SINGAPORE – Media OutReach – July 21, 2022 – Ensign InfoSecurity, Asia’s leading pure-play end-to-end cybersecurity services provider, has released its Cyber Threat Landscape 2022 report, revealing that the Technology, Media, and Telecommunications (TMT) and Transport sectors were the most targeted industries for cyber threats in Singapore throughout 2021.

This latest report provides a comprehensive analysis of the cyber threat landscape in Singapore and key Asia Pacific markets, including Hong Kong, Malaysia, and South Korea. It explores emerging cyber threats expected to affect organizations in 2022 and beyond.

Key Findings of the Report:

TMT and Transport as Key Targets in Singapore
The TMT sector, which encompasses infocommunications, data centers, and media services, faced significant malicious traffic, accounting for nearly 70% of the cyber threats observed in Singapore in 2021. Cybercriminals are particularly interested in these organizations due to their critical bandwidth and computing resources, which can be exploited to create botnets or compromise other connected entities. The TMT sector’s role in processing and storing sensitive data also presents an easy entry point for malicious actors aiming for cyber supply chain attacks.

Steven Ng, CIO and EVP of Managed Security Services at Ensign, emphasized the need for enhanced cyber defenses: “Infocommunications companies are lucrative targets for malicious actors as their services penetrate and power almost every aspect of our society and digital economy. We need to constantly elevate our cyber defense capabilities to prevent cyber threats from derailing our nation’s digital ambition and undermining our position as a regional technology hub.”

Rising Cyber Threats Against Media and Transport Industries
Media organizations were increasingly targeted by cyberattacks designed to disrupt operations, including ransomware attacks aimed at manipulating information dissemination. The Transport sector, particularly aviation and maritime, also faced heightened risks due to the accumulation of personally identifiable information (PII) for cross-border travel.

The maritime industry experienced ongoing ransomware attacks targeting shipping lines and support services, exacerbating supply chain issues linked to the pandemic. Ransomware operators are leveraging the strain on business operations to pressure organizations into paying ransoms.

Opportunistic Cyberattacks Surge Amid COVID-19
Ensign reported a significant uptick in opportunistic cyber incidents in 2021, predominantly exploiting stolen credentials. Approximately 80% of these incidents stemmed from “hands-on keyboard” intrusions targeting remote access portals like VPNs and Virtual Desktop Interfaces, often due to insufficient security measures implemented during the rapid shift to remote work.

Global Trends in Cybersecurity: Ransomware and Supply Chain Compromises
Ransomware remains a critical threat globally, with increasingly sophisticated tactics such as multi-extortion approaches. Cybercriminals now disrupt operations, leak data, and employ DDoS attacks to extort victims effectively. Notably, the financial sector emerged as the top target for ransomware attacks in Singapore, followed by maritime and aviation sectors.

Ensign reported a staggering 133% increase in the mention of Singaporean companies on ransomware leak sites.

Emergence of Multi-Modal Attacks
The rise of multi-modal attacks, which combine misinformation, disinformation, and malinformation (MDM) techniques, further complicates the cybersecurity landscape. Threat actors utilize MDM methods in phishing attacks to create urgency and manipulate victims into taking action, thereby increasing the likelihood of successful breaches.

Compromising the Cyber Supply Chain
Threat actors are increasingly targeting the cyber supply chain, exploiting vulnerabilities in hardware, software, and vendors. The report highlights the critical security challenges organizations face due to inadequate inventory management, enabling cybercriminals to bypass security measures.

Attacks can occur at various stages of the software development cycle, from compromising open-source libraries to exploiting zero-day vulnerabilities. Hardware-related vulnerabilities are particularly challenging, often involving firmware and microcode, which can provide threat actors with elevated access privileges, allowing them to deploy malware without detection.

In conclusion, Ensign’s Cyber Threat Landscape 2022 report underscores the urgent need for organizations to enhance their cybersecurity defenses against evolving threats, particularly in high-risk sectors such as TMT and Transport. Collaborative efforts between public and private stakeholders are essential to foster a resilient cybersecurity ecosystem that nurtures skilled talent and drives innovation.

Hashtag: #EnsignInfoSecurity

About Ensign InfoSecurity:
Ensign InfoSecurity is Asia’s largest pure-play end-to-end cybersecurity service provider. Based in Singapore, Ensign offers customized solutions to meet clients’ cybersecurity needs, specializing in advisory services, architecture design, managed security, and advanced threat detection. With over two decades of experience, Ensign is a trusted partner for public and private sector clients across the Asia Pacific region.