Ensign InfoSecurity’s Cyber Threat Landscape Report: Singapore’s Most Vulnerable Sectors Identified
Ensign InfoSecurity (“Ensign”), Asia’s largest pure-play end-to-end cybersecurity service provider, released the fourth edition of its annual Cyber Threat Landscape report. The report provides a comprehensive analysis of the top threat trends of 2022, deep insights into key topics and an outlook on cyber threats in 2023. It also delves into the biggest threats and vulnerabilities across some of Asia’s key economies including Singapore, Malaysia, Indonesia, South Korea, and Hong Kong.
By providing a deep dive into Asia-wide hyper-localised and sector-centric intelligence, Ensign hopes to enable organisations to take on a threat-informed defence approach to threat analysis and cyber defence. This year, the report incorporates a new approach by providing detailed insights into specific threat actors.
Key insights from the report include:
Singapore: Energy & water utilities, healthcare, and transport identified as Singapore’s most vulnerable sectors
Singapore’s transport industry group (made up of aviation, maritime and land transportation) saw an average dwell time – the time malicious actors have compromised a system before being detected and contained – of 71 days, higher than the previously reported regional average of 33 days, but lower than the observed regional average of 83 days. Singapore’s Energy & Water Industry (including oil and gas sector) received the most number of attacks in January, possibly due to the festive season with threat actors expecting employees to be less vigilant around cybersecurity risks. The industry was also the target of mostly highly sophisticated attacks, resulting in some level of disruption. Increasing digitisation in the healthcare sector and the advancement of IoMT (Internet of Medical Things) has created a matrix of difficult-to-manage networks resulting in a wide digital attack surface. It is most likely that many healthcare networks are already compromised.
Top Threat Trends in 2022
2022 saw an increasing evolution and proliferation in the use of Ransomware and Wiperware as cyber weapon platforms. The year also saw the continued impact of cyber supply chain compromise due to large-scale, deployed components which are vulnerable and lead to the compromise of several big-name victim companies, commonly leading to Ransomware and data sale from breaches. The evolving exploitation of IoT (Internet of Things), Mobile devices, applications and Operational Technology for greater leverage by threat actors. 2022 also saw the continued proliferation of the Ransomware-as-a-Service (RaaS) model, resulting in a shift in the number of attacks targeting Small to Medium Enterprises (SMEs), many of which may support essential service providers.
Regionally, activities by state-sponsored and organised threat groups originating from China have now eclipsed those of state-sponsored groups operating from Russia and North Korea. This may be a result of the ongoing Russia-Ukraine conflict leading to a change in targeting focus away from the region.
AI and Business Cyber Resilience
Generative AI (GAI) remains a double-edged sword, with threat actors exploiting GAI to create convincing phishing content with 10-15 per cent higher click-through rates, develop malware faster, and circumvent authentication and identity verifications by synthetically generating imagery and voice representations. While it seems that GAI development and proliferation may favour threat actors, cyber defenders are also leveraging GAI and other forms of AI technologies to enhance their own efficiency and effectiveness to accelerate the resolution of low-level cyberattacks, freeing up defenders to focus on more complex issues.
“While threat actors are rapidly advancing and becoming highly sophisticated in their techniques, we have observed an overall lack of cybersecurity awareness across organisations in Asia. With AI-powered attacks generating new pathways, we discovered a drastic uptick in threats across the territories featured in our report. While this is deeply concerning for sure, we envision new AI-powered technologies playing a big role in the next tech revolution. Policy and regulation, along with a strong ethical framework for AI, will go a long way in casting a security net for nations at large, and organisations in particular,” said Lim Minhan, Head of Consulting at Ensign InfoSecurity.
“We are proud to present the Cyber Threat Landscape report year-on-year, compiling strategic insights and actionable intelligence that help propel organisations towards an ideal and more secure cyber posture. Adopting Ensign InfoSecurity’s threat-informed defence approach, this report harnesses the power of both proprietary and open-source threat data integrated into the MITRE ATT&CK™ framework. We endeavour to put the power back into the hands of leaders and management teams and provide crucial intelligence that helps them assume an ever-ready stance,” he added.