MANILA — Cyber-attackers in Asia Pacific last year lingered undetected in the system of their target organizations for an average of 33 days, an expert said on Friday.

“It takes about one month, a little over one month, just to notice that an intrusion happened. And of course, you can’t respond, or try in eradicating, kick out the attacker until they’re there. So the defense of operation happens after 33 days,” said Steve Ledzian, chief technology officer of cybersecurity firm Mandiant Asia Pacific and Japan.

“Intrusion is really a first step for the attacker. Attackers have more things to do after intruding into the network before they can achieve their objective... We still need to continue to reduce that dwell time,” he added.

In 2018, the dwell time took in which attackers lingered in a system was around 500 days, he said.

Cyberattacks can inflict a lot of damage that cannot be solved or eradicated by the mere use of a firewall or antivirus, Ledzian said.

• DICT: National cybersecurity plan awaits Marcos approval

These attacks can motivated by the intention to extort money, collect information for espionage, or push an ideology.

Mandiant entertains calls for help for cyberattacks about thrice a day, Ledzian said.

“In the last few years, cybersecurity has changed. And the thinking was that these intrusions, they’re inevitable. Given enough time and motivation, an attacker will trick some employees to click what they should not click on. And that’s all for an intrusion to occur,” he said.

“So, the mindset changed from prevention only, to.. let’s also expect prevention failures from time to time. And let’s have the capability to notice those failures more quickly than 500 days,” he added.

CYBER-SECURITY CHALLENGES

The demand for cybersecurity is high and it is “very, very hard” to find cybersecurity professionals, Ledzian said.

“You can may hire junior analysts and train them up over time. But what you’ll find is once they become very good, it’s hard to retain them because there’s so much demand in the market for cyber talent,” Ledzian said.

By 2025, there could be 3.5 million available cyber-related jobs globally due to high demand, he said.

Organizations need to invest in cyber infrastructure for their own security, the expert said.

• Despite being top BPO player, PH has fewer cybersecurity experts than rivals: study

“The average organization has somewhere between 30 and 50 different types or layers of cybersecurity controls, doing various things... can I stop this new attack that I’m reading about in the headlines,” he said.

And while digital transformation is good for governments, business organizations and individuals, this is also an opportunity for attackers, he said.

“The more technology you have, the more attack surface you have. The more things that attackers can poke at, to try to gain entry into your system,” Ledzian warned.

Speaking at the “Tech Talks” workshop where Google briefed Senate employees about the development of internet technology and its dangers, Ledzian also warned the public about the metamorphosis of “ransomware” the siphons the information from a hacked email account and hostages it unless the user pays to re-access his or her data.

Watch more News on iWantTFC

In a statement, Senate President Pro Tempore Loren Legarda also reminded the public to remain vigilant against the growing cyberspace threats.

“As we enjoy the benefits of technology and advancement, we must not forget the risks and threats... we are also pushing for a digital literacy bill that will make sure that our nation is equipped with the proper tools in the digital realm,” Legarda said.

• PH cybersecurity a priority for US as BPOs handle Wall St back office: embassy
• Cyberattacks on PH firms could cost P6 billion a day: group

Watch more News on iWantTFC