Waterhole Attacks and Phishing Identified as Singapore’s Leading Cyber Hazard Vectors in 2019, Adding to 84%of Cyberattacks: Ensign InfoSecurity Report

Spread the love

The report also revealed a rise in activities from the danger actor group, APT32, in Singapore and recognized the Emotet malware as an increasing hazard in 2019

SINGAPORE – Media OutReach – 18 May 2020 – Ensign InfoSecurity(Ensign), among Asia Pacific’s largest.
pure-play cybersecurity companies, today unveiled the findings of its Singapore.
Danger Landscape 2019
report, which determined waterhole attacks, a.
tactical website compromise attack, and phishing as the country’s top risk.
vectors in 2019, accounting for 84% of all cyberattacks detected.

The report also exposed that the high technology[1] market in Singapore is the top target for danger.
stars in2019 Companies in this sector are appealing targets as hazard.
actors wish to exploit their data centre infrastructure to broaden their botnet.
activities as well as target other organisations whose servers are being hosted.
there.

In 2019, the top.
5 most targeted sectors in Singapore are:



This report was generated utilizing.
Ensign’s proprietary tools and data designs, including Ensign Singapore-centric Cyber.
Threat Intelligence
,.
Cyber Risk Detection & Analytics engine, and the Ensign IP360
platform which profiles activities and behaviours of confidential IPs in.
enterprise network traffic.

” Importance and.
context are the most crucial components when evaluating cyber hazard.
intelligence as hazards and patterns can differ throughout locations, sectors and.
companies,” said Lee Shih Yen, Elder Vice President, Ensign Labs, Ensign.
InfoSecurity. “Just by combining various worldwide and regional cyber danger.
intelligence sources are we able to derive precise and deep info about.
Singapore-specific risks and assist organisations bolster their cybersecurity.
posture by offering contextualised, actionable insights.”

Singapore’s Top Two Threat.
Vectors in 2019

Waterhole attacks are one of the most.
prevalent hazard vector of 2019, contributing to nearly half (47%) of.
all spotted cyberattacks in Singapore. Waterhole attacks happen when an.
opponent compromises a site and changes its material with destructive payloads.
Unsuspecting victims who then download material from these sites will contaminate.
their devices with malware.

This method allows.
hazard stars to perform supply chain attacks where they contaminate servers.
including updates of popular software application and replace these updates with harmful.
codes to spread malware. This enables hazard stars to attain mass infection,.
particularly when the susceptible web server is popular and trusted by end users.

The other top.
risk vector in Singapore is phishing(also called malspam), and almost.
two out of 5 (37%) of the identified cyberattacks in 2019 can be.
credited to it. Phishing is a reliable social engineering strategy and a.
popular method for hazard actors as it is easy to execute and able to target a.
wide swimming pool of victims.

APT32
— Threat Actor Group with Highest Cyberattack Footprint in 2019

Both waterhole attacks and phishing are the favoured methods of the.
hazard actor group, APT32 The report discovered.
that the increase in activities associated with APT32, also called.
Oceanlotus, is higher than any other hazard actor groups in Singapore in2019

.

APT32, which has.
been active since 2014, concentrates its activities in Southeast Asia and has.
targeted multiple private sectors and federal governments throughout the region.

In 2019, Ensign discovered.
APT32 associated activities in 23 out of 34 sectors (68%) in Singapore. The.
spread of cyberattacks across varied sectors aligns with APT32’s method of running.
opportunistic phishing email campaigns throughout the year.

From April.
to May 2019, Ensign identified a 500% spike in APT32 activities in.
Singapore’s production sector. From October to December 2019, Ensign found an.
800% increase in APT32 activities, which is the outcome of seasonal.
phishing projects that this danger actor group was running during the shopping.
and festival seasons.

Emotet– A Rising Danger in 2019

The report also discovered that Emotet
was the most prominent malware in Singapore. Ensign discovered Emotet activities.
in 27 out of 34 (79%) sectors in 2019, affecting more than 1,200
companies
The prevalent attacks across a broad spectrum of sectors.
show the attacks were most likely opportunistic and in the form of spam.
projects.

In the.
Half of 2019, specifically from February to April, Ensign found high.
volumes of probing activities on port 445, which is a susceptible port targeted.
by Emotet. It is likely that danger actors were scanning for susceptible targets.
as part of their reconnaissance.

In Q4 of.
2019(1 October to 31 December), Emotet phishing detections surged by 9.
times
compared to Q3 of 2019 (1 July to 30 September). This can be.
credited to the launch of phishing email campaigns by different risk actor.
groups.

In the same.
period, there was an 11 times increase in outgoing Emotet C2 (command and.
control) detections compared to Q3 of2019 The increase in outgoing traffic.
with Emotet indicators-of-compromise (IoCs) can be credited to servers being.
contaminated by phishing spam projects.

” Conventional.
and reactionary signature-based risk detection is insufficient in today’s cyber.
danger landscape as modular, polymorphic malware, such as Emotet, are emerging.
faster than ever. Organisations require to have a proactive cybersecurity posture,.
and this not only requires access to hyperlocalised, actionable danger.
intelligence, but also behaviour-based security capabilities that can identify modifications.
in adversary techniques and strategies based on the MITRE ATT&CK ®
. structure,[3]“. added Shih Yen.



[1] For high technology business, technological innovations and advanced systems, applications,
and devices play a. main role in their core organisation offerings and services. Some examples.
include cloud, data centre, and webhosting service providers.

[2] For info-communications
business, they specialise in network connection and info-communication.
technology services and products. Some examples consist of telecommunications.
business, web service suppliers, and network operators.

[3] MITRE ATT&CK ® ( Adversarial.
Techniques, Strategies, and Typical Understanding) framework is a knowledge base.
of cyber risk methods and strategy which permits cybersecurity researchers,.
cyber danger hunters and red teamers to better understand cyber hazards and.
examine an organisation’s cyber threats.

About Ensign InfoSecurity

Ensign InfoSecurity is the biggest pure-play cybersecurity company in Asia with a comprehensive footprint within the region. The.
company is headquartered in Singapore, and has workplaces in Malaysia, Hong Kong.
and South Korea. It has a workforce of over 500 cybersecurity specialists.
with skills in the arrangement of extensive cybersecurity services. Its core.
proficiencies consist of security advisory and guarantee, architecture design,.
implementation, validation and management of sophisticated security controls, threat.
hunting, and incident response services. Underpinning these competencies is.
internal research and development in cybersecurity.

For more information, go to www.ensigninfosecurity.com or.
e-mail [email protected]

Read More