Last year saw threat actors target the technology sector across the Southeast Asia region to achieve economies of scale, according to the latest research by Singapore-based cyber security service provider Ensign InfoSecurity.
Technology service providers were attractive targets for threat actors in 2020, with many organisations engaging their services during the pandemic to ensure business continuity, according to Ensign.
This heightened service partner engagement presented a compelling draw for cyber criminals, with a successful cyber attack allowing threat actors to obtain the credentials of these service providers’ clients, potentially handing them illicit access to a wide range of companies.
According to Ensign, threat actors also targeted technology hardware and software vendors to breach and implant malicious code and components into the vendors’ product development systems. This enabled perpetrators to rapidly develop zero-day exploits or create backdoors to compromise the integrity of the products, allowing them to readily reach a larger pool of targets.
Tech companies are set to be prominent targets for the foreseeable future, according to Steven Ng, Ensign CIO and executive vice president of managed security services.
“Technology suppliers and service providers will continue to be lucrative targets for threat actors as organisations become increasingly reliant on digital technologies to support their business operations and position themselves for the future,” said Ng.
“If threat actors can successfully compromise just one of these companies’ systems, it can create a ripple effect that will impact large groups of organisations across industries and geographies,” he added.
Ensign’s findings are captured in the company’s recently released Cyber Threat Landscape 2021 report, which found that the technology, manufacturing, and banking and finance industries were the top targets in the Asia Pacific region for threat actors in 2020.
Specifically, the report provides insights into the cyber risks and threats that surfaced across four Asia Pacific markets: Hong Kong, Malaysia, Singapore and South Korea, as the pandemic dramatically reshaped the business landscape.
From Ensign’s perspective, the threat actors’ focus on these sectors is a concern as organisations continue to invest in digital technologies.
COVID-19 pulls focus
However, the effect COVID-19 had on the threat landscape went further than criminals taking advantage of organisations’ engagement of technology providers, with opportunistic threat actors exploiting COVID-19 in phishing campaigns.
A global phenomenon, threat actors sought to exploit individuals’ anxiety, fear and curiosity caused by the pandemic through phishing attacks, the report revealed.
Ensign said it uncovered that 99 per cent of the phishing campaigns detected in Singapore in 2020 were centred on COVID-19 subjects, and that the market’s ‘circuit breaker’ period provided an opportune timeframe for threat actors to launch phishing attacks.
South Korea also bore the brunt of phishing emails taking advantage of the pandemic situation. Indeed, the South Korean government was impersonated by one of the top threat actor groups in Asia Pacific, Lazarus Group, which sent out messages to at least 700,000 email addresses about fake COVID-19 payouts and shopping vouchers in a phishing campaign in June 2020.
Threat actors exploited COVID-19-induced disruptions to set their sights on trade secrets, according to Ensign, with attacks on manufacturing companies with ransomware.
In these instances, the perpetrators understood that the target companies’ production capabilities were already strained due to the pandemic-induced supply chain disruptions. This made manufacturers more willing to pay the ransom to resume operations quickly and avoid further production disruption.
Read more on the next page...