reducing contact. This means an ever increasing number of patient data is coming online as well as the increase in attack surface throughout the health sector. According to Kaspersky researchers, this trend will continue through 2021. The new year may also see more attack attempts targeted towards this sector as new regulatory restrictions, new treatments and an increase in the number of potential victims continue to attract attention.
Ransomware
Kaspersky has been observing a reduction in ransomware attacks across the region recently. However, the cybersecurity company has been noticing ransomware threats becoming more dangerous, sophisticated, and targeted. The amount of money being demanded by ransomware groups has increased significantly.
A ransomware-related death, the first ever recorded, was witnessed in Germany this year where a patient had to be redirected to another hospital because of an ongoing cyber attack but ended up passing away before reaching the medical center.
While the ransom amounts being demanded are likely to continue to increase, we expect to see an increase in ransomware attacks, due to the sheer number of increased potential targets across the region and thus a reversal of the current trend in 2021.
Cloud Security
More and more companies are incorporating clouds in their business models due to the convenience and scalability they offer. However, this is a relatively new attack surface which is increasing as more businesses come onboard. There might be a heightened number of breaches on such infrastructure if companies make rookie mistakes and do not deploy proper security measures and solutions which can often be the case for newer adopters.
Industrial Control Systems (ICS)
In the current year, Southeast Asia has been one of the worst hit regions in terms of ICS attacks as per several ratings. We are however seeing more focus from governments to curb such events.
Malaysia has dedicated RM1.8 Billion for its national cyber security strategy 2020-2024. Indonesia’s National Cyber Encryption Agency (BSSN) also seems to be actively improving its cyber resilience strategy by partnerships with countries such as Australia since last year.
Similarly, the Philippines has also adopted a strategy where it is partnering with the private sector for a more effective cyber defense. We might see the fruits of such initiatives come into play in 2021, with the aforementioned trend seeing a reversal.