How would the business of selling baking products be connected to the threat of cyber attacks in Singapore? Baking accessories and food supplier Phoon Huat learnt this the hard way when it was caught in a ransomware attack in 2016, delaying the launch of its e-commerce platform.
When Covid-19 hit, the local firm was faced with another surprise: Singaporeans were turning to baking to stave off boredom during the “circuit breaker” — and they were showing up in droves, both in person at its 18 stores then, as well as on its online store. To avoid a repeat of the 2016 incident, Phoon Huat sought the help of Darktrace, a British cyber security company, to improve its threat detection, investigation and response.
Unlike traditional cyber security firms, Darktrace uses artificial intelligence (AI)/machine learning and probabilistic mathematics to detect and respond to threats in real time.
Darktrace does this by first monitoring what is considered “normal” in the organisation. After its algorithm learns normal traffic patterns, it highlights the irregularities. A daily report on a customer’s online dashboard summarises the threats, some of which are undetectable by traditional means.
“AI is a force multiplier that helps teams focus on the areas that need more strategic insight, while autonomously performing the more time-consuming and often difficult tasks in the background,” says Sanjay Aurora, senior vice president and managing director, Asia Pacific Japan, at Darktrace.
Aurora: The challenge of cyber security has gone beyond one that is human-scalable, so organisations must now lean on the tools and technologies we have at our disposal
He adds that by employing AI to safeguard systems around the clock, Darktrace can respond as soon as an attack emerges with “precise and surgical action”. Having this capability is becoming increasingly crucial as more shoppers are turning to e-commerce.
“As Singapore’s e-commerce sector thrives, it will inevitably gather great swathes of data. However, with more data comes more risk, as it becomes a tempting target for cyber criminals,” Aurora tells The Edge Singapore.
He continues: “The e-commerce sector is also likely to leverage third parties and external suppliers, increasing the chances of supply chain attacks as the digital infrastructure within the region becomes exponentially more complex and new vulnerabilities emerge.”
Shoppers may be eagerly awaiting mega-sales days, like the upcoming 10.10 or 11.11 sales, but so are cyber criminals. “We usually see spikes in malicious activity around these times. For instance, there are always reports of increased attacks over Black Friday in the US,” shares Aurora.
If a deal is too good to be true, it probably is. “Recently, we’ve seen attackers get creative around major events. They craft very convincing phishing emails to get consumers to hand over their personal or financial details, which consumers are more likely to do during mega-sales days,” he says.
He adds that attackers are increasingly able to sneak into the “soft underbelly of an organisation” through this supply chain vulnerability.
Cyber attacks on online stores are not a question of “if”, but “when”. Aurora highlights that “cyber attackers are innovative, and will find new ways around existing, legacy-based defences”, so companies must leverage technologies that enable them to “respond in real time to mitigate the impact of any cyber attack”.
The 5G threat
Organisations can also expect to face more cyber threats as the rollout of the two nationwide 5G networks in Singapore by 2025 will increase the attack surface available for threat actors. “5G is just another step in the broadening global supply chain, and with any new link comes a new risk. So, we must ensure we have measures in place to mitigate those risks,” says Aurora. Increased automation and connectivity enabled by 5G promise to bring about increased efficiencies and greater productivity.
But with great bandwidth comes greater responsibility. “Without technology that can respond on the fly, human teams are unable to stop fast-moving and aggressive attacks, which can cause business shutdowns and reputational damage,” warns Aurora.
See: The gameplan for outsmarting ransomware
See also: On the road to becoming digital native enterprises
He also notes that National Digital Identity (NDI) initiatives like Singpass may offer nifty features like auto form-filling or authentication, but they also raise the stakes. “We will need to ensure we have technologies in place that can operate across the entirety of a digital infrastructure, and can detect and respond to attacks whenever they strike, even when humans are unable to,” advises Aurora.
He adds: “While preventative measures, like penalties for criminals, may mitigate cyber attacks, organisations also need to leverage the right technology to respond. The challenge of cyber security has gone beyond one that is human-scalable, so organisations must now lean on the tools and technologies we have at our disposal, [such as AI].”
Darktrace in the spotlight
Darktrace was hailed as a win for the London Stock Exchange when the company went public on May 6 this year, eight years after its founding.
The debut came hot on the heels of Deliveroo’s disastrous IPO, with the loss-making delivery company seeing its share price plummet almost immediately from its March 31 listing. That month, Deliveroo’s market cap halved from its initial target valuation of GBP8.8 billion ($16.32 billion) to just GBP4.5 billion.
See: Deliveroo IPO's lesson for digital unicorns: go beyond financials
Thanks to a rally that peaked in August, however, Deliveroo’s market cap has recovered to some GBP5.67 billion as of end-September.
Darktrace's headquarters in Cambridge, UK
With that in mind, Darktrace cautiously dropped its initial valuation from GBP3 billion to GBP1.7 billion on debut. The fear, however, was unfounded, as its share price has soared 178% year-to-date, representing a market cap of some GBP6.43 billion as of Sept 22.
“Now that we are a publicly listed company, we have one single headquarters in Cambridge, UK. However, we have a number of regional headquarters, and Singapore was chosen to be the headquarters for the Asia Pacific and Japan region when we launched Darktrace in 2015,” says Aurora.
Darktrace Singapore is also home to one of the firm’s three security operations centre (SOC) teams, who provide round-the-clock service. “They provide our customers with proactive threat notifications and expert advice in times of crisis, whenever they need it,” says Aurora.
Aside from Singapore and Cambridge, Darktrace also has offices in London and San Francisco.