Behind Singapore’s information security network is a Taiwanese shadow.

In July of 2018, Singapore’s Ministry of Health announced on its website that the IT system of SingHealth – the city-state’s largest group of health care institutions – had been hacked, and the records of 1.50 million patients had been stolen.

The cyberattack affected a quarter of Singapore’s population, including Prime Minister Lee Hsien Loong. Its media described it as the country’s worst security breach in its history.

Singapore aggressively pushed a Smart Nation 2025 policy aimed at making it the world’s “smartest” country, but the hacking incident stole some of the Smart Nation initiative’s luster. To address the problem, Singapore’s government established a pure-play cybersecurity firm called Ensign InfoSecurity in October, three months after the attack.

A 500-employee startup, Ensign InfoSecurity is a joint venture between Temasek Holdings cybersecurity subsidiary Quann and Accel Systems & Technologies, a subsidiary of the Singapore telecom company StarHub. But the company, which will be responsible for Singapore’s most important information security network, turned to a Taiwanese supplier for its critical automatic cyberattack detection and response system.

Its choice: the already legendary Taiwanese information security firm CyCarrier Technology, which was founded by ethical, or “white-hat”, hackers.

“The most difficult aspect of cybersecurity is to figure out what the bad guys are doing in your home. It used to be that forensic staff had to spend a lot of time to do this, but now we’ve turned the job over to AI,” says CyCarrier co-founder Benson Wu.

Working with Police to Cash in on Cybersecurity

CyCarrier has barely been in business for a year, but its revenue has already topped NT$100 million. Taiwan’s Ministry of National Defense, Ministry of Foreign Affairs and National Police Agency, financial conglomerate Fubon Financial Holdings, and IC design leader MediaTek are among the company’s clients.

When it contracted in October 2018 to work with Ensign InfoSecurity – Southeast Asia’s biggest cybersecurity company – CyCarrier extended its reach to the ASEAN market, and it also plans to develop a presence in Japan this year.

CyCarrier’s three co-founders, Jeremy Chiu (aka Birdman), Benson Wu and Peikan Tsung (PK), are well known in their field, having given talks at such major international cybersecurity and hacker conferences as DEFCON and Black Hat.

 “If you bring up the three of them in hacking circles, almost everybody will have heard of them,” Loop Telecom President Mawlin Yeh once said.

So what was it that brought them together to start a company?

Taiwan was gripped by news in 2001 that police had cracked a case involving the first Trojan horse malware developed in Taiwan, and that the developer was a student. At the time, Eric Lee, the head of the Criminal Investigation Bureau’s 9th Investigation Corps, identified the student as Jeremy Chiu.

Chiu’s hacking skills left a deep impression on Lee, who checked in regularly on the young computer expert. Years later, Lee left law enforcement to become vice president of Taipei Fubon Bank, so it was only natural that he signed up as one of Chiu and CyCarrier’s clients after it was founded.

Taipei Fubon Bank Vice President Eric Lee, who previously worked in law enforcement, remembered Jeremy Chiu’s hacking skills, which led to Fubon’s association with CyCarrier.   Source: CommonWealth

White-hat Hackers Turned Entrepreneurs

After Chiu graduated from college, he set up a cybersecurity firm called X-Solve Lab, which specialized in analyzing email malware. It was later acquired by American company Armorize Technologies.

Chiu then joined with former hacker and Armorize colleague Benson Wu to create Xecure Lab, which offered digital forensic services and APT (advanced persistent threat) detection solutions and built a good reputation in the industry.

One year, the two spoke at a Black Hat conference, attended by American hackers and chief information officers of large corporations who paid US$2,500 to get in.

“We were surprised when three American companies and one Israeli company approached us after our talk saying they wanted to buy our company,” Wu recalls with a smile.

Xecure Lab, which at the time had paid-in capital of NT$2.95 million, was ultimately sold for 100 times that amount to Israel-based Verint in early 2014.

To retain Xecure Lab’s R&D talent, Verint rented an expensive commercial office in Taipei’s upscale Xinyi District for Chiu and Wu to use.

CyCarrier is Benson Wu’s second startup. Though it has only been in business for a year, it has already established itself as a leader in Taiwan’s cybersecurity field.  Source: Wu Chou-chi

But the duo were more accustomed to the fast-paced, flexible startup environment and decided to leave Verint after four years with the company. Leaving Verint at the same time was Peikan Tsung, who had previously worked for six years in computer forensics at Taiwan’s Criminal Investigation Bureau.

The three teamed up to form CyCarrier and develop a detection engine using artificial intelligence (AI). Among its features are the ability to detect and investigate malware activity, the packaging and delivery of sensitive information, thefts of legal accounts, hackers’ use of legal programs to engage in illegal activities, and computer-to-computer infections.

“To put it simply, we’re like a robot vacuum, quickly and automatically helping you clean up your information security situation. In the past, it would take a month to investigate the situation, but now it only takes 20 minutes. All MIS [management information system] personnel have to do is write a report,” Wu says.

CyCarrier’s strategy was to target industries vulnerable to attack by hackers, usually focusing on the three biggest companies in those sectors. So the company first approached the financial and high-tech sectors and government agencies and offered them a free trial run of their platform.

 

CyCarrier’s First Customer: the Defense Ministry

CyCarrier’s first customer was the Ministry of National Defense, which puts the highest priority on protecting secrets and keeping information classified.

Not too long ago, the ministry set up a fourth military service – an information wing – to complement the Army, Navy and Air Force, with 6,000 people engaged in information warfare. The ministry’s information agencies were in essence integrated and upgraded to a combat force, explaining why the MND is so focused on cybersecurity.

“A lot of companies buy anti-virus software, but they don’t know that the bad guys are already in their home,” Wu says. CyCarrier’s technology is designed to help companies find bad actors lurking within their organization before anything else. (Read: The Real Reason Behind the TSMC Cyber Attack)

CyCarrier is a relatively small company, with fewer than 40 employees, but it has been able to rise up and succeed along with companies like it because cybersecurity models have changed dramatically from the past, an information security industry analyst with a foreign technology consulting company told CommonWealth.

Cybersecurity models are much different today than they were in the past, with most vendors applying artificial intelligence to do analytical work and gauge whether a system has been breached by a hacker.   Source: Shutterstock

 “In the past when you talked about information security, it usually referred to anti-virus programs in computers. Some 80% of the threats were known and only 20% were unknown. Now, however, the known and unknown are split about 50-50,” the analyst says. (Read: A NT$36 Billion Hacker Brought Down in Taiwan)

But today, AI can be used to do behavior analysis, which observes user behavior against past trends to detect anomalies.

“Attackers enter the system the same way regular users do. With some basic training, AI can gradually determine whether a user is a hacker or not. Several vendors, including CyCarrier, are specializing in this area,” the analyst says.

Moving into Singapore, Japan

After global contract chipmaking leader TSMC suffered a virus attack in August of 2018 that forced it to shut down several factories, many high-tech companies stepped up their investment in information security.

That was also the case with financial services companies, which intensified their searches for cybersecurity consultants to help them prevent attacks, as though buying insurance against data breaches. They are worried that data leaks could trigger the need to pay high levels of compensation and erode customer trust.

Over the past six months, six Taiwanese financial institutions, including Bank of Taiwan, the Joint Credit Information Center, and Fubon Financial Holdings, have sought the help of CyCarrier, as has the IC design company that most prizes confidentiality – MediaTek.

Fubon Insurance, for example, asked CyCarrier to partner with it in selling cyber insurance. When companies contract with Fubon Insurance for coverage against cybercrimes, CyCarrier first checks the client’s system, and only after it gives the all-clear signal does Fubon issue the policy. Similarly, if insured companies suffer an attack by hackers, Fubon will pay the claim while CyCarrier uses the platform to help collect evidence.

CyCarrier currently has 35 employees, while its client list has grown to 40 companies. This year, it will even develop footholds in Singapore and Japan.

 “The key is to clearly understand what the client wants, to concretize the client’s needs. If we find that the client still doesn’t trust us, we let them use our products. Once they use them, they’ll immediately understand our value,” Wu says.

Having evolved from white-hat hackers into guardians of companies’ information security systems, the founders of CyCarrier have created a future of unlimited opportunity for themselves and their company.

Translated by Luke Sabatier
Edited by Tomas Lin