15 July 2022 | Asia Cyber Summary

In the Spotlight this Week:

• Razer Takes Capgemini to Court Over Data Breach
• Japanese Multinational Video Game Publisher Confirms Hacking by Ransomware Group ALPHV
• North Korean Cyber Attacks on Cryptocurrency Rises
• Pakistan and China Concerned Over India-Israel Cyber Partnership
• The Race to Fight a Cyber Threat of the Future

‍

Razer Takes Capgemini to Court Over Data Breach

Razer Inc., a lifestyle brand for gamers, is suing Capgemini, an info-technology company, for at least USD 7 million for a cyber security breach that occurred in 2020. The breach occurred due to a security misconfiguration which resulted in the leak of confidential information of Razer’s customers and its sales, over a period of three months. Razer Inc., has accused Capgemini of manually disabling a platform, which collects and processes large datasets from various sources to a centralized location, on the same day the data breach occurred. Both Razer Inc. and Capgemini are global brands that are trusted within their respective industries. With increased digitization, more businesses are falling prey to data breaches. As a result the Singapore government has proposed fining companies up to 10% of a company’s annual turnover in Singapore, or SGD 1 Million, whichever is higher, should a company be found guilty of data breach.

Japanese Multinational Video Game Publisher Confirms Hacking by Ransomware Group ALPHV

Bandai Namco, a multinational video game publishing company known for games such as Pac Man, The Tales of Series, and Elden Ring, has confirmed that they have been hit by a ransomware attack by a group known as ALPHV. 

The ALPHV ransomware gang is believed to be a rebrand of the DarkSide/BlackMatter gang, which gained notoriety after attacking the Colonial Pipeline and faced pressure from international law enforcement. Today, the ransomware group is considered one of the largest threat actors to hit MNCs such as the Monocler fashion group and the Swissport airline cargo handling services provider.

Bandai Namco Holdings Inc., has confirmed that it has experienced unauthorized third party access to internal systems of several group companies in Asian regions, excluding Japan. This includes access to customer information related to the Toys and Hobbies businesses. The company has taken steps to proactively block access to their servers to prevent the damage from spreading, and is currently identifying the scope of damage and investigating the cause of breach.

North Korean Cyber Attacks on Cryptocurrency Rises

As North Korea faces increasing pressure from the international community with economic sanctions and resources shortages, cyber attacks on cryptocurrency and tech firms by North Korean hackers will only increase in sophistication. 

A report has estimated there to be approximately 7,000 full-time North Korean hackers that generate overseas crypto income for the regime through cyber attacks, ransomware, and crypto-protocol hacks. The North Korean hackers are also responsible for some of the largest cyber attacks, on cryptocurrency bridges based in Asia, which were targeted through unsuspecting employees of these crypto organizations.

Pakistan and China Concerned Over India-Israel Cyber Partnership

Pakistan has long viewed India-Israel relations with contempt, due to the fact that Pakistan does not recognize Israel as a country. 

In the last decade, India-Israel relations have been growing stronger as the Prime Minister of both countries have vowed to strengthen their relationship in various domains, with cyber security being one of the key pillars. As a result, both India and Israel have been subject to cyber attack campaigns originating from China and Pakistan. This has further incentivised India to purchase Israeli cyber and border defense technology. 

In August 2021, Israel suffered from a China-linked cyber attack on dozens of its private and government organizations as part of a cyber espionage campaign to seek information to influence business decisions. Israel was also hit by another group of hackers who attempted to conceal their identities by using Farsi language as parts of their code, in order to masquerade as Iranians.

The Race to Fight a Cyber Threat of the Future

The announcement of a new cryptographic algorithm designed to withstand an attack by a quantum computer has been made by the US Commerce Department’s National Institute of Standards and Technology. 

In cryptography, many algorithms designed to encrypt data have been around for decades, meaning that there has been sufficient time for many researchers to break the algorithm. In theory, an encrypted message can be reverse engineered, but it would take an immense amount of time to do so. At present, computers use binary units to reduce all information to 1s and 0s to subsequently perform calculations. However, quantum computers can function on more than two binary units at a go, which enables such computers to process much more data within a shorter amount of time. By comparison, what would have taken a modern computer years to decipher, might take a quantum computer hours or minutes to process. 

Therefore, everything previously encrypted by computers today would be vulnerable to a quantum attack. While such quantum computers have yet to come into existence, knowing that a breakthrough will come eventually should be enough to force governments to start preparations for the future of cyber security.