\n<\/p>\n
\n The report also found that opportunistic threat actors sought to exploit people\u2019s emotions and uncertainties during the pandemic by using Covid-19 topics to anchor their phishing campaigns <\/p>\n
SINGAPORE – Media OutReach<\/a> – 14 June 2021 – Ensign
\u00a0<\/p>\n
Ensign’s latest report provides insights into the
\u00a0<\/p>\n
Here are the key findings and insights from the
\u00a0<\/p>\n
Sector analysis: Threat actors targeted the
Technology service providers were
\u00a0<\/p>\n
Threat actors also targeted technology
\u00a0<\/p>\n
The threat actors’ focus
\u00a0<\/p>\n
“Technology suppliers
\u00a0<\/p>\n
“Organisations need to recognise that as their
\u00a0<\/p>\n
Sector
Ensign highlighted that
\u00a0<\/p>\n
Cyber adversaries
\u00a0<\/p>\n
Sector
As
\u00a0<\/b><\/p>\n
The
\u00a0<\/p>\n
Emotet and TrickBot were Top Malware Detected Across
Ensign
\u00a0<\/p>\n
Threat
\u00a0<\/p>\n
Threat
\u00a0<\/p>\n
Opportunistic Threat Actors Exploited Covid-19 in
The report revealed that threat actors sought
\u00a0<\/p>\n
Similarly,
\u00a0<\/p>\n
Moreover,
The report also found that opportunistic threat actors sought to exploit people\u2019s emotions and uncertainties during the pandemic by using Covid-19 topics to anchor their phishing campaigns SINGAPORE – Media OutReach – 14 June 2021 – Ensign
InfoSecurity (Ensign), Asia’s largest, pure-play cybersecurity firm, today unveiled the findings of its Cyber
Threat Landscape 2021 report, …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[60],"tags":[],"_links":{"self":[{"href":"https:\/\/eodishasamachar.com\/en\/wp-json\/wp\/v2\/posts\/15515"}],"collection":[{"href":"https:\/\/eodishasamachar.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/eodishasamachar.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/eodishasamachar.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/eodishasamachar.com\/en\/wp-json\/wp\/v2\/comments?post=15515"}],"version-history":[{"count":0,"href":"https:\/\/eodishasamachar.com\/en\/wp-json\/wp\/v2\/posts\/15515\/revisions"}],"wp:attachment":[{"href":"https:\/\/eodishasamachar.com\/en\/wp-json\/wp\/v2\/media?parent=15515"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/eodishasamachar.com\/en\/wp-json\/wp\/v2\/categories?post=15515"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/eodishasamachar.com\/en\/wp-json\/wp\/v2\/tags?post=15515"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nInfoSecurity<\/a> (Ensign), Asia’s largest, pure-play cybersecurity firm, today unveiled the findings of its Cyber
\nThreat Landscape 2021 <\/b>report, which found that the technology<\/b>, manufacturing,
\n<\/b>and banking and finance<\/b> industries were the top targets in Asia
\nPacific for threat actors in 2020. <\/p>\n
\n
<\/p>\n
\n
<\/p>\n
\ncyber risks and threats that surfaced across four Asia Pacific markets \u2013 Hong
\nKong, Malaysia, Singapore, and South Korea \u2013 as the pandemic dramatically
\nreshaped the business landscape. It also explores cyber threat trends that are
\nemerging or will persist in 2021. <\/p>\n
\n
<\/p>\n
\n
<\/p>\n
\nreport: <\/p>\n
\n
<\/p>\n
\n
<\/p>\n
\ntechnology sector to achieve economies of scale <\/b><\/p>\n
\n
<\/p>\n
\nattractive targets for threat actors as many organisations have engaged their
\nservices during the pandemic to ensure business continuity. A successful cyber attack
\nwould allow the threat actors to obtain the credentials of these service
\nproviders’ clients, gaining them illicit access to a wide range of companies. \u00a0<\/p>\n
\n
<\/p>\n
\n
<\/p>\n
\nhardware and software vendors to breach and implant malicious codes and
\ncomponents into the vendors’ product development systems. This enabled the
\nperpetrators to rapidly develop zero-day exploits or create
\nbackdoors to compromise
\nthe integrity of the products, allowing them to readily reach a larger pool of
\ntargets.<\/p>\n
\n
<\/p>\n
\n
<\/p>\n
\non these sectors is a concern as organisations continue to invest in digital
\ntechnologies. According to IDC, digital transformation investments in Asia
\nPacific including Japan and China (APJC) are poised to hit an estimated US$921
\nbillion by 2024, compared to US$430 billion in 2019[1]<\/sup>.
\nAdditionally, IDC estimates that by the end of 2023, 80% of enterprises in Asia
\nPacific will put mechanisms in place that will enable them to shift to
\ncloud-centric infrastructure and applications twice as fast as before the
\npandemic[2]<\/sup>.
\n<\/p>\n
\n
<\/p>\n
\n
<\/p>\n
\nand service providers will continue to be lucrative targets for threat actors
\nas organisations become increasingly reliant on digital technologies to support
\ntheir business operations and position themselves for the future. If threat
\nactors can successfully compromise just one of these companies’ systems, it can
\ncreate a ripple effect that will impact large groups of organisations across
\nindustries and geographies,” said Steven Ng, CIO and EVP of Managed Security
\nServices, Ensign.<\/p>\n
\n
<\/p>\n
\n
<\/p>\n
\ncyber supply chain ecosystem expands and diversifies, they will also need to
\ntake additional steps to mitigate the elevated cyber risks that come with it.
\nThis includes increasing the organisation’s situational awareness by
\nmaintaining a complete inventory of the software, hardware, and information
\nassets that are within their network, and those managed by their partners and
\nvendors,” added Steven.<\/p>\n
\n
<\/p>\n
\n
<\/p>\n
\nAnalysis: Threat actors exploited Covid-19-induced disruptions and set their sights
\non trade secrets<\/b><\/p>\n
\n
<\/p>\n
\nin 2020, threat actors attacked manufacturing companies with ransomware. The perpetrators
\nunderstood that these companies’ production capabilities were already strained
\ndue to the pandemic-induced supply chain disruptions. This made manufacturers
\nmore willing to pay the ransom to resume operations quickly and avoid further
\nproduction disruption. <\/p>\n
\n
<\/p>\n
\n
<\/p>\n
\nalso targeted manufacturing companies to steal their trade secrets, including
\nindustrial design, operational knowledge, as well as source materials and
\nsuppliers. These types of information are particularly valuable as they can significantly
\nundermine the victims’ competitive edge while boosting the capabilities of
\ntheir competitors. <\/p>\n
\n
<\/p>\n
\n
<\/p>\n
\nAnalysis: Threat actors intensified social engineering attacks and sought to
\nexploit remote working arrangements in the banking and finance sector<\/b><\/p>\n
\n
<\/p>\n
\nthe country went into lockdown during the pandemic in 2020, there was increased
\nusage of online banking services. This led threat actors to ramp up their
\nsocial engineering attacks by faking banking websites and mobile applications
\nto deceive bank customers into disclosing their credentials. <\/p>\n
\n
<\/p>\n
\n
<\/p>\n
\nreport also revealed a greater increase in threat activities in this sector due
\nto the widespread adoption of remote working arrangements. More exploit
\nattempts were targeting remote solutions used in this sector compared to other
\nindustries. Threat actors were particularly interested in getting credentials
\nto gain access to banks and other financial institutions. They could sell this
\ninformation to ransomware operators and other sophisticated threat groups that can
\nfind their way into these organisations’ core network. <\/p>\n
\n
<\/p>\n
\n
<\/p>\n
\nAsia Pacific<\/b><\/p>\n
\n
<\/p>\n
\nfound that Emotet<\/b> and TrickBot<\/b> were the top malware observed
\nacross the region in 2020, constituting the bulk of Command & Control (C2)[3]<\/sup> threat activities
\ndetected, especially in Hong Kong, Malaysia, and Singapore. <\/p>\n
\n
<\/p>\n
\n
<\/p>\n
\nactors commonly use Emotet and TrickBot as they are versatile in design,
\nallowing the perpetrators to steal credentials, obtain information to move
\ndeeper into the infiltrated network, and inject additional malicious payloads
\ninto the compromised digital environment. <\/p>\n
\n
<\/p>\n
\n
<\/p>\n
\nactors frequently target technology service providers with these two malware
\nfamilies due to their capabilities to download more malware into the infected
\nsystems. Both Emotet and Trickbot were also observed to be used in phishing
\ncampaigns worldwide. <\/p>\n
\n
<\/p>\n
\n
<\/p>\n
\nPhishing Campaigns<\/b><\/p>\n
\n
<\/p>\n
\nto exploit individuals’ anxiety, fear, and curiosity caused
\nby the pandemic through phishing attacks. Ensign uncovered that 99% of the phishing campaigns
\n<\/b>detected in Singapore in 2020 were centred on Covid-19 subjects, and that
\nthe market’s Circuit Breaker period provided an opportune timeframe for threat
\nactors to launch phishing attacks. <\/p>\n
\n
<\/p>\n
\n
<\/p>\n
\nin South Korea, most phishing emails also took advantage of the pandemic
\nsituation. One of the top threat actor groups in Asia Pacific, Lazarus Group,
\nalso impersonated the South Korean government to announce fake additional
\nCovid-19 payouts and shopping vouchers in their phishing campaign in June 2020.
\nThe attacks were targeted at 700,000 email addresses they have illicitly
\nobtained from previous breaches.\u00a0 <\/p>\n
\n
<\/p>\n
\n
<\/p>\n
\nEnsign found that Covid-19-themed phishing attacks are more effective. In an
\nexercise Ensign conducted to test a client’s cybersecurity measures, 35% of the
\norganisation’s employees clicked on the simulated malicious link included in
\nEnsign’s mock Covid-19-related phishing email and provided their personal
\ninformation. This is 10% higher than the average result of past exercises,
\ndemonstrating the effectiveness of customised, well-timed phishing campaigns. <\/p>\n
\n
<\/p>\n
<\/p>\n
\n
\nDigital Transformation Spending Guide – Technology Forecast 2021<\/p>\n<\/div>\n
\nWorldwide IT Industry 2021 Predictions \u2014 Asia\/Pacific (Excluding Japan)
\nImplications<\/p>\n<\/div>\n
\nthat threat actors use to communicate and commander devices that have been
\ncompromised by malware. Threat actors can issue instructions to the compromised
\ndevices, including downloading additional malicious payloads or transferring
\nstolen data back to the threat actors. \u00a0\u00a0<\/p>\n<\/div>\n<\/div><\/div>\n\n
Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"