By Nishel Fernando

Sri Lanka ranks among the top three countries in the Asia-Pacific (APAC) for cyberattack vulnerability, with nearly 35 percent of internet users affected in the first seven months of the year, according to the cybersecurity provider Kaspersky.

At the entity’s annual Cybersecurity Weekend for the APAC countries, which kicked off in Negambo on Sunday, it was highlighted that Sri Lanka ranked third in terms of online threats during the January to July period this year, behind the Philippines and Nepal. Globally, Sri Lanka was ranked 22nd, with 34.9 percent of users experiencing cyberattacks.

The selection of Sri Lanka as the location for the Kaspersky 2024 Cybersecurity Weekend stresses the country’s growing importance and Kaspersky’s mission to provide comprehensive cybersecurity services to protect digital infrastructure for public and private entities, individuals, small and medium businesses, midrange and large enterprises and critical infrastructure companies.

Kaspersky Global Research and Analysis Team Director Igor Kuznetsov, addressing a packed audience of leading cybersecurity professionals, international and local journalists, chief technology officers and executives from key industries, noted that ransomware remains the most common and organised cybercrime globally, often run like a business (ransomware as a service (RaaS)). 

The most common infection vectors include the exploitation of vulnerable public-facing applications and compromised or brute-forced credentials.

“An emerging threat that should be accounted for is the compromise of supply chains and trusted relationships. Half of such cases were noticed after the attack succeeded. The most targeted industries are governmental entities, financial institutions and manufacturing companies,” Kuznetsov said yesterday at the technical sessions, which provided an in-depth analysis of pressing cybersecurity threats and potential challenges posed by the proliferation of artificial intelligence (AI).

Kaspersky Managing Director APAC Adrian Hia emphasised the need for both cybersecurity providers and organisations to adjust their cybersecurity posture, in light of the integration of AI. He stressed the importance of understanding the legal ramifications in the regions they operate in.

“For many organisations, the integration of AI is inevitable, due to its invaluable ability to process large data sets. However, the stakeholders need to be aware of data compliance, especially when combined with AI. Policies must be implemented to ensure confidential data is handled appropriately and remains compliant with laws and regulations in the area they operate,” Hia said.

The conference also highlighted the growing role of AI in cybercrime. With AI, cybercriminals can enhance social engineering attacks by creating more natural-sounding emails and input for phishing attacks, generate passwords, help code malware and even perform password attacks.

The advent of AI also means that the cybercriminals can potentially target victims with adversarial attacks, making small modifications to files, so AI systems classify malware as safe files. To enhance security and detection rates, the Kaspersky officials noted they have started imitating adversarial attacks on their own malware detection models.