Understanding the threat landscape in the APAC region and why it’s concerning

• One of the fastest-growing types of cybercrime is the increasingly sophisticated cyberattacks targeting key infrastructure in APAC
• There is no one-size-fits-all network architecture model that works for all businesses, so organizations should adopt a forward-looking strategy

The threat landscape continues to become complex as cybersecurity incidents continue to be a menace for organizations globally. Although many of the high-profile cyber security breaches impacted well-known western organizations, the Asia Pacific region has coped with its fair share of attacks in silence. Similar to the western world, businesses in this region deal with a complex threat landscape full of sophisticated cybercriminals out to steal sensitive information from organizations and governments.

This threat landscape includes, unsurprisingly, the emergence of ransomware. For years to come, ransomware attacks on networks, computers, and mobile devices will continue to be the most common cyber risk to the corporation.

Security teams will be particularly concerned with exploiting hybrid business environments and using automation and AI as a key approach to enhance the frequency of attacks. Additionally, there will be a sustained focus on double-extortion tactics, which use social media to increase the pressure on victims while leaking data online to extort victims.

Of course, ransomware isn’t the only threat that is causing havoc in the region. In fact, the threat landscape continues to evolve and become more sophisticated in this region.

In light of this, Tech Wire Asia had the opportunity to speak with Tommy Li, Vice President of Tencent Cloud, to speak about the current threat landscape in the region and whether or not the use of legacy infrastructures is still reliable and relevant in the face of complex cyber-attacks.

Could you share some key insights on how the APAC region’s threat landscape has expanded?

Southeast Asia is one of the fastest-growing digital markets in the world, with 125,000 new users coming online every day. Smartphone penetration has skyrocketed, with over half (53.9%) of Southeast Asia’s population now owning smartphones in 2022, while hybrid work has heralded the Bring-Your-Own-Device (BYOD) boom. For businesses, the digitalization boom is echoed by a rapid migration to cloud, with IT cloud spending in Asia-Pacific expected to triple to more than US$116 billion by 2024. The use of cloud in itself is also becoming more intricate: over 80% of enterprises in the region are operating in a hybrid or multi-cloud environment. Correspondingly, half of these organizations require workload and data interoperability between the different types of cloud services. This highlights the multiplicity of network infrastructure and systems required to fuel the region’s digital demands.

Against this backdrop, increasingly sophisticated cyberattacks against critical infrastructure in the region are becoming one of the fastest-growing forms of cybercrime, driven by the globalization of infrastructure as well as the progressive use of interconnected and centralized control systems. Southeast Asia also accounted for 39% of the total overseas distributed denial-of-service (DDoS) attacks in the first half of this year, according to a report that Tencent Cloud released in conjunction with the application security company, NSFOCUS.

While businesses here have grown increasingly aware of the threat landscape they are facing, cyber spending has not matched up. In fact, a recent survey found that 41% of businesses across APAC expect to suffer a major breach that could have been avoided through better investment, higher than in the Americas (29%).

Governments here, on the other hand, recognize and are actively responding to the changing threat landscape, and are putting in place data protection standards and practices across public sector entities. As cyber threats continue to grow in sophistication, this is an encouraging indication of how public and private sectors can work closer together through technology and knowledge sharing, to better defend against malicious attacks.

What are some pertinent challenges that businesses are currently facing?

While every company is now employing the use of technology in one way or another, the kind of challenges that different businesses are facing and how they react to emerging threats on their digital transformation journey is often influenced by factors such as the entrenchment of legacy systems and openness to change.

We find that many companies struggle with the process of evaluating the array of digital solutions available, and understanding which solutions are the best fit for their business needs. There are indeed many consequential considerations when it comes to digital transformation initiatives, such as the capital-output ratio, efficacy of new solutions, or even whether employees are equipped with the relevant skill sets to leverage these technologies. The latter is particularly important as companies tend to forget that digitalization does not involve only technology.

Companies have also found it difficult to balance short-term and long-term objectives. To capitalize fully on the benefits of digital solutions, employees need to be able to make use of these solutions to drive productivity and efficiency. This is likely to require a reshaping of organizational culture, starting right from the leadership floor – which might not take immediate precedence. Yet, because a whole-of-organization approach is needed to drive such a cultural shift, it is crucial to keep employee skillsets top of mind even in the short term. This is a perfect example of how long-term needs often get neglected in lieu of stopgap measures that deliver business benefits in the near term.

We believe that what should underpin any decision-making is whether the digital solution adopted can help the business build long-term digital capabilities, and balance different business priorities. For example, enhancing network performance cannot come at the expense of security, and vice versa. Similarly, resources must be allocated to providing opportunities and incentives to employees to encourage continuous upskilling. Ultimately, this will cultivate a workforce that is receptive to and adept at utilizing new technologies to their fullest potential.

With the globe becoming more and more dependent on technology, how has the regional network environment altered recently? Is it more complex?

While digitalization has no doubt intensified the complexity of operating environments for businesses, it has also led to significant breakthroughs in the regional network environment. Network quality in particular has improved, especially as governments in the region recognize the importance of connectivity in the digital economy and have accelerated efforts to build necessary network infrastructures. That said, network development remains uneven across the region. Singapore, for one, has an average network download speed of 49.9Mps as of late 2021, one of the highest in the world. Meanwhile, the average download speed in most other Southeast Asian markets is below 20Mps. This means that businesses looking to offer digital products and services cannot employ the same approach to every market, nor can they continue to rely on centralized data management while ensuring low latency for users in local markets. In fact, with the wide array of digital services available, users today view low latency as a baseline to enjoying these services.

At the same time, the rapid adoption of technology has also left the regional network environment more vulnerable to evolving cyber threats. As noted earlier, Southeast Asia emerged as the hardest-hit region for distributed denial-of-service (DDoS) attacks, accounting for 39% of total attacks globally. This underscores the importance of keeping security top of mind as organizations navigate an increasingly complex network environment. Furthermore, a traditional approach to security is no longer effective in today’s Industrial Internet of Things (IIoT) era. The emergence of advanced technologies like cloud computing, big data, AI and blockchain over the last 10 years amid a mass migration to the cloud has signaled a need for data security strategies to become more wide-ranging and extensive. This covers everything from edge security to cloud-native, and AI to defense-in-depth.

Is the traditional network architecture now as reliable as it always was? Or is it finally time for organizations to modernize?

Organizations should be taking a forward-looking approach when it comes to network architecture, as there is no one-size-fits-all model for every organization. Instead, organizations need to constantly review their business needs and evaluate if their network architecture is well-fitted to support these needs, or requires modernization. This appraisal process also involves taking a step back to consider the wider business landscape that firms are situated in, and the demands of the users they are serving. In today’s digital era, this would mean ensuring that their network architecture can keep up with low latency demands and security concerns. The latter is especially key in helping organizations stay ahead of the curve, as consumers become increasingly discerning about data security. In fact, a survey conducted earlier this year found that 90% of Asian respondents had concerns about corporate data practices, and over 60% said that a company’s data practices are important in their decision to use certain products or services.

We believe that firms’ network infrastructure needs to provide the flexibility to scale, as well as the agility to respond to the adoption of rapidly evolving technologies and changing user expectations. Take for example the case of an Internet video application now venturing into livestreaming services to meet consumer demands for real-time engagement. As livestreaming requires higher quality network performance, the platform now needs to be optimized to respond to network issues like transfer lag, packet loss in mobile environments, and even network switch problems. In such instances, upstream push which is prone to lag might adversely affect the playback experience for users. This would then justify the need to update existing systems, be it through overhauling current network architecture or adopting digital solutions that can help close these identified loopholes.

Given that the APAC region is a popular target for cybercriminals, what can firms in the region do to lessen network breaches?

As the region continues to digitalize, network performance requirements and traffic for businesses will only increase from here on out. Security strategies need to evolve in tandem with these complex network environments, and the key to doing so is adopting a long-term and integrated mindset towards balancing security and network performance.

From our experience working closely together with customers over the last two decades, we see that organizations often take a rather short-term view when it comes to their security approach. This was especially so during the pandemic when firms scrambled to digitalize, to ensure business continuity within the organization, as well as to harness users’ increased demand for digital services amid global lockdowns. Bettering network performance via digitalization was often seen as a priority in order to meet user expectations, in comparison to investing in security. Even now, we see that many organizations govern security and network performance separately.

The right digital solution needs to be able to support the long-term building of digital capabilities for organizations, and we believe security, just as much as network performance, is critical in fortifying an organization’s business operations and growth. Organizations need to make provisions for the long haul, and this often starts with adjusting mindsets to understand that there is no need to prioritize one consideration over the other. Choosing an integrated solution that drives both security and network performance in parallel is the ideal strategy. This also drives overall cost-efficiency for the business, and makes it easier for teams to manage a single digital solution that is able to do it all.

How has Tencent Cloud EdgeOne assisted clients across industries, from e-commerce to video streaming, in successfully and securely extending to international markets?

Tencent Cloud EdgeOne addresses our customers’ needs for a one-stop platform that effectively integrates security protection and network performance. It has over 2,800 global acceleration nodes across more than 70 countries and regions with a bandwidth of 160Tbps+, and leverages Anycast architecture with 10Tbps+ of protection bandwidth. With many of these nodes located in the Southeast Asian region, we are well-positioned to support businesses here seeking high security and cloud acceleration performance.

Some of the clients we have worked with include a popular Internet video platform in China that offers high-definition video-on-demand services and synchronous broadcast of live content. As the company expanded globally and onboarded more users, its priority became the maintenance of audio and video transmission speed to optimize their users’ viewing experience, while preventing resource consumption and content piracy. Following the implementation of Tencent Cloud EdgeOne, the platform experienced an approximate 42% reduction in video loading time, a 50% cutback on resource response delay, and was able to improve efficacy in detecting malicious traffic.

Tapping on Tencent’s wider ecosystem and wealth of experience in e-commerce, Tencent Cloud EdgeOne was also deployed to support an online e-commerce platform, which carried out hundreds of billions of daily operations including user account management, activities, billing analysis and other modules. Any cyberattack would lead to business disruption and significantly affect user experience. We had helped the platform defend successfully against Challenge Collapsar attacks with peak traffic at over 9 million queries per second, and ensured there was no business outage resulting from the attack attempts.

---

---

---