Regular cyber security breaches have become an unwelcome reality in the ever-evolving landscape of digital interconnectedness.
Across the Asia-Pacific (APAC) region, all kinds of businesses have found themselves in the crosshairs of malicious cyber actors, challenging their resilience and exposing vulnerabilities wherever they are found.
However, amid the chaos and disruption, a notable narrative begins to emerge – that of APAC brands rising above adversity and demonstrating fortitude and the ability to bounce back in the wake of serious cyber attacks.
The term ‘success story’ is one that comes with a range of caveats here. There are often devastating consequences to cyber security breaches and in many cases they include large fines and lasting damage to reputation. But sometimes, ‘success’ lies in ensuring the right response follows a crisis, no matter how severe.
Here we shed light on some of the strategies, swift actions and forward-looking investments that have allowed APAC brands not only to weather the storm but, in some cases, emerge stronger, fortified and better equipped to navigate the intricate landscape of cyber security challenges in the future.
Cathay Pacific
In October 2018, Hong Kong-based airline Cathay Pacific disclosed a security breach where hackers gained unauthorized access to sensitive passenger data such as names, contact details and passport information.
Investigation of the breach, ongoing since 2014 but detected in May 2018, revealed two distinct hacker groups at work, one of which installed password-stealing malware to access administrative systems. Around 9.4 million passengers worldwide were affected.
In response, Cathay Pacific took measures to enhance security, focusing on data governance, network security, access control, employee education and incident response. They cooperated with authorities and affirmed that no evidence of data misuse was found, but also acknowledged the need for continuous investment in evolving IT security systems due to escalating cyber threats.
While the UK Information Commissioner’s Office (ICO) imposed a £500,000 ($US635,000) fine on Cathay Pacific in 2020 as a result of the breach, the company pledged ongoing cooperation with authorities and reiterated its commitment to safeguarding personal data.
True Corp
In 2018, Thailand mobile operator True Corp experienced a significant data leak involving personal information of 11,400 customers who had purchased mobile packages. In a swift response to the breach – discovered by a security researcher, who promptly notified the company about the unauthorized access – True Corp fixed the vulnerability, and efforts were made to inform the affected customers about the steps taken to secure their data.
The incident served to strengthen the company’s ongoing commitment to data security. True Corp cyber expert Kittipong Thiraruengchaisri told an audience at Thailand National Cyber Week 2023: “True Corporation is enhancing its guards and protections. There have been well-documented cases of online corporate fraud as well as fraud committed against individual users, and as the number of people accessing the internet increases over the years, the volume of cyber crime has sharply increased with it.”
Thiraruengchaisri added: “True Corporation is upgrading its knowledge to provide better security, ensuring safer online experiences for all customers and prosperity for the industry.”
Singtel
In 2022, Singapore Telecommunications (Singtel) suffered a dual cyber attack on its Australian arm, Optus, which jeopardized data belonging to former and current personnel, clients and millions of customers. In a prompt response, Singtel's CEO, Yuen Kuan Moon, allocated a substantial A$140m to address the aftermath.
The CEO announced a comprehensive approach to the problem, with a focus on group-wide actions. The earmarked funds were used to launch an external and independent review, provide affected parties with credit monitoring services, and facilitate the replacement of compromised identification documents.
Moon also stated: "We are working with federal and state government agencies to address concerns, to learn from this and to share the learnings with the business community and public to improve cyber awareness."
Singtel's multifaceted strategy aligned resources for investigation, mitigation, and future preparedness, while efforts underscored the company's commitment to enhancing collective cyber resilience.
Medibank
Australian private health insurer Medibank faced a massive setback when hackers breached its systems in 2022, compromising sensitive data belonging to almost 10 million current and former customers.
Upon discovering the breach, Medibank opted against complying with a $US10m ransom demand made by the hackers. Instead, the company concentrated on working to safeguard their customers and data going forward. The company launched a cyber response support program to aid affected individuals and fortified their technical perimeter by enhancing authentication measures.
A notable aspect of the attack was the criminals' release of sensitive data to the dark web after Medibank declined to pay the ransom. Despite this, the company redoubled its efforts in assisting customers while strengthening their cyber security defenses via its Operation Safeguard program.
Medibank also bolstered phone and messaging resources, implemented enhanced security measures for customer interactions, and ensured the continuation of operations to guarantee service availability.
Additionally, the company engaged Deloitte to carry out an external review, underscoring its openness to thorough investigation and improvement.
Despite the challenging circumstances, Medibank's stock rebounded following its response, signaling a renewal of investor confidence.
NIC Asia Bank
In 2017, NIC Asia Bank, headquartered in Kathmandu, Nepal, suffered a cyber attack involving fraudulent money transfers via the SWIFT interbank messaging service amounting to $US4.4m. Attackers targeted the bank’s systems to transfer funds to accounts in multiple countries including the US, UK, Japan and Singapore.
According to NIC Asia Bank, its SWIFT server – which, the bank emphasised, is completely separate from its core banking system where client information and bank balances are maintained – was taken offline immediately after the suspicious transactions were spotted.
NIC Asia Bank then wasted no time in alerting Nepal's central bank, Nepal Rastra Bank (NRB), which helped to enable the recovery of $US3.9m, mitigating a significant portion of the financial loss.
In addition, NIC Asia Bank took the initiative to engage KPMG India for a comprehensive digital forensic review.
The attack followed a $US81m hacking theft via SWIFT from the Federal Reserve Bank of New York account belonging to Bangladesh Bank in 2016.