Cyber Sleuths at Work

The cost of ransomware to businesses globally is forecast to exceed US$5 billion in 2017, up from Microsoft’s estimate of just US$350 million in 2015. Michael Gazeley is Managing Director and co-founder of Network Box Corporation, a cybersecurity service provider that protects many of the world's best-known organisations. The Hong Kong-based expert explains how companies, large and small, can protect themselves from attack.

How does malware get in?
Most people have become mindful of suspect-looking emails. But you don’t have to open an email or click on a link to get infected these days. A recent attack used Microsoft PowerPoint [as the entry point] – where merely hovering over a link introduced malware onto one’s computer. Hackers can also attack via a printer, CCTV or any smart device. If you’re connected to the Internet and don’t have an adequate firewall, intrusion prevention and anti-malware [software] – especially if you are running Windows without the latest patches – just by getting one of these emails, it might be already too late.

WannaCry [a ransomware attack that hit victims in 150 countries in May 2017], and NotPetya in June, are evidence of malware leveraging more and more vulnerabilities. In the case of WannaCry, hackers used cyber-weapons that were stolen from the cyber armoury of the US National Security Agency (NSA). Leveraging this NSA technology allowed hackers to attack systems directly, as long as they were connected to the Internet, and not adequately protected or patched.

Are attacks becoming more frequent?
WannaCry was a cybercrime with real-world consequences. Because the UK’s National Health Service was infected, people in need of urgent medical treatment had to wait.

In reality, these attacks are non-stop, 24 hours a day. They’re fully automated, so they just keep coming. They are also becoming more lethal, and there is no hope of them going away. Everyone always looks at the last attack, but they should be looking at the next attack, and all possible avenues of attack. You can plan to be safe, or you can risk being a victim.

Tell us about Network Box.
The company was founded in Hong Kong in 2000 offering professional PUSH updated anti-virus protection, multi-layered next-generation firewalls, intrusion detection and prevention, anti-spam quarantining, and web-content filtering. We don’t just cover what’s coming in – we protect the non-obvious as well. Global monitoring is carried out from our security operations centre headquarters in Hong Kong, but we also have over a dozen additional security operations centres across the world.

Network Box utilises a large amount of technology – but some of the coolest was developed in Hong Kong. For instance, our Infected LAN (local area network) technology sits at the gateway, listening to see whether anything on your network is trying to “phone home” when it shouldn’t be. So if your printer starts trying to send confidential data to Russia or Brazil at 4am, we can detect it and stop it.

We also created PUSH update technology in Hong Kong, where our clients’ anti-virus systems are updated, on average, every eight seconds. This technology has helped us win more than 130 awards to date, and we have patented it around the world.

Why base Network Box in Hong Kong?
Hong Kong has the best Internet infrastructure in the world. We have very high-speed Internet, it’s very stable – as is our power grid – and we don’t have a terrorist threat hanging over our heads. We also have a very good rule of law, so our IP is well-protected, and just as importantly, it’s a really great place to live. Being able to attract top talent from around the world – because of Hong Kong’s favourable living environment and widespread use of English, as well as Chinese languages – has been a huge advantage for us.

Who uses Network Box?
We have 1,700 key clients across the United States, Europe, the Middle East and all over Asia. These include multinationals, large healthcare insurers like Bupa, Chow Tai Fook – the world’s largest jeweller – retail chains, banks, hospitals, lawyers, hotels, travel agencies, government departments and financial institutions. What I find a little bit sad is that we thought, 17 years ago, we would be protecting more SMEs. Unfortunately, although SMEs make up 98 per cent of all businesses in Hong Kong, most still have little or no cybersecurity protection.

Why not?
SMEs think that cyber criminals won’t come after them. Unfortunately, this thinking is naïve. Hackers are not necessarily targeting you; they’re just scanning the Internet, looking for vulnerabilities, and in turn, victims to turn into “assets.” Yet if you’re an SME, and you get hit by a major attack, your ability to recover and survive is severely limited. Apart from financial losses and the loss of data, damage to a company’s reputation can be huge.

It worries me that so many small businesses don’t even have a proper backup of their data – this should be done every day, both physically on a separate but secure hard drive, as well as in the cloud. They should download system patches as soon as they become available – this would have saved them from WannaCry, for instance. And they should invest in professionally managed cybersecurity, which will keep their networks and systems secure in this Internet-connected world, which is becoming more connected every day.

Related Link
Network Box