The construction, engineering, and infrastructure sectors in Southeast Asia continue to be impacted by cybercrime as businesses keep growing and embracing new technologies and digital ways of working.
Cyberattacks on organizations in critical infrastructure sectors have risen dramatically, from less than 10 in 2013 to almost 400 in 2020, according to Gartner. These industries face cyber security risks from data breaches, phishing attempts, or ransomware attacks that can cost them billions of dollars. On top of that, there is the widespread use of unlicensed software for design purposes in the industries which is extremely vulnerable to cyber crime and a massive risk.
To help business leaders build a strong defense against cyber threats, BSA | The Software Alliance has recently launched a survival guide which outlines arising cyber risks and offers advice on how business leaders in Southeast Asia can enhance cyber security for their businesses.
Titled “A cyber security survival guide for construction, engineering and infrastructure businesses in Southeast Asia,” this survival guide, published in e-book format, is designed to help leaders in the infrastructure industry in the region recognize the threats and minimize the risks that businesses, clients, employees, and, ultimately, the public face. The e-book can be downloaded for free here: LINK.
“No country or organization in the ASEAN region is spared the threat of fast-evolving cyber crime. Given their position among the fastest-growing digital economies in the world, ASEAN member countries have become a prime target for cyberattacks. Because we know business leaders face multiple challenges and may not have the time to commit to studying the issue, we endeavored to create this survival guide. Our hope is that the industries building our infrastructure find it useful – and that it helps to keep us all safer,” said Tarun Sawney, Senior Director, BSA | The Software Alliance.
Cyber security: the criminals, the risks, and the protection
The survival guide describes 4 different types of cyber criminals, including unethical competitors that seek an edge by gaining access to confidential data through cyber intrusion, online criminals who seek financial gain through phishing attacks or ransoms, hacktivists who use cyber intrusion to expose or discredit business activities to delay or stop a major project, and malicious insiders or disgruntled employees who use their access to business data or networks to conduct malicious activity.
These criminals are targeting construction, engineering, and infrastructure firms because these businesses have typically high-value transactions and large amounts of data which entice cyber criminals.
Construction businesses extensively use services from sub-contractors and suppliers that involve large numbers of high-value payments which makes them an attractive target for spear phishing, an attempt to trick the business into paying money into the criminal’s account. Valuable information in the infrastructure industry such as designs, bid data, material pricing, payroll, profit and loss statements, and bank information may also appeal to cyber criminals who can use them for identity theft or phishing attacks.
According to authorities, cyberattacks against private infrastructure industry are happening on a weekly basis in Southeast Asia.
With such rise in threats, the survival guide offers recommended practices for leaders to protect their businesses from cyber crime. Business leaders should consider engaging and training staff on how to keep safe from cyberattacks, ensuring all software is licensed and secure as it is a first approach to cyber defense and security, following sound advice and guidance for IT staff, keeping all IT equipment up to date with the latest version, being precautious when connecting to public Wi-Fi hotspots, avoiding the use of predictable passwords, using 2FA for important accounts, and employing cyber security when collaborating with suppliers and partners.
As part of the effort, BSA has also recently launched a new helpline for software license compliance to help business leaders cope with challenges related to software copyright compliance in the wake of reports about ghost piracy cases in Southeast Asia. The helpline, along with this survival guide, will help ensure businesses are using the appropriate approach to software compliance to keep their businesses safe.
“A cyber security survival guide for construction, engineering and infrastructure businesses in Southeast Asia” is available in English, Bahasa, and Thai languages. It includes messages from relevant authority figures in Indonesia, Malaysia, the Philippines, and Thailand, stating the danger of cyber crime, the importance of cyber security, and the recommended practices businesses should take.