Cyber criminals 'wielding more powerful malware'

Cyber criminals have become so adept that standard anti-virus software and firewalls cannot properly protect IT networks, according to an American expert.

Security specialist Tom Kellerman told The Straits Times that hackers now go to underground bazaars to buy purpose-built software that can bypass standard protections.

Developers of malicious software, or malware, have created stealthier and more intelligent strains that can stay undetected for a longer time so they can keep stealing data in the network, he noted.

"To maintain access without discovery, the malware can continuously rewrite its own code so as to evade detection," added Mr Kellerman, vice-president of software security firm Trend Micro.

He had served as Commissioner for Cyber Security during President Barack Obama's first term.

Mr Kellerman estimates cyber crime cost about US$300 billion (S$373 billion) globally last year, including money lost to intellectual property and credit card theft.

This is more than the US$285 billion involved in crimes related to narcotics globally.

The danger is that the cyber criminals will soon expand to other areas like cyber extortion, he warned, noting: "They can extort money from a company... (by threatening to) inject malware to damage its IT networks."

Mr Kellerman was responding to the spate of online attacks that have hit Singapore websites. Recently, a YouTube video posted by a hacker called "Anonymous" threatened to bring down Singapore's infrastructure in a show of protest against licensing regulations on online news sites.

Last week, Ang Mo Kio Town Council's homepage was attacked and last Friday, a section of The Straits Times website was hit.

The threats to cyber security have prompted the Government to inject $130 million into a five-year programme to study areas like digital forensics and threat monitoring and detection. Some of the funds will also be used to train cyber security professionals.

Next year, Interpol will open an office here to examine cyber security.

Mr Chong Rong Hwa, senior security analyst at cyber security firm FireEye, said organisations need to focus on detective work and educating employees if they want to defeat the hackers.

"They need advanced technologies that can detect the intrusions and mitigate the attacks," he added.

IT network activity should be monitored and the data processed to pick out unusual trends that can indicate a targeted attack.

Mr Kellerman added that regular checks should also be made to ensure that the IT network and infrastructure have not been modified without approval.

Educating employees on the risk of sharing too much corporate information on social networks and how they relate to cyber security is also key to mitigating the attacks, he said.

Cyber threats can also be political in nature but they can have economic and financial consequences, said Mr Chong.

He said there are about six botnets that are circulating in IT networks in Singapore. A botnet is a network of PCs that are infected with malicious software and controlled as a group without the owners' knowledge.

Some are targeted against different industries and government agencies while others are aimed at senior executives.

"Some malicious software is embedded in text documents or Web browsers. If you download the documents or surf the Internet, then you will be infected," he said.

Mr Kellerman noted: "All organisations have been compromised by malware in some form or other and the volume and veracity of cyber threats are increasing exponentially.

"It is becoming imperative for companies to have security solutions that protect their networks and the devices that access the networks and which can work across all business groups."

Get a copy of The Straits Times or go to straitstimes.com for more stories.