Ensign InfoSecurity has released the 4th edition of its Cyber Threat Landscape 2023 Report, which details cyber security threats affecting the Asia region. The report provides a comprehensive analysis of the top threat trends of 2022, deep insights into key topics and an outlook on cyber threats in 2023. It also delves into the biggest threats and vulnerabilities across some of Asia’s key economies, including Singapore, Malaysia, Indonesia, South Korea, and Hong Kong.
Energy and water utilities (including the oil and gas sectors), healthcare, and transport (aviation, maritime and land transportation) have been identified as Singapore’s most vulnerable sectors. Chinese threat actors have increased targeting in the region over Russian and North Korean groups for the first time.
The potential of the proliferation of Generative AI to enhance the capabilities of both cyber defenders and threat actors and circumvent present-day approaches to authentication and verification of identity.
Singapore: Energy & water utilities, healthcare, and transport most vulnerable sectors
Singapore’s transport industry group (made up of aviation, maritime and land transportation) saw an average dwell time – the time malicious actors have compromised a system before being detected and contained – of 71 days, higher than the previously reported regional average of 33 days, but lower than the observed regional average of 83 days.
Singapore’s Energy & Water Industry (including the oil and gas sectors) received the most number of attacks in January, possibly due to the festive season with threat actors expecting employees to be less vigilant around cybersecurity risks. The industry was also the target of mostly highly sophisticated attacks, resulting in some level of disruption. Increasing digitisation in the healthcare sector and the advancement of IoMT (Internet of Medical Things) has created a matrix of difficult-to-manage networks, resulting in a wide digital attack surface. It is most likely that many healthcare networks are already compromised.
Top cyber threat trends in 2022
2022 saw an increasing evolution and proliferation in the use of Ransomware and Wiperware as cyber weapon platforms. The year also saw the continued impact of cyber supply chain compromise due to large-scale, deployed components, which are vulnerable and lead to the compromise of several big-name victim companies, commonly leading to Ransomware and data sale from breaches. The evolving exploitation of IoT (Internet of Things), Mobile devices, applications and Operational Technology for greater leverage by threat actors. 2022 also saw the continued proliferation of the Ransomware-as-a-Service (RaaS) model, resulting in a shift in the number of attacks targeting Small to Medium Enterprises (SMEs), many of which may support essential service providers.
Regionally, activities by state-sponsored and organised threat groups originating from China have now eclipsed those of state-sponsored groups operating from Russia and North Korea. This may be a result of the ongoing Russia-Ukraine conflict leading to a change in targeting focus away from the region.
AI and business cyber resilience
Generative AI (GAI) remains a double-edged sword, with threat actors exploiting GAI to create convincing phishing content with 10-15% higher click-through rates, develop malware faster, and circumvent authentication and identity verifications by synthetically generating imagery and voice representations. While it seems that GAI development and proliferation may favour threat actors, cyber defenders also leverage GAI and other forms of AI technologies to enhance their efficiency and effectiveness to accelerate the resolution of low-level cyberattacks, freeing defenders to focus on more complex issues.
The full Cyber Threat Landscape Report 2023 can be downloaded here.
Related article: Forget the hacker in a hoodie, cybercrime is big business