Spooked by Bangladesh Heist, Asian Security Summit Works on Cybersecurity

SINGAPORE (Reuters) -
U.S. Secretary of Defence Ash Carter meets with South Korea's Minister of Defence Han Minkoo (R) and Japan's Minister of Defence Gen Nakatani for a trilateral at the IISS Shangri-La Dialogue in Singapore June 4, 2016. REUTERS/Edgar Su
U.S. Secretary of Defence Ash Carter meets with South Korea’s Minister of Defence Han Minkoo (R) and Japan’s Minister of Defence Gen Nakatani for a trilateral at the IISS Shangri-La Dialogue in Singapore, June 4. (Reuters/Edgar Su)

The South China Sea dispute and worries about North Korea dominated an Asian security summit at the weekend, but cybersecurity was also in focus as regional officials sought to improve coordination amid a rise in high-profile hacks.

Alarmed by the theft of $81 million from Bangladesh’s central bank in February, one of the world’s biggest ever cyber heists, cybersecurity was among the top concerns discussed at Singapore’s annual Shangri-La Dialogue. For the first time, the conference allotted one of its six special sessions to cybersecurity.

“It was indicative that cyber has converted from being a logical threat to a physical threat,” said William Saito, special adviser to the Japanese cabinet on IT strategy. For Japan, safeguarding critical infrastructure was imperative, especially since it is the host for the 2020 Olympics, and cybersecurity was a large part of that effort, he said.

“Cyber, because it is so cross-cutting, will just make existing threats worse,” Saito said.

Cybercriminals, whether from criminal gangs or rogue nations, usually operated beyond borders, the meeting was told.

“Where restrictions differ, they exploit these differences in order to take advantage of our national systems,” said David Koh, chief executive of the Cyber Security Agency of Singapore.

“We cannot defend or view cyber threats or issues within any national borders or within a regional border.”

In the February heist, hackers stole money from Bangladesh Bank’s account at the New York Federal Reserve. One transfer to a Sri Lankan entity was reversed, but four transfers for $81 million went to the Philippines and wound up with casinos and casino agents there.

Most of the money remains missing and the identity of the hackers is unknown.

India, with nearly 500 million Internet users, is preparing to set up an army of 500,000 cybersleuths within five years, a delegate from New Delhi said at the conference.

“That can provide a bulwark for global cybersecurity efforts,” said Santosh Jha, joint secretary for cyber issues at the Indian external affairs ministry.

Building a transnational cybersecurity defense system is hampered by differences between countries and a lack of trust, delegates said. For instance, Western nations were focused on safeguarding the infrastructure of cyberspace while China and Russia were concerned about content.

Also, rival nations use cyber techniques for espionage and potentially for sabotage. After years of acrimony and allegations of cyber-spying, senior U.S. and China cyber officials held their first meeting last month since the two countries struck an anti-hacking agreement in September.

“You have permanent members of the U.N. Security Council coming to the table with fundamentally different objectives, it probably isn’t a surprise that the accomplishments to date have been modest,” said Sean Kanuck, a former U.S. National Intelligence Officer for Cyber Issues.

What was needed, he said, was to “find low hanging fruit, common interests that we all absolutely share, and build on those premises”.

No country can achieve cybersecruity on its own, Singapore’s Koh said.

“We need to recognize the urgency of the issue and start working together to take action, based on our common security interests.”