Fortinet Thailand, the local unit of the US cybersecurity firm, has just urged Thailand to enhance its cybersecurity defenses, estimating that it could lose USD 8.5 billion from cyber-attacks. The firm also suggests businesses get up to date with the Personal Data Protection Act (PDPA), which is scheduled to be fully enforced in June 2021, as part of the measures to prevent data breaches amid a surge of ransomware attacks.
In effect, the Covid-19 pandemic has increased cyber-risks following digital transformation by companies that have become exposed to attacks through cloud usage, high-speed 5G internet connection and remote working.
A notable example is represented by Saraburi Hospital, which in September 2020 was attacked by ransomware. The event sparked concerns about cyber threats to key infrastructure in the country and led the Public Health Ministry to spend USD 61 million to safeguard state-run hospitals nationwide. In August 2021 Bangkok Airways revealed it was the victim of a cyberattack from ransomware group LockBit, resulting in the publishing of stolen data. Other recent attacks targeted e-commerce operators, Krung Thai Bank, CP Freshmart and Bhumirajanagarindra Kidney Institute Hospital.
According to market research company International Data Corporation (IDC), less than 7% of organizations in Thailand have a robust approach to cybersecurity. Around two-thirds have a basic portfolio of tools, while just 3% possess sophisticated systems in place to guard against cyber threats.
IDC suggests existing corporate networks are a top concern for cyberthreats among organizations, followed by industrial control systems and critical infrastructure and robotics for manufacturing and supply chain operations.
(Sources: IDC; The Bangkok Post)