Organisations in the technology, media and telecoms (TMT), as well as transportation sectors in Singapore, were the top targets for cyber attacks last year, as threat actors sought to carry out supply chain attacks and disrupt businesses, a new study has found.
According to Ensign InfoSecurity’s Cyber threat landscape 2022 report, nearly 70% of malicious traffic observed in Singapore in 2021 was directed at telecoms firms, whose bandwidth and computing resources can be used to build botnets or compromise other connected organisations.
Additionally, many TMT organisations also support other businesses by providing services such as processing and storing sensitive data. This gives malicious actors an easy access pathway to target and access downstream customers via cyber supply chain compromise.
“Infocommunications companies are lucrative targets for malicious actors as their services penetrate and power almost every aspect of our society and digital economy,” said Steven Ng, chief information officer and executive vice-president of managed security services at Ensign.
“We need to constantly elevate our cyber defence capabilities to prevent cyber threats from derailing our nation’s digital ambition and undermining our position as a regional technology hub,” he added. “This would require public and private stakeholders to work closely together to build a vibrant cyber security ecosystem conducive to nurturing skilled cyber talents and driving innovation.”
Media organisations in Singapore were also targets, following cyber attack campaigns elsewhere. The attacks, including ransomware campaigns, were designed to cause business disruptions and prevent facts from being disseminated to the public. This can distort or disrupt the public’s understanding of the situation, Ensign said.
In the transportation sector, maritime companies continue to see ransomware attacks aimed at shipping lines and maritime support services, further exacerbating supply chain challenges caused by Covid-19.
Read more about cyber security in ASEAN
- Adnovum is leveraging its strengths in identity and access management and its Swiss heritage as it expands into new markets and areas such as zero-trust security.
- Singapore’s Cyber Security Agency is to start licensing cyber security service providers in the city-state to safeguard consumer interests and improve service standards over time.
- The Malaysian Highway Authority is now more resilient against cyber attacks through a local disaster recovery-as-a-service offering powered by Veeam software.
- Organisations will need to develop behavioural detection, machine learning and threat hunting capabilities to keep pace with the onslaught of cyber attacks.
Ensign said ransomware operators are likely exploiting the already-strained business operations to pressure organisations to pay ransoms. It found a 133% increase in Singapore-based companies being mentioned on ransomware leak sites.
In 2021, Ensign also observed an increase in opportunistic cyber incidents using stolen credentials in Singapore. It revealed that 80% of these incidents were traced to “hands on keyboard” intrusions against remote access portals for virtual private networks and virtual desktop infrastructure. In these attacks, threat actors manually log into an infected system using leaked credentials.
These attacks can be attributed to Covid-19, where companies were forced to swiftly establish emergency remote working arrangements. However, some of these systems are not adequately secured. As a result, past credential leaks and bad cyber hygiene, such as reusing leaked passwords, led to a number of these opportunistic cyber breaches, Ensign said.