A new study from e-security firm Kaspersky is urging the Philippines to take a more active stance in prioritizing cybersecurity against the backdrop of constantly evolving cyber threats.
A critical move towards achieving cyber-resiliency would potentially support the growth of local businesses, foster current digital opportunities, and mitigate dangerous risks to the country’s economy, the report said.
Just like its neighbors in Southeast Asia (SEA), the past five years saw the country consistently hit by various cyber threats ranging from web attacks, remote desktop protocol (RDP) attacks, and mobile malware.
Data from Kaspersky Security Network (KSN) show that Web threat attempts against Filipino users of Kaspersky software grew 432.75% from 9,487,775 in 2017 to 50,544,908 in 2021. In Kaspersky’s global ranking of most attacked countries, the Philippines climbed from the 30th spot to 4th place in just five years.
With the pandemic-borne shift towards remote working, the overall RDP attacks versus local businesses rose by 141% from 2019 (2,549,698) to 2021 (6,150,891). RDP enables computers running Windows on the same corporate network to be linked together and accessed remotely, even when employees are at home.
Mobile malware attacks may have dropped sharply in the Philippines from 2019 to 2021 by 69% but according to Kaspersky, there are indications that Trojans are injected into third-party ad modules and new Trojans are being discovered —proof that cybercriminals have become creative and sophisticated in their approach.
As far as the local government is concerned, legal policies and regulatory frameworks on cybersecurity have already been laid out and are currently in place. Kaspersky executives urge the state to collaborate with its neighbors and private companies to further build its cyber-resiliency.
“Looking at the Philippines’ unique cybersecurity landscape and how it is dealing with cyberattacks, it appears that the country is now in the intermediate stage of cybersecurity readiness. Intermediate-level countries are those that have identified cyberattacks as areas they need to look into and have attempted to make some inroads. The goal is to have the country move to the Advanced stage where we hope to see it doing more in terms of development,” said Genie Gan, head of public affairs and government relations for Asia Pacific & Middle East, Turkey and Africa at Kaspersky.
Gan says that while the cybersecurity landscape in the Philippines is distinct from the rest of SEA, it is still interconnected with its regional neighbors in so many ways.
“This is why we encourage the government regulators to begin boosting its cyber capacity-building and cooperation efforts. These two are basically the building blocks of cybersecurity,” she said.
Gan recommended the following specific action steps for the Philippines’ cybersecurity:
- Continuous promotion of security awareness and digital education for its more than 76 million users
- Growing its pool of cybersecurity talents
- Public-private partnerships
- Regional and international cooperation between countries and industries
From Kaspersky’s experience, an effective formula includes constant improvement of security awareness. This includes engagement with the wider cybersecurity community and stakeholders including cybersecurity providers to validate and verify the trustworthiness of their products, internal processes and businesses — an important pillar held by Kaspersky and implemented within the overall framework of its Global Transparency Initiative (GTI).
One of the GTI’s cornerstones included the opening of a network of Transparency Centers — in Zurich (Switzerland), Madrid (Spain), Kuala Lumpur (Malaysia), São Paulo (Brazil), Singapore, Tokyo (Japan), and Woburn, Massachusetts (the United States).
This global network of Transparency Centers serves as facilities for trusted partners and government stakeholders, responsible for cybersecurity, to review the company’s code, software updates, and threat detection rules. The Transparency Centers are fully operational and available for on-site (physical) and remote access.
Kaspersky also advised that countries like the Philippines continually promote skills training and enhanced collaboration to support incident response capabilities and ensure the safety and wellbeing of their citizens.
“Cyber threats are here to stay as it is parallel with the digitalization drive in the Philippines. A latest study even projected a 5-trillion peso digital economy in 2030, a huge opportunity that will be realized best if digitalization efforts are built upon trusted and transparent cybersecurity foundations,” said Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky.
“Organizations, industries, and governments will always be lucrative targets for cybercriminals but through collaborative multi-stakeholder efforts, we can explore strategies and expand our cybersecurity implementation as we enhance our confidence and trust in technology. When a country achieves cyber-resiliency, the digital future no longer becomes a scary unknown realm but a place with endless opportunities for growth,” he adds.