August 24, 2016
Many Asian organisations are badly defended against cyber-attacks, a year-long investigation by US security company Mandiant indicates.
The median time between a breach and its discovery was 520 days, it says. That is three times the global average.
Asia was also 80% more likely to be targeted by hackers than other parts of the world, the report said.
It said an average of 3.7GB in data had been stolen in each attack, which could be tens of thousands of documents.
However, the bulk of the incidents were not made public because the region lacks breach disclosure laws.
Grady Summers, the chief technology officer of Mandiant’s parent company, FireEye, said the findings were “very concerning”.
“We knew responses to cyber-incidents here in Asia often lag those elsewhere, but we didn’t know it was by this much,” he told the BBC.
As part of the study, Mandiant hacked into one organisation’s network with its permission to see how vulnerable it was.
“Within three days we had the keys to the kingdom,” Mr Summers said. “If an expert group of hackers can do the same in three days, imagine what can they do in 520 days.”