Concern over cybersecurity | The Star

The city-state has the dubious honour of ranking No.6 in the world for having the most databases exposed to the Web last year which hackers could easily breach and exploit.

The number of such susceptible databases here was also found to have grown steadily throughout the year with increased digitalisation during the pandemic, according to the study released on Wednesday by cybersecurity firm Group-IB.

This suggests that while many organisations went digital during Covid-19, database security might not have kept up.

The United States took top spot with close to 93,700 exposed databases found, followed by China with nearly 54,800. Germany was a distant third with almost 11,200 databases. Sixth-placed Singapore had almost 5,900.

Globally, 308,000 databases detected last year were potentially open to hackers.

This comes at a time when cyber threats here have grown. A Cyber Security Agency of Singapore report last July showed that “zombie” devices linked to the Internet and infected with malware that allows hackers to control them and launch cyberattacks, trebled in numbers here during the pandemic.

Under Singapore’s Personal Data Protection Act, a company can be fined up to S$1mil (RM3.15mil) for a data breach.

But from Oct 1, this will be raised to a maximum of 10% of the company’s annual turnover in Singapore or S$1mil, whichever is higher.

Databases opened to hackers are a concern.

“When an exposed database gets accessed by an unauthorised malicious party, the consequences can range from a data breach to a subsequent follow-up attack on the employees or customers whose information was left unsecured,” said Tim Bobak, Group-IB’s attack surface management product lead.

Group-IB is one of Interpol’s official partners and has worked with its cybercrime team.

Bobak said Singapore’s number of databases is found to be higher than other territories and this might simply reflect the fact that it is a highly developed area that hosts a larger number of information technology assets.

“Another reason might be the high level of digitalisation in Singapore,” he said.

Freddy Tan, an executive committee member of the Association of Information Security Professionals, said a lack of awareness of data protection and security among organisations here could be a contributing factor as well.

“If you look at economies like Australia, they have a longstanding culture around data privacy. But we don’t have such a long history on data protection,” said Tan, who is also managing director of cybersecurity firm Epic Cybersecurity.

He added that the focus of cybersecurity professionals and management in many organisations here is on infrastructure security – such as having firewalls and anti-virus software – but not data security.

Group-IB had scanned the four most popular and commonly used database management systems globally between the first quarter of last year and the second quarter of this year.

The scan did not collect and analyse the content of any exposed databases found and it was not clear which organisations the databases belonged to.

Some of the databases found could be publicly accessed without even needing a username and password.

In other cases, the databases might be protected by passwords.

But Bobak said passwords alone are not enough as they can be breached using lists of stolen passwords or simply “brute forced” – using software to guess the passwords by trial and error.

In Singapore, the number of exposed databases discovered grew fairly regularly, at around 1,500 databases every three months after the first quarter of last year.

There were 1,239 exposed databases discovered in the first quarter of last year. By the fourth quarter of 2021, the figure had grown to 5,882. The number jumped by almost 2,000 to hit 7,873 in the first quarter of this year.

Bobak said that as more organisations go ahead with their digital transformation plans, there are more and more Internet-facing services and devices every day.

“Corporate networks keep getting more complex and extended. This leads to an increase in the total number of misconfigured databases,” he said.

The main cause of not configuring databases properly here is likely human error and a failure to follow cybersecurity practices.

To help prevent database exposure while organisations’ networks grow, Bobak said it is important for them to have a complete and updated list of their digital assets, as well as use tools to help manage them.

Workers should not be allowed to use a system’s original log-in details, or use “admin” as the username and password. They should use strong passwords. Additional ways to verify a user’s identity should be in place, too. — The Straits Times/ANN

Comments are closed.