Cyber SafetyE-Books and White PapersIdentity & AccessThreat Detection & Defense

Sygnia Case Study: Cracking a Global Adversary-in-the-Middle Campaign Using a Threat Intelligence Toolkit

Photo of CSA Editorial CSA Editorial Send an email July 14, 2023
1 minute read

In the digital age, businesses heavily rely on email communications. However, a concerning trend has emerged: the rise of Cybercrime-as-a-Service targeting business emails. According to Microsoft, this threat has surged by 38% globally between 2019 and 2022. Safeguarding sensitive information and preserving business operations has become paramount in the face of this alarming development.

Sygnia, a leading cyber technology and services company that provides high-end consulting and incident response support for organisations worldwide, was recently called upon to investigate a Business Email Compromise (BEC) attack against one of its clients. BEC attacks are a rapidly growing online crime with financial implications across various industries, including in Singapore and the APAC market. In this report, Sygnia shares effective techniques to detect major BEC campaigns, assisting security professionals in analysing suspicious indicators and enhancing threat monitoring and detection. By leveraging advanced Cyber Threat Intelligence (CTI) enrichment techniques, Sygnia identified that this BEC attack was part of a more extensive campaign impacting multiple global organisations.

The threat actor gained initial access and executed an ‘adversary-in-the-middle’ attack to bypass Office 365 authentication, gain persistence on the network, and exfiltrate data. However, Sygnia discovered that this was not the attacker’s ultimate goal. Instead, the compromised accounts were being used as a beachhead to launch further phishing attacks as part of a global phishing campaign targeting dozens of organisations.

As the cyber threat landscape continues to evolve, businesses must remain vigilant and equipped with the necessary knowledge to detect and combat such malicious activities. By sharing their findings, Sygnia aims to empower organisations with the tools they need to strengthen their defences, proactively detect threats, and mitigate the risks associated with these pervasive cyber threats.\

Click here to download the case study:

Tags
Photo of CSA Editorial CSA Editorial Send an email July 14, 2023
1 minute read
Photo of CSA Editorial

CSA Editorial

Launched in Jan 2018, in partnership with Cyber Security Malaysia (an agency under MOSTI). CSA is a news and content platform focusing on key issues in cybersecurity in the region. CSA is targeted to serve the needs of cybersecurity professionals, IT professionals, Risk professionals and C-Levels who have an obligation to understand the impact of cyber threats.

Related Articles

81% of Malaysians Have Adopted Digital Cards for Convenience and Security, states IDEMIA Secure Transactions Global Study

October 4, 2024

The Costs of Cyber Attacks: How One Breach Can Sink Your Business

October 4, 2024

Building Digital Trust in Malaysia: Essential Steps Every Organisation Should Take

October 4, 2024

Cloudflare Introduces Threat Intel Team and Commits to Making Precise and Timely Global Threat Research Accessible for Anyone

October 4, 2024

Leave a Reply

Your email address will not be published. Required fields are marked *

(c) Asia Online Publishing Group 2024 - Media and PR enquiries - editor@aopg.net