Digital banking in the Asia-Pacific region is poised to expand rapidly this decade, thanks to large underbanked populations, a young demographic that is becoming increasingly digitally savvy, and the demand for 24-hour banking services. Digital banks in APAC are growing in numbers. By this year end, Malaysia will have 5 digital-only banks. 20% of the world's digital banks were based in the Asia-Pacific region in 2021, and the banking sector in Vietnam, the Philippines and Indonesia could experience double-digit growth by 2024. Will a local OS ensure better security? Does it make sense to replace it with Microsoft Windows? China's Violet Typhoon deployed more than a dozen malware variants to target critical infrastructure across Eastern Europe.
Today's digital banks use a variety of third-party applications and software to ensure operational efficiency and provide the best financial services to customers, but this also exposes them to supply chain attacks. South Bend, Indiana-based financial services firm 1st Source announced in July that about 450,000 data records had been compromised in a breach involving Progress Software's MOVEit Transfer application.
Security Issues Could Threaten Asia's Digital Banking Story
Digital banking in the Asia-Pacific is poised to expand rapidly this decade, thanks to large underbanked populations, a young demographic that is becoming increasingly digitally-savvy, and the demand for 24-hour banking services, but persistent cybersecurity threats and hackers’ growing abilities could spoil the party.
How the Philippines Manages the Security of Government Banks
The Philippines follows a shared cyber defense strategy, bringing together government financial institutions with other agencies under the Department of Finance for a cost-effective defense strategy. In an interview, Archieval Tolentino, IT security head at Land Bank of the Philippines, shared how this approach works to protect the banking sector. Tolentino also discussed the aim of a shared cyber defense strategy, top cybersecurity issues for the banking sector, and the best practices for cyber defense. "The model provides a second pair of eyes to protect our IT infrastructure," he said. "There are three main priorities: continuous security monitoring and management of our infrastructure, threat monitoring, and incident response as part of the engagement.
Indian Defense Ministry to Replace Windows With Local OS
India's Defense Ministry will replace the Microsoft Windows operating system with a locally built operating system to enhance cybersecurity in the face of persistent cyberattacks. Cybersecurity advocates and experts say the development of the new operating system was necessitated by increasing cyberattacks on India's military infrastructure. Retired Brigadier Arun Sahgal, a senior fellow for strategic and regional security at New Delhi-based think tank Delhi Policy Group, told Information Security Media Group the Defense Ministry's initiative is a welcome move. But he cautioned that the two solutions must adequately interface with other systems and technologies and be continuously upgraded.
Sahgal said that the cybersecurity of the country's critical infrastructure requires a whole-nation approach, and the government needs to work with the software development industry and national security agencies to find the best and the most resilient cybersecurity technologies to protect the armed forces.
Chinese Espionage Group Active Across Eastern Europe
A Chinese state-sponsored hacking group, which Kaspersky believes is APT31, also known as Violet Typhoon - formerly Zirconium - and Judgment Panda, likely deployed more than a dozen malware variants to target critical infrastructure across Eastern Europe as part of an espionage campaign. The hackers used cloud services such as Dropbox and Yandex Disk, as well as virtual private servers, to deploy the malware in various stages, Kaspersky said.
These strains differed only in persistence capabilities; their other infection tactics remained the same. The hackers combined the variants along with a new malware backdoor dubbed MeatBall, which was used to establish remote access capabilities, the researchers said.
Vietnam Facing a Critical Shortage of Cybersecurity Workers
Vietnam has more than 75 million Internet users, close to 70,000 digital technology enterprises, and an ICT industry worth $150 billion. Yet, according to Vietnam's Authority of Information Security (DIS), the country has only 3,600 information security workers across government and private sectors, about a tenth of the workforce the country needs to adequately secure information assets. This has resulted in frequent data leaks and breaches and exposed the nation's inability to safeguard citizens' data, DIS said.