Cybersecurity risks for local organisations have increased considerably during pandemic – Company

The Covid-19 pandemic has worked as a catalyst for faster digital transformation across all sectors and increased the level of new cyber threats targetting Macau organisations, especially ransomware attacks, cybersecurity tech company Fortinet revealed.

In a public statement, Fortinet reveals that Macau’s Cybersecurity Incident Alert and Response Centre received about 1,600 cybersecurity risk alerts per day on average in 2020 and issued 38 warnings to critical information infrastructure operators last year.

‘As organizations have overcome the uncertainties and difficulties of the pandemic and achieved greater efficiency, new ways of working have also led to new cyber threats emerging to take advantage of the current situation,’ the group stated.

The company underlined that Macau authorities have recognized the importance of the issue before introducing the Macau Cybersecurity Law (MCSL) in 2019, under which public and private critical infrastructure operators have to maintain adequate management and security levels for their information networks and computer systems, adopt cybersecurity systems and establish reporting mechanisms.

The new regulations also established CARIC which started operating in December, 2019 and is coordinated by the Judiciary Police, the Public Administration and Civil Service Bureau (SAFP) and the Macau Post and Telecommunications Bureau (CTT).

The centre is primarily responsible for cybersecurity risk alert, cybersecurity incident response and coordination, and the relevant administrative and technical support, with critical infrastructure entities having to report any cybersecurity issues to it.

Located at the PJ Headquarters and equipped with advanced software and hardware for cybersecurity, it operates 24/7 by professional technicians on rotating shifts.

CARIC center

With a considerable increase in cybersecurity incidents reported in 2020, ransomware attacks notably, Fortinet advised Macau organisations to adopt zero-trust access and segmentation strategies to deal with the issue.

Ransomware is a form of malware that encrypts a victim’s files, with the attacker then demanding a ransom from the victim to restore access to the data upon payment.

‘Ransomware remains a prevailing threat that can cause enormous loss of money and reputation, especially for healthcare, professional services, consumer services companies, public sector organizations and financial services firms,’ the company noted.

‘FortiGuard Labs data shows a sevenfold increase in ransomware activity in the second half of 2020 compared to the first half, with multiple trends responsible for this increased threat’.

In order to effectively deal with the evolving risks of ransomware, Fortinet suggests organizations will need to ensure data backups are ‘timely, complete, and secure off-site’.

‘Adopting zero-trust access and segmentation strategies can minimize risk and segmentation is especially critical when collecting and correlating large amounts of data in single and multiple network environments. Consistent policies across the network can more effectively manage and secure the movement of data and applications,’ the group added.

Other suggestions advanced by the company include using an Automated Security Fabric Platform to safeguard the expanded digital attack surface, which could help organizations with increasingly complex network environments to operate securely across the core network, multi-cloud environments, branch offices and remote workers.

‘Under the MCSL, all critical infrastructure operators must adopt a cybersecurity management system and develop internal measures for monitoring and responding to security incidents. However, the increased use of personal devices for remote working outside the corporate network can make organizations vulnerable to cyber threats as it expands the attack surface,’ Fortinet states.

Therefore, by implementing an automated security fabric platform, organisations would be equipped with a platform that would search for new cyber threats, and enable speedy prevention, detection and responses.

The company also warned that as cyber threats increase the need for skilled cybersecurity professionals in Macau that can assist in enforcing cybersecurity regulations is ‘more crucial than ever’, and advised organisations to invest in education and training.

‘Cybercriminals are leveraging advances in computing power to create new and advanced threats at unprecedented speed and scale. To staying one step ahead of cyber threats and comply with the MCSL, organizations must act now to maximize their investments in cybersecurity platforms designed to provide comprehensive visibility and protection across the entire digital infrastructure, including networked, application, multi-cloud, and mobile environments,’ the company noted.

Just this month the Macau SAR Office for Personal Data Protection (GPDP) revealed that more than 410,000 Facebook accounts in the SAR were hacked after the tech giant suffered a massive data breach in 2019 involving 533 million Facebook users worldwide.

The data leak included personal information, including phone numbers, full names, email addresses, locations, that were posted on a hacking forum.

When inquired about the issue by Macau News Agency, the GPDP revealed that from the beginning of this year until now it has not initiated investigations on the matter.

‘On the other hand, the GPDP has been closely monitoring the alleged Facebook’s leaks of personal data, as media earlier reported, and, therefore, has been contacting Facebook in due time non-officially. At present, for the said matters we have no further information to provide,’ the department told MNA.