JAKARTA - Cyber attacks on the supply chain of information and communication technology (ICT) continue to develop every year.
Cybersecurity company Kaspersky discovered a Trojan package originating from the June 2020 period. The malware was discovered while investigating an artifact of a supply chain attack on the Asian government's certification authority website last year.
Kaspersky researchers identified a number of post-compromise tools (post-compromise) in the form of evidence distributed using the PhantomNet malware, which in turn was delivered using the Trojan package.
Kaspersky's analysis of this chip reveals similarities with previously analyzed KoughingDown malware.
According to Head of Public Affairs and Government Relations for Asia Pacific & Middle East, Turkey and Africa in Kaspersky, Genie Gan, the real target of the threat perpetrators is the government entity.
However, because the Certification Authority is a weaker chain in this supply chain, the perpetrators decided to take advantage of the trust between the government and the Certification Authority.
The supply chain attack exploits trust ties, be it a relationship between the leading agency and the government or between small software suppliers and the company. Such attacks have grave consequences for all affected parties, on the government, the company, and very likely individuals like you and me," Gan said during the Importance of Trust & Transparency: ICT Supply Chain Landscape Kaspersky event in South Jakarta, Tuesday, October 25.
"To prevent this, defense players must operate on the basis that their systems have been compromised and look for signs of attack rather than assume that they can be prevented through the use of traditional products," he added.
Gan menyatakan, Kaspersky sendiri telah mendeteksi sebanyak 22,886,032 ancaman siber yang berbeda di Internet pada komputer peserta Kaspersky Security Network (KSN) di Indonesia hanya di enam bulan pertama di 2022.
In addition, 1.548.716 phishing efforts were blocked by the Kaspersky Anti Phishing system in Indonesia during the first half of this year.
Realizing the risks and impacts of the ICT supply chain cyberattack, countries have taken action. As far as local governments are concerned, legal policies and regulatory frameworks on cybersecurity have been implemented and are currently in place.
Gan added, although the cybersecurity landscape in Indonesia is different from other Southeast Asian countries, there are still some relationships with its regional neighbors in many ways.
This is why we encourage government regulators to start increasing efforts to increase cyber capacity and cooperation. These two things are basically building blocks of cybersecurity. The passing of the law on the protection of personal data in Indonesia has recently also been a good stepping stone for better digital defense," explained Gan.
"Looking at Indonesia's unique cybersecurity landscape and how to deal with cyberattacks, it seems that this country is now at an intermediate stage of cybersecurity readiness. Medium-level countries are countries that have identified cyberattacks as areas that need attention and are making efforts to handle them with several breakthroughs. The goal is that these countries can then move to a more mature stage," he added.
To prevent this, Gan recommended specific action measures to strengthen the supply chain of ICT in Indonesia, such as developing core principles, technical standards to ensure consistent cybersecurity levels across companies involved, follow-up national cybersecurity strategies, improving ICT supply chain infrastructure procedures and regulations.
Finally, Gan also asked for cooperation between the private sector and the public as well as the development of cybersecurity capacity.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)
