Today as we rely more on systems, software and apps to run our business operations and even personal lives, all the more there is a need to ensure that IT networks and our personal gadgets are secured.
Security of physical assets and equipment can be easily taken care of by locked rooms using the traditional keys or these days via biometric locks such as our fingerprints or even irises. However, when it comes to security within our IT networks, the traffic that is going on within and beyond an the organisation, it can tricky and hard to spot.
When an organisation’s IT network is attacked or infiltrated it is a Cybersecurity attack and the results can be devastating as can be seen from the Colonial Pipeline incident that happened in Texas, USA, in May 2021.
Today, the Cyber Security Agency (CSA), Singapore, announced that the Counter Ransomware Task Force (CRTF) formed earlier in 2022 will play an active role highlighting the importance of cybersecurity to businesses and bring about more awareness.
Undoubtedly, this is a timely move as a dramatic rise in the number of cyber crimes ranging from phishing scams to scam phone calls can be seen. All these point to a common factor – a leak in customers’ Personal Identifiable Information (PII) – from the organisation where customers’ data are stored.
This also bags the question are organisations such as banks, corporation and even Government agencies really having poor IT network security or are there other contributory factors?
Who is in the house?
It is known for a fact that Singapore employs a large number of IT specialists from India some with genuine and some with fake qualifications that may yet be discovered. It is also know for a fact that a large number of IT degree mills sell fake certificates for any courses. By now it is known worldwide that India, is called a Scam City. Even our very own Channel News Asia (CNA) Insider had gone undercover to cover this news.
In Dec 2018, a group of 126 people in Noida, India were arrested for victimising a large number of Americans and Canadians which prompted US FBI to act on the reports of fraud from their citizens.
Is it too much to hypothesise that there is a positive correlation here between the dramatic increase in last year’s phishing scams and the millions of dollars that were lost in Singapore to having too many Indian IT specialists in the house?
Who should make up the spine of the CRTF?
Who then should form the backbone and front line of this CRTF? Will the work of the CRTF be done by our very own cybersecurity specialists or will be contracted out to an outsourced service provider?
After all the CSA, being tasked to ensure the robustness of cybersecurity in Singapore, must carefully decide how much of its work must be kept highly confidential and how much of it can be in the hands of outside parties. Only then will businesses feel that they are protected from ransomware attacks.