Kaspersky chief executive officer Eugene Kaspersky said the last two years had seen a new wave of attacks that exploited critical vulnerabilities in the ICT supply chain.
"The world saw some high profile incidents where cyber criminals took advantage of the weaknesses of ICT vendors, and used them as attack launch pads with many targeted in one fell swoop,” he said in a statement after the fourth APAC Online Policy Forum.
He expects the supply chain attacks to be "a growing trend in 2022 and beyond” as cybercriminals try to further monetise this threat. Hence, he said short and long term strategies should be looked into by both government and private sectors.
"Short term solution includes improving procedures and regulations on ICT supply chain infrastructure (while) the long term solution is to make systems immune.
"This means even if there is a vulnerability in an ICT supply chain component, this weakness will not impact the whole system, or "carry over to other components in the chain,” he said.
At the same forum, CyberSecurity Malaysia chief executive officer Datuk Amirudin Abdul Wahab said awareness and education are needed across all sectors, including small and medium enterprises (SMEs), and noted that many do not have the budget to improve their cybersecurity defenses.
Indonesia Communication and Information System Security Research Center (CISSReC) chairman Pratama Persadha said one way to minimise risks is to improve cybersecurity capabilities.
"The main obstacle is the lack of understanding surrounding the importance of cybersecurity,” Pratama said. "Stakeholders must consider significant investment in order to raise the overall standard of cybersecurity to improve ICT supply chain resilience." - Bernama