Various forms of cyber security issues and threats were reported in the Asia-Pacific (APAC) Region in November. Malware attacks, ransomware, and sideloading were among these security issues that threatened the region for the past month.
Top Cyberattack Incidents that hit Asia-Pacific in November
An emerging Chinese APT group uses DLL side-loading attacks to target organizations in Myanmar. This hijacking technique relies on Windows’ side-by-side assembly feature to load and run the malicious DLLs. First observed in 2013, this method has been used by many APT groups in the past.
According to a ZDNet blog post, the APT “combines four separate types of side-loading attack when carrying out targeted campaigns.”
In Taiwan, the popular computer manufacturing company Compal was hit by a ransomware attack. Compal is a Taiwanese electronics company that has earned its reputation as one of the world's leading suppliers of notebook PCs, LCD products, and mobile devices for some of the world's biggest tech firms, including Apple, Acer, Lenovo, Dell, Toshiba, HP, and Fujitsu. The attack was believed to be done by the ransomware group DoppelPaymer. It compromised around 30% of the company’s computer fleet. On top of this, the ransomware gang demands up to $17 million from the laptop manufacturer, according to this blog post by CPO Magazine.
In the Philippines, a COVID-19 data-sharing app used by healthcare workers contained multiple vulnerabilities that leaked their data. This breach could have affected not only the data of the workers but the patients as well. Due to the app’s flaws, unauthorized users were able to access users’ private data.
South Korea has also experienced its fair share of malware attacks from what is believed to be Lazarus malware. The malware hit South Korean supply chains using stolen security certificates from two different South Korean companies.
Across Southeast Asia, a new Chinese state-sponsored hacking group known as FunnyDream infected over 200 systems, according to a report published by security firm Bitdefender. It was also reported that the malware attacks are part of a systematic cyber-espionage targeting SEA governments.
Moreover, multiple Japanese firms are targeted at a large-scale attack campaign in what is suspected to be an “intelligence-gathering operation.” It included branches in as many as 17 regions around the world.
According to Symantec, businesses across several industries are being targeted, particularly those operating in the manufacturing, pharmaceutical, and engineering fields, as well as Managed Service Providers (MSPs).
In South Korea and China, eight members of a voice ring were arrested. Possible links with North Korean hackers are being investigated by authorities. The arrested members stole around 2 billion won in phishing scams from about 200 South Koreans ($1.8 million).
In an effort to steal more information, the accused reportedly gained their victims’ personal data from a private money lender. The stolen personally identifiable information (PII) included the victims’ names, security PINs, and telephone numbers, which they then used to further their attacks.
They tricked the customers into downloading a malicious application to steal more information. They also posed as bank or insurance firm employees and had victims send them money.
In a bid to fortify the country’s cybersecurity, Singapore calls for mandatory off-site verification for financial institutions. Singapore acknowledges the need for various personal information such as passwords and biometrics to enable "nonpersonally" authentication of financial services. This came about as a result of an increase in impersonation scam cases and the strong likelihood of personal data theft.
ZDNet notes that the Singapore Monetary Authority (MAS) defined an obligatory use of at least one identity verification methods such as OTPs and biometrics before any transactions or requests under digital financial services (online banking, etc.) are confirmed and processed.
It has also been announced that Australia is leading the Five Eyes into the new cybersecurity laws. They proposed a new amendment that will give ministerial approval that if a company is unwilling or unable to respond to a cyberattack, the Australia’s Signals Directorate (ASD) will be permitted to take over the response.
These new laws and initiatives are a big step towards a more holistic approach to cybersecurity, especially at a time where cybercrime is expected to cost more than $6 trillion worldwide. For businesses, cybersecurity must not be ignored or taken for granted as the costs of the attacks are quite alarming.
Cybersecurity is a collective approach to protecting society against cyber threats. A proper cybersecurity posture with strong defense networks must be maximized to fight and deter cybercrime.
GlobalSign offers an array of identity and security solutions to help all businesses stay protected from online threats. Whether you are looking for a solution to protect your websites, emails, documents, and even software, we have what you need. We manage millions of verified digital identities and make authentication and encryption easier.
For more blog updates, click here.