Top 5 Cyber Security Threats in 2021: Essential Cyber Intelligence for Singapore

In the digital age of the 21st Century, it is important to understand that cybersecurity threats aren't just a mouthful of buzzwords created and repeatedly used by the media. Cybersecurity threats come in various forms of malicious acts such as computer viruses, data breaches and distributed denial-of-service (DDoS) attacks. Such attacks or viruses can disrupt the services of a service provider and at the same time steal raw data from organizations or businesses, potentially costing businesses millions in revenue or damages.

Data breaches can be crippling to businesses and their reputations as consumers lose trust in the brands that failed to protect and safeguard their data, eventually leading to a drop in sales and revenue. Important and confidential corporate information and financial information can also be stolen, which could also lead to loss of value of the organization.

One of the largest cyber attacks in history was one that involved American search engine and web services provider, Yahoo, in 2014. Yahoo fell victim to one of the biggest data breach in history, which compromised names, email addresses, dates of birth and contact details of 500 million users. Another 1 billion users were affected in the second cyber-attack against Yahoo just 2 years later in 2016, resulting in a $350 million devaluation of the company due to the number of users who left Yahoo.

In order for businesses to protect themselves and their users from threat actors gaining access to their personal and corporate information, the former has to have a good grasp and understanding of the top cyber security threats of today. Understanding the threat landscape and potential risks out there can allow enterprises to use the right types of threat intelligence to safeguard themselves against possible attacks. Read on to find out what are some of the possible threats that can potentially jeopardize your business.

1. Social Engineering

Social engineering is an umbrella term commonly used to refer to a wide range of malicious cyber activities accomplished through human interactions online. It includes using psychological manipulation to trick users into giving away sensitive information through security mistakes.

The most common social engineering attacks include phishing email, spear phishing, scareware and baiting, with phishing scams being the most frequently used method by hackers in Singapore. Phishing is an attack that involves tricking victims into disclosing confidential information or downloading malware by clicking on a hyperlink in the email. In fact, only 4% of Singaporeans are able to identify a phishing attempt masked as a regular email.

Spear phishing, on the other hand, is a more sophisticated form of phishing where the attacker spends time to learn about the victim and impersonates someone trustworthy, an authority or a celebrity to retrieve sensitive data from victims. In some cases, the attacker might even interact with the victim in real time.

2. Ransomware

Ransomware attacks involves encrypting data on the targeted system and demanding a ransom in exchange for allowing the user access to their own data again. The hackers basically hold users' data available in the cyber space hostage and demand for ransom from organizations. These attacks can be done at a large scale, for example the University of California, who was demanded $1.14 million when hackers compromised Covid-19 research data. In some cases, it can even cause tragic consequences such as when a German hospital was targeted and hackers disabled life-support systems, leading to a patient's death.

3. DDoS Attacks

In the first half of 2020 alone, there were 4.83 million Distributed Denial of Service (DDoS) attacks attempted, with each attack costing businesses as much as US$100 000 per hour. This type of threat takes advantage of the specific capacity limit that applies to any network resource, such as the web-based infrastructure that enables a company's website. In simpler terms, it denies users' access to an organization's services for an extended period of time to steal data. Public Cloud-based services are the most vulnerable platforms to DDoS attacks since there is a massive amount of user data within the Cloud.

4. Cloud-computing Vulnerabilities

As remote work grows to become the new normal in the 21st Century, more companies are taking steps to digitalize their data and operations to cloud-based systems for employees to be able to work remotely during the pandemic. This leaves plenty of opportunities for hackers to prey on cloud accounts within cloud service providers that hold tons of confidential information and the IP addresses of consumers, employees and the company.

In 2020, cloud service provider Blackbaud was attacked by hackers who stole bank details and passwords from millions of users worldwide, and was tangled in a lawsuit after.

5. Third-Party Software

Web applications such as Spotify and Instagram are linked to a wide range of third party software that leave users vulnerable to data theft from third-party vendors. In fact, third party software has affected up to 80% of organizations since they act as a gateway for hackers to commit intellectual property theft, credential theft, spear phishing, data exfiltration and file-less malware. However, it is entirely possible to defend your business and applications from data breaches and malicious hackers out there. Find out how today.

How to Guard Yourself and Your Business Against Cyber Security Threats

With the numerous cyber security threats and threat actors looming online, no organization or user is 100% safe online, but how can businesses better protect themselves and consumers from data theft or security risks? The answer is simple – by depending on reliable and professional IT solutions and services from Fujitsu.

With Fujitsu, your organization will be able to respond to incidents of cybersecurity threats once there is any indication of compromise (IOC) in your organizational systems. From providing professional consultation to application of strategic cyber intelligence solutions, we have got you covered. Approach our team of skilled intelligence analysts to find out more about our array of cybersecurity services today.