Web borne threats and cyber threats are the main categories of cyber security risks that may cause undesirable events or action via the internet.
Such cyber threats expose people and systems to harm.
For the cyber security threats in Singapore, according to an article in Security brief, while large scale phishing threats were averted this year, the Police have warned of an increase in the phishing scams where cyber criminals impersonate banking officials and target victims through SMS messages or phone calls.
The Cyber Security Agency of Singapore (CSA) released the Singapore Cyber Landscape (SCL) 2021 publication, on the 29th of August 2022.
This publication highlights the continuous cyber security threat that Ransomware and Phishing posed to Organizations and Individuals in Singapore in the year 2021.
Some of the Key Cyber Threats for 2021 were:
- Ransomware: These cases mostly affected SMEs like Manufacturing and IT. Operations in these sectors go round the clock, thereby making it difficult to provide much time to patch the systems. CSA observed that the groups targeting SMEs, used the Ransomware-as-a-service (RAAS) model. More amateur hackers used this model to distribute ransomware payloads which increased the cyber security threat levels.
- Phishing: Social networking firms made up more than half of the targets for spoofed urls / calls/ sms. Scammers also used the COVID-19 period and the subsequent lockdown periods to target the Government websites.
- Botnet Drones: Driven by an increase in servers distributing cyber threats like Cobalt Strike. Since no single strain accounted for more of the compromised devices, the trend could have been caused by cyber threat actors going away from the old strains of malware and finding out new infection methods.
- Website Defacement : Compared to the data with 2020, there has been a decrease in this trend of attack. This could be credited to the cyber threats moving away to attack social media platform sites with potentially wider reach.
- Cyber crime: Online crime made up to the top cyber security threats in Singapore, while the next chunk being the the Computer Misuse Act offenses and cyber threat extortion cases.
Here are some tips for companies that offer remote or hybrid work arrangements, addressing the cyber security threats in Singapore:
- Cyber security should be more dynamic, taking up the changes quickly – not static at all. This will blend the technology and the effort while being constantly updated and upgraded.
- Ensure that the end point protection, on all the devices connected to the organization, including mobile devices and the switches on the firewalls, are updated.
- Consider using a threat intelligence platform – this will help anticipate cyber threats and help patch the right areas.
- Ensure that the third party vendors cyber security policy also aligns with the one that we are on, and their systems are updated.
- Follow the rules of cyber security hygiene – usage of strong passwords, not clicking on any unknown links, not installing any third party software without confirming internally, using a reliable cyber security solution.
- Employ common sense before handing out sensitive information thereby creating a cyber threat. Have a culture to never share private or confidential data online. Check all links before clicking them.
- Never open unsafe email attachments or links attached to suspicious emails leading to a cyber threat
- Always keep systems checked for cyber threats like malware, ransomware and trojans.
- Remind to always keep the operating systems updated with the latest cyber security patches.
- Clean up the temporary files from your systems at regular intervals to prevent a cyber threat.
- Use a trojan detection tool, like JRT that will help identify and quarantine suspicious files in the registry.
As an organization, there has to be a complete focus on the below areas:
- Focus on the threat predictions.
The latest changes to the threat plateau, can actually showcase the right areas of focus for the organization. That will bring the organization focus on the right area.
- Prepare your cyber security risks and assessments based on the threat predictions.
The areas of threat, observed from the risk assessment, should be focused on both from the management as well as down to the tech working to patch that risk. Primary goal should be to get the risk perspective to as low on the scale as possible so that the probability of exposure from that risk is low.
- Draft your Data protection strategy based on the risk assessment.
Based on the risks identified from the cyber threat risk assessment exercise, the at-most attention should be given to the areas with high possibility of a data leak. Strategies need to be in place to reduce the data leakage.
- Think how you can turn your cyber security risk into business value.
Cyber security risks would continue to dominate with more and more players getting into the game. However, it is important to identify methods / techniques that can counter these risks. Such methods can be used to enhance business value and also can act as an additional line of business for the organization.
- Believe that multi cloud approaches would need comprehensive cyber security strategies.
The need of the hour is multi cloud. And when we plan to have multiple clouds, interacting with each other, the areas of threat protection and data leakage are of at-most concern.
- Intelligent threat analysis and quick response based on the cyber security principles
Organizations these days need to have QRTs (Quick Response Teams), whose actions are based on the threat landscape and repair time.
- Cyber Security throughout the cloud cycle
Complete focus on cloud backups, databases on the cloud, their exposure and the WAFs involved.
Key Challenges for Security Managers:
- Assess and identify cyber security risks early on
- Detect unusual cyber threats.
- Prevent unauthorized users from accessing critical data
- Deliver proper responses to cyber security issues.
- Restore business continuity as soon as possible
For more information, do visit us at here Acronis Cyber Protect
On our side, we have a single solution to protect your data: Acronis Ransomware Protection
If you would like to know what more can be done about your data and your websites / applications, do connect with us at below.