ASEAN Country Reports
2020
As more countries rely on digital economies, there needs to be an increased focus on the safety, reliability and trust of critical infrastructure. Over time, attacks have increased in size, sophistication, and impact. Perpetrators of these attacks have ranged from individuals to nation states. The dynamic and evolving nature of attacks continues to pose a risk of economic damage as a looming threat.
High-impact attacks include botnets for hire that can, for example, be used to conduct a large- scale amplification Distributed Denial of Service (DDoS) attack which makes use of unmanaged Internet services. Many financial institutions around the world have seen an increase in DDoS activities disrupt trading and other financial services. Not only should a country be concerned about being a recipient of such destructive DDoS attacks, they should also be concerned about whether their countries’ computers are being utilized to help launch these destructive attacks.
Email and phishing scams are also growing in numbers and sophistication. Many fake emails use lookalike domains for an organization (e.g. er1a instead of eria), and can seem very realistic. These fake emails could then be used to gain access to critical documents from coworkers, or falsify a seemingly benign attachment which, in reality, is a link to a fraudulent site or malware that may lead to a ransomware attack.
There are also sophisticated attacks which are increasingly using a technique called “route hijacking” to instigate fraud and cause economic harm. One such widely publicized attack in April 2018 succeeded against Ethereum, where a route hijack against the Amazon Web Services DNS network resulted in a $17 million cryptocurrency heist.
Targets of large-scale Internet attacks face the risk of reputational and economic damage.
To limit the exposure of such reputational or economic harm, the risks and potential attack vectors need to be understood so that proactive measures can be put in place.
Having a comprehensive understanding of what the current state of resiliency against attacks and proactive mitigation measures are makes it easier to determine where added national policies and capacity building measures may be needed. A data-driven, proactive approach to ascertain where increasing incentives for added resiliency measures may be useful, and creating reliable measurable metrics for continued risk assessment, is necessary.
This report is an initial step at showing the value of data measurements and analytics by reporting on the risks associated with open services, email infrastructure, and routing infrastructure in the 10 ASEAN member states.
ASEAN Country Reports
2020
As more countries rely on digital economies, there needs to be an increased focus on the safety, reliability and trust of critical infrastructure. Over time, attacks have increased in size, sophistication, and impact. Perpetrators of these attacks have ranged from individuals to nation states. The dynamic and evolving nature of attacks continues to pose a risk of economic damage as a looming threat.
High-impact attacks include botnets for hire that can, for example, be used to conduct a large- scale amplification Distributed Denial of Service (DDoS) attack which makes use of unmanaged Internet services. Many financial institutions around the world have seen an increase in DDoS activities disrupt trading and other financial services. Not only should a country be concerned about being a recipient of such destructive DDoS attacks, they should also be concerned about whether their countries’ computers are being utilized to help launch these destructive attacks.
Email and phishing scams are also growing in numbers and sophistication. Many fake emails use lookalike domains for an organization (e.g. er1a instead of eria), and can seem very realistic. These fake emails could then be used to gain access to critical documents from coworkers, or falsify a seemingly benign attachment which, in reality, is a link to a fraudulent site or malware that may lead to a ransomware attack.
There are also sophisticated attacks which are increasingly using a technique called “route hijacking” to instigate fraud and cause economic harm. One such widely publicized attack in April 2018 succeeded against Ethereum, where a route hijack against the Amazon Web Services DNS network resulted in a $17 million cryptocurrency heist.
Targets of large-scale Internet attacks face the risk of reputational and economic damage.
To limit the exposure of such reputational or economic harm, the risks and potential attack vectors need to be understood so that proactive measures can be put in place.
Having a comprehensive understanding of what the current state of resiliency against attacks and proactive mitigation measures are makes it easier to determine where added national policies and capacity building measures may be needed. A data-driven, proactive approach to ascertain where increasing incentives for added resiliency measures may be useful, and creating reliable measurable metrics for continued risk assessment, is necessary.
This report is an initial step at showing the value of data measurements and analytics by reporting on the risks associated with open services, email infrastructure, and routing infrastructure in the 10 ASEAN member states.
ASEAN Country Reports
2020
As more countries rely on digital economies, there needs to be an increased focus on the safety, reliability and trust of critical infrastructure. Over time, attacks have increased in size, sophistication, and impact. Perpetrators of these attacks have ranged from individuals to nation states. The dynamic and evolving nature of attacks continues to pose a risk of economic damage as a looming threat.
High-impact attacks include botnets for hire that can, for example, be used to conduct a large- scale amplification Distributed Denial of Service (DDoS) attack which makes use of unmanaged Internet services. Many financial institutions around the world have seen an increase in DDoS activities disrupt trading and other financial services. Not only should a country be concerned about being a recipient of such destructive DDoS attacks, they should also be concerned about whether their countries’ computers are being utilized to help launch these destructive attacks.
Email and phishing scams are also growing in numbers and sophistication. Many fake emails use lookalike domains for an organization (e.g. er1a instead of eria), and can seem very realistic. These fake emails could then be used to gain access to critical documents from coworkers, or falsify a seemingly benign attachment which, in reality, is a link to a fraudulent site or malware that may lead to a ransomware attack.
There are also sophisticated attacks which are increasingly using a technique called “route hijacking” to instigate fraud and cause economic harm. One such widely publicized attack in April 2018 succeeded against Ethereum, where a route hijack against the Amazon Web Services DNS network resulted in a $17 million cryptocurrency heist.
Targets of large-scale Internet attacks face the risk of reputational and economic damage.
To limit the exposure of such reputational or economic harm, the risks and potential attack vectors need to be understood so that proactive measures can be put in place.
Having a comprehensive understanding of what the current state of resiliency against attacks and proactive mitigation measures are makes it easier to determine where added national policies and capacity building measures may be needed. A data-driven, proactive approach to ascertain where increasing incentives for added resiliency measures may be useful, and creating reliable measurable metrics for continued risk assessment, is necessary.
This report is an initial step at showing the value of data measurements and analytics by reporting on the risks associated with open services, email infrastructure, and routing infrastructure in the 10 ASEAN member states.
