Combat evolving cyber threats with proactive, virtualised cyber security

Shielding the financial services industry from cyber threats demands a proactive approach—one that targets vulnerabilities and builds defence strategies.

Traditional cyber security solutions have proven to be lacking in recent years, underscoring the need for more robust measures such as those of SPTel. The Singapore-based digital services provider offers virtualised and on-demand cybersecurity for players in the financial services industry (FSI).

In Singapore, the FSI became the leading target of phishing attacks in 2022. An alarming 80% of these attacks were traced to phishing sites disguised as financial institutions. Such incidents come with regulatory repercussions from the Monetary Authority of Singapore which, under the Financial Services and Markets Bill, enforces a $1m per-incident penalty for local financial institutions that fall victim to security breaches due to oversight.

Cyber-attacks come in various forms other than phishing. The prominent ones targetting Singaporean financial institutions are ransomware, where attackers encrypt critical data and demand substantial ransoms for decryption keys; advanced persistent threats (APTs) which are long-term, targetted attacks, aim to steal data or disrupt operations; insider threats in which employees or contractors with access to sensitive information can pose significant risks; third-party risks which stem from third-party vendors for various services that can introduce vulnerabilities; and Distributed Denial of Service (DDoS) attacks which primarily overwhelm systems with traffic and cause disrupted services, leading to financial and reputational damage. 

Phishing and ransomware have emerged and remained the primary concerns, amongst others, as per the Cyber Security Agency of Singapore. Cybercriminals have equipped themselves with sophisticated malware such as Cobalt Strike and Emotet to target banks and financial services as the digital fraud rates in Singapore were also recorded as higher than the Asia Pacific (APAC) average in 2022. 

Proactive Managed Security solutions for FSI

As cyber threats targetting the FSI become more insidious, SPTel has worked on delivering a proactive solution with its Virtualised Cyber Security in the forms of Virtual Firewall Solutions and On-Demand DDoS Attack Mitigation. Such services leverage SPTel’s software defined networking capabilities and offer a cloud-based model for cyber security deployment, unlike traditional cyber security that uses on-premise solutions that are directly dependent on hardware devices or technology procured.

These digitalised security services include a clean-pipe network that comes with DDoS attack detection as a default and enables mitigation on demand. These proactive and flexible functions could have been the countermeasure for some data breaches in FSI, such as the Bangladesh Bank Heist in 2016 and the “compromised web service” of the UnionBank of the Philippines in 2021.

Other incidents include the largest-ever DDoS attacks on internet giants Google, Amazon, and Cloudflare’s in 2023, as well as a similar cyberattack on Ukraine’s Monobank in January 2024. These could potentially also have been mitigated by SPTel’s DDoS detection and mitigation services, which provide faster mitigation with advanced L7 behavioural-based detection and mitigation, countering complex attacks on the web and mobile. Accessible via a customer portal, on demand DDoS attack solutions from SPTel can be deployed in under five minutes for effective threat response. For more comprehensive protection, a pre-subscribed DDoS mitigation plan can also be provided.

Other security services such as Web Application Firewalls (WAFs), bot management, and API protection are often integrated with DDoS protection as well, ensuring all attack vectors are covered. With these, clients get holistic protection against any DDoS attack, with minimal false positives.

On top of these, SPTel’s digital network enables virtualised deployment of firewalls and can spin up a dedicated vFirewall instance quickly. This is different from other providers, where a vFirewall is typically shared instead of a dedicated instance.  Customers can consolidate and manage multiple network sites with one centralised vFirewall. With the vFirewall, policy and patch management only need to be done once instead of having to individually update physical firewalls across different sites. These benefits result in companies having to consume less in-house resources and reduces the burden on their cyber-security teams whilst at the same time shortening their time to response especially in times of crisis.

Financial institutions can also benefit from these modern approaches in terms of scalability. With its entirely “as-a-Service” model approach (hardware, software, applications), organisations do not need to worry about planning for additional investment to scale up capacity. It also provides peace of mind when opting for a Managed Services approach, as all network equipment and hardware are managed securely within secure critical information infrastructure. The team also comprises experts in the field to provide support for compliance efforts and establish authentication rules.

With regard to pricing, customers can benefit from a “pay-as-you-go” model for on-demand services such as DDoS attack mitigation. This lowers the need to commit upfront to services that you may not consume down the road.

Building the future of financial security

Even with these modern security features in place, financial institutions are still susceptible to the risk of quantum computers that will be capable of breaking traditional algorithm-based encryption quickly, rendering today’s encryption methods useless. Cybercriminals have already devised strategies such as “Harvest Now, Decrypt Later,” where they steal encrypted data and then wait until a more powerful quantum computer becomes available to decrypt it. 

To combat these, quantum-safe networks need to be put in place today as shields for transactions and sensitive financial data. Once employed, these quantum-safe networks safeguard individuals' savings, investments, and the stability of the entire financial system.

SPTel, together with partner SpeQtral, is pioneering Quantum-Safe Network in Singapore as part of IMDA’s National Quantum-Safe Network Plus (NQSN+) project. As the appointed operator for NQSN+, SPTel is leveraging quantum cryptography and harnessing the essential properties of quantum particles for data encryption, building a comprehensive defence strategy for financial institutions. This encryption method relies on light photons instead of algorithms for encryption. Any attempt at eavesdropping will be detected, as it would affect the trajectory of the photons, resulting in the encryption key being dropped and new keys being generated without compromising data integrity. SPTel’s NQSN+ can support customers’ QKD deployment by leveraging trusted nodes that serve as secure key relays to support Quantum-Safe Network across multiple customer locations in Singapore. Paired with SPTel’s <1ms ultra-low latency network, reliable key rates for Quantum Key Distribution are ensured. QKD equipment is also housed within secure CII infrastructure and supported by SPTel’s unique and diverse fibre pathways for enhanced reliability. 

In the face of today's and tomorrow’s threats, those that are prepared to react and adapt fast will thrive and gain a competitive advantage. Take action and learn more about SPTel’s Quantum-Safe Networks today. Connect with them to secure your business for today and tomorrow.