For many global businesses, ransomware is front of mind, and for good reason. Following the most recent debilitating ransomware attack on Kaseya, the Miami-based unicorn, we are reminded of the risks, vulnerabilities and devastating effects that a targeted ransomware attack can have on not just the business directly attacked but their customers and supply chains as well.

It is no longer a question of if, but when another high profile ransomware attack will eventuate, and organisations in Asia should be on alert.

According to the CrowdStrike Global Security Attitude Survey, six in 10 organisations surveyed across the APAC region (63 per cent) suffered a ransomware attack in 2020.

Businesses must be prepared to face the coming storm, understand the prevailing trends of ransomware and bolster their defences comprehensively to safeguard their funds, data and customer trust

The uphill battle: How to fight against ransomware

When protecting an organisation against ransomware, too often we focus on reacting or recovering our systems from a catastrophic incident. Although extremely important, we forget the one simple goal we should all have– making sure that threat actors do not disrupt or impact our business, employees and customers in the first place.

When dealing with ransomware incidents, we find victims have access to security solutions, but these may well be reactive legacy solutions, only focusing on cleaning up the mess a cybercriminal has left behind – not preventing it!

Organisations today need to implement a prevention-first mindset to protect themselves. Due to the global pandemic and more people working from home, this prevention-first methodology needs to be thought about holistically.

Cybercriminals are harnessing flexible working as an opportunity to target organisations during their time of digital transformation because of the increased number of endpoints, as well as employees using their own devices at home.

For example, they are increasingly leveraging security gaps by replicating or stealing trusted network access to breach networks, undetected.

Also Read: Why Malaysia is quickly becoming a cybersecurity hub for the rest of the world

It’s paramount that organisations focus on a prevention-first mindset. Not only for endpoints but also cloud workloads, and more importantly, adopting a Zero Trust approach, meaning that all users and devices must be authenticated, authorised and continuously re-validated to gain access to data.  Having a security solution that is able to prevent first is the key first step in staying proactive in your defence.

Fight on the front lines, and turn the hunter into the hunted

Threat hunting teams are particularly instrumental in promoting a more proactive security posture. Threat hunting allows organisations to go where technology cannot; to identify the unknowns or the proverbial “needle in the haystack, in a haystack factory.”

Ransomware threats often go undetected for days – sometimes even weeks or months – as they prepare an environment for an attack. The massive ransomware attacks we see in the news are commonly a product of cyber criminals spending inordinate amounts of time preparing the environment for maximum impact.

Adequate time gives cybercriminals the best opportunity to apply as much pressure as possible and extract as much money as possible out of the victim, ultimately forcing their hand to do nothing but pay the ransom and other extortion fees.

However, threat hunting teams are designed to pinpoint threats in real-time to detect and engage cyber criminals in “hand-to-hand combat”, providing a front-line defence for organisations before it’s too late.

Even with full security implementations, it is one thing to detect a cybercriminal’s activity on the network, but it is another to do something about it. Threat hunting teams are a critical consideration to augment, or even sometimes replace, existing teams by turning detection into action against ransomware threats.

Don’t pay the ransom. Easy to say, hard to do

Any Asian (or international) organisation considering making a payment (to essentially a criminal group) during a ransomware incident must seek legal advice to ensure what they are about to do does not result in a criminal offence. Paying the ransom fuels a criminal industry and it does not guarantee access to encrypted data.

Additionally, organisations assisting victims in making ransomware payments to sanctioned cybercriminals also face the risk of violating various regulations, depending on what country they are in.

It is important to acknowledge that it is easy to say “don’t pay the ransom”, but it ultimately remains a very difficult situation for an organisation that can’t recover its data or a critical infrastructure provider that faces severe service disruption. They may feel forced into paying the ransom to get back to being operational.

These situations put victimised organisations between a rock and a hard place, as they either pay the ransom and be at risk of breaking government regulations, or not pay the ransom and risk going out of business. However, despite the immense pressure, paying a ransom can fuel the fire for cybercriminals to return with bigger threats.

Also Read: Practical tips to protect your business from cyber attacks

The evolution and proliferation of ransomware: Double extortion

CrowdStrike has recently observed cybercriminals adopting a “double extortion” model, in which cybercriminals will encrypt the target’s data and not only demand a ransom for its return but also leverage additional payment incentives to add pressure on the victim to pay the ransom.

Some cybercriminals will even use a more targeted approach and threaten to publicly release and/or auction the data unless the victim pays up.

This in turn fuels the ransomware ecosystem in a vicious cycle that only hurts the victimised organisation even more down the road. The exploitation of data also puts victimised organisations at risk of violating local or regional data privacy regulations, which can end up costing millions of dollars in addition to the original ransom.

Cybercriminals will continue to refine these approaches and experiment with different business models, including affiliate schemes designed to recruit more people to deploy attacks for a share of the profit, known as Ransomware as a Service (RaaS). With this and the double extortion model, the potential ramifications are far and wide.

As we progress through this year, organisations need to remain on high alert to be better prepared to weather the storm that is coming or run the risk of facing the consequences of a potentially devastating ransomware attack.

With the right knowledge, tools and preparation–as well as testing and role-playing exercises–organisations can effectively combat would-be attackers and give themselves the best chance of remaining unscathed in 2021.

–

Editor’s note: e27 aims to foster thought leadership by publishing views from the community. Share your opinion by submitting an article, video, podcast or infographic

Join our e27 Telegram group, FB community or like the e27 Facebook page

Image Credit: gioiak2

The post In the eye of a cyber-storm: Defending against a ransomware attack appeared first on e27.

Intellect, a Singapore-based mental healthcare provider, announced today it has closed its US2.2 million pre-Series A round led by existing investor Insignia Ventures Partners, alongside new investors Y Combinator and XA Network.

The round also saw family offices and angels participation, including Rainforest CEO and co-founder JJ Chai, Prenetics & CircleDNA founder and CEO Danny Yeung, and Google Global HR Operations Director Gilberto Gaeta.

The new capital will be mainly used to scale the company geographically across Asia. A part of the funding will also go into the company’s product offering to serve any spectrum of care.

Launched in 2020, Intellect aims to make mental healthcare and wellbeing support accessible for everyone through its end-to-end, 24×7 mental healthcare system in a single app. It claims to have clocked over 2.5 million users and 20 enterprise clients globally, covering 12 countries and 11 languages.

“The big challenges in the region is that stigma is especially high towards traditional approaches to mental health and available services are outdated and not readily accessible to all,” said Intellect co-founder and CEO Theodoric Chew.

Also read: Medici, a health-tech firm founded by ex-Grab exec, gets seed funding to foray into insurance in Vietnam

“The main thing here is that it’s not meant to replace therapy, “Chew added in a talk with Insignia early this year. “Right from the get-go, it’s more of a lightweight tool to be a stop-gap for the masses that can’t access a live therapist or psychologist.”

The pandemic-induced demand for mental health services has surged in the last two years. As a result, new depressive and anxiety disorder diagnoses spiked 400 per cent in 2021, according to the World Health Organisation.

“In meeting this global need, Intellect has proven itself to be the leading company coming out of Asia,” said Yinglan Tan, founding managing partner at Insignia.

With an extensive network of local providers and mental health practitioners in the region, Intellect has served a broad range of clients, such as foodpanda, Shopback, and Carousell, Avery Dennison and Schroders, as well as government agencies.

The company is conducting over ten clinical studies collaborating with leading universities and institutions, namely the National University of Singapore, King’s College London, University of Queensland and the Singapore General Hospital.

Intellect is also in Y Combinator’s current batch.

—

Image credit: Intellect

The post Insignia, Y Combinator back US$2.2M round of Intellect to provide mental health services across Asia appeared first on e27.

SoBanHang, a Vietnamese bookkeeping app for small retailers, has secured a US$1.5 million seed round from FEBE Ventures, US-based VC firm Class 5, and individuals such as Business Insider founder Kevin P. Ryan.

With the new investment, the startup aims to help small retailers create online stores and manage orders to tap into a market of 16+ million nano- and micro-businesses in Vietnam. 

As per the press statement, the company develops according to the model of Shopify Lite & Digital Ledger for MSMEs. Techcrunch reported that SoBanHang also intends to expand its financial services to include working capital loans that can be disbursed without a digital wallet or bank account.

Launched three months ago, SoBanHang was the idea of Hai Long Bui, chief analytics and CTO at Landers Superstore (a Philippine supermarket chain) and former Lazada executive Hai Nam Bui.

The startup’s bookkeeping tool assists businesses in digitising their processes, especially family-owned businesses having less than five employees. It offers them an online storefront system to connect with customers smoothly and maintain relationships while preparing for other COVID-19 outbreaks. 

The firm claims to have signed up almost 20,000 merchants as of August. It has also seen an uptake in registration from food and convenience retailers during the pandemic. 

Also read: Omnilytics to acquire Malaysia’s Supahands for US$20M to enhance its retail tech stack capabilities

In the recent interview with TechCrunch, co-founder Hai Nam Bui said that most Vietnamese retailers are not used to the payment process with third-party logistics providers or digital wallets. “That was an aha moment when I realised that a lot of e-commerce platforms are still not touchable to about 90 per cent of retailers in Vietnam.”

According to SoBanHang’s research, many Vietnamese micro-sized businesses are local, serving consumers within a few kilometres of their location and offering their deliveries on foot. They used to do everything manually on paper since they didn’t have a point-of-sale system or a laptop. 

SoBanHang, therefore, shies away from complicated logistics or payment systems, which force merchants to employ high-cost third-party delivery applications. 

The co-founder believes that SoBanHang can help small businesses compete against larger firms like supermarkets and convenience stores when the lockdown measures are lifted.  

“The buyers and sellers are actually within walking distance. So when they connect with buyers, they can make that order transaction, and then retailers deliver the goods themselves and collect the money at the customer’s doorstep,” said Hai Nam Bui. 

In a chat with e27, Dave Anderson, managing general partner at the US-based Supply Chain Ventures, said that many small companies worldwide still rely on homegrown or excel spreadsheets to manage the supply chain part of their businesses.

“Making supply chain toolsets available inexpensively across the globe to small businesses will help these companies increase profits, compete with neighbouring shops, and generally improve the lives of millions of owners and their families,” Anderson added. “The democratisation of supply chain technology is a real and important trend, one that will help create a better world for many.”

—

Image Credit: Sobanhang

The post Vietnam’s bookkeeping startup SoBanHang attracts US$1.5M to digitise small retailers in Vietnam appeared first on e27.

Ethis Global, the company that operates sharia-based crowdfunding platforms in Indonesia and Malaysia and social finance platform GlobalSadaqah, today announced the closure of its MYR6.8 million (US$1.7 million) Pre-Series A funding round from angel investors in the Islamic finance and fund management communities.

Notable names in this list included Malaysia-based Tan Sri Wan Zulkiflee (Chairman of Malaysia Airline, former president and CEO of Petronas) and Daud Vicary Abdullah (Trustee at RFI Foundation) as well as Dubai-based Khurram Hilal (Islamic banking lead at Standard Chartered).

In a press statement, Ethis Global said that the funds will be used to scale up operations in existing markets, acquire licenses and set up operations in new jurisdictions, and develop new technology.

For example, it plans to expand its offerings in Indonesia and Malaysia to include agriculture and Waqf issuers and projects in 2022.

Ethis Global also announced that these efforts will be part of its planned milestones leading up to their Series A funding round. It targets to raise US$10 million from institutional and strategic corporate investors.

Ethis Group Founder Umar Munshi named the partnership as “key to the company’s growth and success.”

Also Read: How Islamic finance can work with fintech to promote financial inclusion in Malaysia

“Ethis is on track to prove the commercial viability of our high-impact fintech model based on Islamic finance principles,” he said.

Headquartered in Malaysia, Ethis Global started out in 2014 as a private investment club in Singapore.

It is operating regulated platforms in Malaysia and Indonesia and has also secured regulatory approvals in Dubai and Qatar.

Ethis Indonesia has been operating since 2015, matching retail investors from more than 50 countries into impact-investment campaigns, initially focused on property development for social housing and more recently introducing SME supply-chain projects.

This Pre-Series A funding round followed the recent appointment of Amran Bin Mohd as the Chairman of the newly established Ethis Investment Management.

—

Image Credit: tirachard

The post Ethis Global closes US$1.7M Pre-Series A funding round to accelerate global expansion effort appeared first on e27.

Many people I talk to started a company to solve a problem they encountered and found no other solution. There are also cases where the solutions that they found didn’t do a good enough job to satisfy their needs, creating an urgency for a new, improved one.

Today’s guest Sam Starns is no different.

After regretting her own traditional wedding, she wished there was someone who could have advised her to find the strength within herself to fight for the wedding she really wanted. That led Starns to start her own company which specialises in advising, planning, and leading couples to experience a custom elopement style wedding with under 25 guests in the most beautiful parts of the world.

How exactly is her company different from the existing wedding organisers? How does it seize the opportunity in a highly competitive market?

Most importantly, when starting a company, why is it so important to find the Why factor? How can it make a difference for you and your company? If you have not found it yet, then what are the steps that you can take? What are Starns’s experience in the matter, and what kind of advice can she give you?

If you are starting a company and need that extra push that inspires you, make sure you don’t miss this episode!

If you don’t see the player above, click on the link below to listen directly!

Acast
Apple
Spotify
Stitcher

—

This article on finding your Why in starting a company was first published on We Live To Build.

Image Credit: Michal Czyz on Unsplash

The post When starting a company, focus on your Why: An interview with Sam Starns appeared first on e27.