Potential hotbed for cybercrime

Gerald Flynn

Urgent requirement for legislation to cope with digital transformation

Computers and the development of communications have brought many benefits to society and businesses, but, as with many things, where there is good, badness can lurk behind the corner.

For the latest Cambodian Business news, visit Khmer Times Business

That adage definitely applies to the cyberworld. The 2019 Digital Economy Report published this month by the United Nations Conference on Trade and Development (UNCTAD) underscored once more the urgent need for legislation that reflects the changing of the times and calls for intergovernmental responses to digital transformation.

The speed and magnitude of these changes are self-evident but, considering the jump in internet traffic from 100 gigabytes (GB) per day back in 1992 to 45,000GB per second in 2017, clearly there are gaps that governments are slow or even unable to plug because of the rapid technological advances of our age.

The UNCTAD report predicts internet traffic to reach 150,700GB per second as early as 2022 and recognises that, depending upon definition, the digital economy is worth anywhere between 4.5 percent and 15.5 percent of the world’s gross domestic product (GDP).

When the Ministry of Industry and Handicraft conducted a survey among 109 companies from 10 sectors about Industry 4.0 in Cambodia, they found that 60 of the companies interviewed didn’t know what Industry 4.0 was, while just 9 percent were actively operating technologies such as articial intelligence (AI), machine learning, the Internet of Things or Cloud technology in their businesses.

Businesses may well be left behind when the digital revolution is truly realised, a fact that the UNCTAD report recognises as a potential driver for more accelerated inequality if left unchecked.

Beyond the economic aspect, the social and human impacts of failing to adapt were also highlighted this month as Thomson Reuters Foundation released a damning report that shone a light on just how ill-equipped Cambodia is to combat cybersex trafficking.

The investigative piece reveals that Cambodian law enforcement officers are prohibited from going undercover in sexual abuse cases, which global security experts warn has moved from the streets to the screens of internet users worldwide.

Action against criminals in this matter is further compounded by the lack of a legal framework within which to prosecute because Cambodia’s Ministry of Interior is yet to complete the much-awaited cybercrime law. The legislation has been in the works for more than two years now and is apparently no closer to finalisation.

This being said, Cambodian officials have been swift to root out numerous Voice Over Internet Protocol (VoIP) scams throughout the Kingdom, many of which have involved Chinese nationals. The General Department of Immigration reported 27 people were deported in March this year and 150 more were deported in August alone.

Cybercriminals have found a way to leverage VoIP technology to carry out a new type of scam where they can make phone calls over the internet, pose as a legitimate business and request personal and financial information.

VoIP fraud is on the rise because attackers can use a fake number. Scammers can pretend to be a government, police or bank representative and ask for – and gain – critical information.

Preventing cybercrime will take more than the passing of a law and it will require human-centric solutions – not just tech-based answers, experts say.

“I see the cyber environment as the greatest challenge to our communities, governments, and economies,” says Brian Hay, executive director of Australian cybersecurity firm, Culture Cyber Security.

He argues that more awareness is needed with regards to the susceptibility to cybercrime that we all face, claiming that most cybercriminals will target the individual first because a person is easier to compromise than an organisation.

“Societies and organisations have fallen for the search of the holy grail – the silver bullet that removes the human element from the equation – why? The IT market would have us believe that so it can generate billions of dollars of income. [This] is such mythology. As the internet population has grown, so too has cybercrime. If we can get the human factor enabled, it will reduce cybercrime significantly,” says Hay, who has previously served as Operations Commander in Australian Federal Police’s Fraud and Cyber Crime Group.

Doron Sivan, chief executive officer of Cronus Cyber Security Technologies in Israel, shares Hay’s sentiment – particularly for Asian businesses.

“Each organisation has different business processes and information security is like a suit that should fit exactly to the size of who is wearing it,” says Sivan, who has spent the past 20 years working in IT, which has naturally taken him into the realm of cybersecurity.

“Everyone buys pretty much the same solutions, but the trick is knowing how to build the protective shell that fits the specific organisation,” he adds.

He voices concerns that certain countries in Southeast Asia have fallen behind, producing a gap between best practices and cybersecurity realities, but notes that increasing national legislation within the region suggests more people are taking the threat seriously.

“We have strategically chosen to focus on the Asian market because we have identified this gap and we believe that we can allow companies and organisations to shorten the gap in a relatively short time.”

Both Brian Hay and Doron Sivan will be guest speakers at the Cyber Security Asia 2019 conference that will see 20 international experts descend on Phnom Penh’s Rosewood Hotel from Nov 4 to Nov 5 to discuss the future of cybersecurity within the region.

Related articles