SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Singapore sees uptick in cyber threats in 2Q of 2022
Tue, 23rd Aug 2022
FYI, this story is more than a year old

A total of 1,817,635 web threats against Internet users were detected and blocked in Singapore between April to June 2022, according to data obtained through the Kaspersky Security Network, marking a 17.6% increase compared to the first three months of this year.

KSN data is collected from Kaspersky customers here who have installed the company's cybersecurity software on their computers and voluntarily shared information with the firm. In 2Q 2022, 23.1% of users in Singapore were attacked by web-borne threats. This places Singapore in 86th place globally in terms of dangers associated with surfing the internet, with the Republic moving up 23 places from 109th in 1Q 2022.

Web-borne threats, or online threats, are a category of cybersecurity risks that may cause an undesirable event or action via the internet, which usually expose people and computer systems to harm. A broad scope of dangers fit into this category, including well-known threats such as phishing and computer viruses.

While large scale phishing attacks have been averted in Singapore this year, the Police have recently warned of an increase in phishing scams where cybercriminals impersonate banking staff and target victims through phone calls or SMS messages.

“Cyber threats occur daily and cybercriminals are getting more sophisticated in their methods, although authorities in Singapore have been proactive in deterring and detecting threats as seen in the formation of the Digital and Intelligence Service that was recently announced," says Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky.

"But countering cyber threats requires a whole-of-society approach so we need to continue to educate individuals and businesses on the importance of good cyber-hygiene habits to reduce the risk of being a victim of a cyber-attack."

In Singapore, the most common methods used by cybercriminals to penetrate systems include exploiting vulnerabilities in browsers and their plugins (drive-by download), and social engineering.

Exploiting vulnerabilities in browsers and their plugins (drive-by download).

Infection in this type of attack takes place when visiting an infected website, without any intervention from the user and without their knowledge. This method is used in the majority of attacks. Among them, file-less malware is most dangerous: its malicious code uses registry or WMI subscriptions for persistence, leaving no single object for static analysis on the disk.

To fight such stealthy threats, Kaspersky products apply Behavior Detection component that benefits from ML-based models and behavior heuristics to detect malicious activity even if the code is unknown. Another key technology, developed by Kaspersky, is Exploit Prevention which reveals and blocks in real time the malware's attempts to benefit from software vulnerabilities.

Social engineering

These attacks require user participation: a user has to download a malicious file to her computer. This happens when cybercriminals make the victim believe she is downloading a legitimate program.

Protection against such attacks requires a security solution capable of detecting threats as they are being downloaded from the Internet. Since many threat actors nowadays obfuscate malicious code to bypass static analysis and emulation, true protection requires more advanced technologies such as proactive ML-based methods and behavior analysis.

The global cyber threat landscape continues to evolve in 2022, and some of the major trends seen in the first half of the year include cybercriminals exploiting the rise in remote work to penetrate corporate networks, rising supply chain attacks and more companies becoming prime targets amid an accelerated shift to the cloud.

For companies observing remote or hybrid work arrangements, Kaspersky experts offer the following tips to help employers and businesses continue to stay on top of any potential IT security issues and remain productive:

  • Cybersecurity should be a “living” strategy, not a static platform. This will blend technology and effort, and is constantly upgraded, updated and improved. Banks need to ensure a security team (or security experts) who will be able to ensure cyber defence infrastructure is updated, and will be able to provide support in the event of cyberthreats.
  • Ensure proven protection software, on all endpoints, including mobile devices, and switch on firewalls is updated. Small and medium-sized enterprises can also opt to use a Kaspersky Endpoint Detection and Response Optimum to boost their defences against complex threats.
  • Consider a threat intelligence platform: Another key component to include would be to ensure access to the latest IT security trends/threats – that is also known as threat intelligence. Threat intelligence will give the insight to act on, and paint a bigger, more accurate picture of the bank's digital presence, to educate senior stakeholders about the ongoing risks and vulnerabilities. This will empower them to be able to make informed decisions on what needs to be done to keep the potential harm at bay, refine existing security processes to better defend against known threats and to continually plug any gap in the IT infrastructure.
  • Ensure third party vendors' cybersecurity systems are also updated. There have been increasing reports on how breaches to third-party security systems have implicated businesses. Whether you are a bank, the Government or a private enterprise, no one is immune from these security threats, and it is important that we heighten our vigilance when it comes to cybersecurity. It does not matter how secure your third-party vendor tells you their systems are, as the elevated prominence of supply chain attacks have shown us that it is important to take responsibility for your own cybersecurity posture rather than leaving it in your partners' hands.

For users, here are the top online security tips for to ensure each of us can play our part in cyber-vigilance:

  • Follow the rules of cyber-hygiene: use strong passwords for all accounts, do not open suspicious links from emails and IMs, never install software from third-party markets, be alert and use a reliable security solution.
  • Employ common sense before handing over sensitive information. Do not readily share private or confidential data online. When you get an alert from your bank or other major institution, never click the link in the email. Instead, open your browser window and type the address directly into the URL field so you can make sure the site is real.
  • Never click on unsafe links nor open suspicious email attachments: Avoid clicking on links in spam messages or on unknown websites. If you click on malicious links, an automatic download could be started, which could lead to your computer being infected. Ransomware can also find its way to your device through email attachments. Avoid opening any dubious-looking attachments.
  • Ensure you download an anti-malware app. Products like Kaspersky Internet Security for Android can protect against malicious apps, as well as SMS phishing links themselves.