K
Kathleen Martin
Guest
Ransomware and phishing attacks continue to climb in Singapore, hitting small and midsize businesses (SMBs) and social media platforms. Cybercriminals also are expected to turn their attention to Internet of Things (IoT) devices and crypto-based transactions, leveraging the lack of security safeguards on these platforms.
Some 55,000 local-hosted phishing URLs were identified last year, up 17% from 2020, with social media companies accounting for more than half of spoofed targets. This might have been due to threat actors looking to exploit public interest in WhatsApp's announcement to update its privacy policy, said Singapore's Cyber Security Agency (CSA) on Monday, when it released its Singapore Cyber Landscape 2021 report.
Social networking sites were the most commonly spoofed sector, followed by financial services and the online and cloud services sector. WhatsApp, Facebook, Lloyds, Chase Bank, and Microsoft were the most commonly spoofed brands, according to CSA.
The government agency noted that scammers also spoofed government websites in late-2021, amidst heightened interest in the Omicron subvariant outbreak here.
The number of ransomware cases reported to CSA totalled 137 last year, up 54% from 2020, with SMBs from sectors such as manufacturing and IT mostly falling victims to such attacks. These industries typically operated 24 by 7, leaving little time for organisations to patch their systems and potentially enabling ransomware groups to exploit vulnerabilities, CSA said.
It noted that ransomware groups targeting SMBs in Singapore tapped the ransomware-as-a-service model, which made it easier for amateur hackers to use existing infrastructure to push out ransomware payloads.
CSA also identified 3,300 malicious command and control (C&C) servers hosted in Singapore last year, more than triple the number in 2020 and the largest figure registered since 2017. The significant climb was attributed to the number of servers distributing Cobalt Strike malware, accounting for almost 30% of all C&C servers.
Continue reading: https://www.zdnet.com/article/singapore-clocks-higher-ransomware-attacks-warns-of-iot-risks/
Some 55,000 local-hosted phishing URLs were identified last year, up 17% from 2020, with social media companies accounting for more than half of spoofed targets. This might have been due to threat actors looking to exploit public interest in WhatsApp's announcement to update its privacy policy, said Singapore's Cyber Security Agency (CSA) on Monday, when it released its Singapore Cyber Landscape 2021 report.
Social networking sites were the most commonly spoofed sector, followed by financial services and the online and cloud services sector. WhatsApp, Facebook, Lloyds, Chase Bank, and Microsoft were the most commonly spoofed brands, according to CSA.
The government agency noted that scammers also spoofed government websites in late-2021, amidst heightened interest in the Omicron subvariant outbreak here.
The number of ransomware cases reported to CSA totalled 137 last year, up 54% from 2020, with SMBs from sectors such as manufacturing and IT mostly falling victims to such attacks. These industries typically operated 24 by 7, leaving little time for organisations to patch their systems and potentially enabling ransomware groups to exploit vulnerabilities, CSA said.
It noted that ransomware groups targeting SMBs in Singapore tapped the ransomware-as-a-service model, which made it easier for amateur hackers to use existing infrastructure to push out ransomware payloads.
CSA also identified 3,300 malicious command and control (C&C) servers hosted in Singapore last year, more than triple the number in 2020 and the largest figure registered since 2017. The significant climb was attributed to the number of servers distributing Cobalt Strike malware, accounting for almost 30% of all C&C servers.
Continue reading: https://www.zdnet.com/article/singapore-clocks-higher-ransomware-attacks-warns-of-iot-risks/
