In terms of cyber safety, the Asia Pacific region (Apac) has the worst record in the world with many cases going undetected, a new study has shown. The study reveals how most organisations in the Apac region are unprepared to identify and respond to hacks in a timely manner.
Mandiant M-Trends in its latest study says most breaches in Apac never become public and the discovery time on average for any such breach in the region was 520 days, way longer than the global average of just 146 days. To top it, most governments and industry-governing bodies still do not have effective breach disclosure laws in place.
"We knew responses to cyber-incidents here in Asia often lag those elsewhere, but we didn't know it was by this much," Grady Summers, the chief technology officer of Mandiant's parent company, FireEye, said.
The report discovered that other than common ransomware and trojans, Apac has been exclusively targeted with specialised attacker tools, like a suspected Chinese threat group, APT30, which targets highly sensitive political, economic, and military information for the last decade.
A major reason for the slipping of these critical breaches, according to the report, was the fact that most organisations lack appropriate technology to perform effective computer and network forensics. In fact, many organisations do not hire or retain highly sought after incident responders and forensics experts because they think of it as wasteful expenditure.
Cyberattacks have grown by leaps and bounds in the past few years, with many targeted at financial institutions with the aim of siphoning off money. One of the biggest hacks this year in the Apac region has been the Bangladesh bank hack where investigators say the lack of basic defence mechanisms was a key vulnerability aided by a suspected insider hand.