Tag Archive for: Singapore

Singapore faced more cybercrime, ransomware threats in 2021

/in


CNA – Firms and individuals in Singapore faced an increased number of cybercrime, phishing and ransomware threats last year, according to a report released by the Cyber Security Agency of Singapore (CSA) yesterday.

There were 137 ransomware cases in 2021, a 54 per cent jump from the 89 reported in 2020.

In a ransomware attack, hackers – or threat actors – use malicious software to encrypt files on a device, then demand ransom to undo their work.

The cases affected mostly small-and-medium enterprises (SMEs) from sectors such as manufacturing and IT, said CSA in its annual Singapore Cyber Landscape publication.

“The around-the-clock nature of these sectors’ operations did not provide for much time to patch their systems, thus potentially allowing ransomware groups to exploit vulnerabilities,” the agency added.

Ransomware groups targetting SMEs used a model known as “Ransomware-as-a-Service”, which makes sophisticated ransomware strains accessible to less technically adept cybercriminals.

This made it easier for amateur hackers to use existing infrastructure to distribute ransomware payloads, said CSA.

A man uses a laptop. PHOTO: CNA

Phishing cases also rose by 17 per cent last year, with about 55,000 unique Singapore-hosted phishing URLs – with a “.sg” domain – observed.

In 2020, there were 47,000 such URLs identified.

Phishing refers to the practice of inducing people to reveal their personal information such as account passwords and credit card numbers.

Social networking firms made up more than half of the spoofed targets of phishing cases, said CSA.

“This was possibly driven by malicious actors’ exploitation of public interest in WhatsApp’s updated privacy policy announcement on users’ phone numbers being shared with Facebook,” the agency added.

Scammers also exploited the COVID-19 pandemic amid the Omicron variant outbreak in late 2021 to spoof government websites, said CSA.

The Singapore Police Force also reported cybercrime as a key concern, with 22,219 cases recorded last year – up 38 per cent from 16,117 cases in 2020.

Online scams made up the top cybercrime category in Singapore, accounting for 81 per cent of the cases. Of the rest, 17…

Source…

Smart Ship© Hub , Singapore headquartered B2B (SaaS) Maritime digital platform raises pre series round of $ 2.5M led by Ideaspring Capital and StartupXseed ventures

/in


SINGAPORE, Aug. 4, 2022 /PRNewswire/ — Smart Ship Hub(SSH) is a ready to deploy digital platform for global maritime logistics. SSH is disrupting the maritime industry the way avionics did in airline industry. Cloud based and on demand, SSH provides “unified platform and a single source of truth” for Ship owners, Ship Operators, Charter Parties, maritime insurers, Port authorities. The platform caters for merchant ships, naval ships, oil rigs, river going barges and fishing vessels.

Left to right, Prashant, Head Delivery, Joy Basu (CEO), Vikram, CTO
Left to right, Prashant, Head Delivery, Joy Basu (CEO), Vikram, CTO

Global maritime , despite being the largest mode of transport suffers from operational inefficiencies, lack of visibility, transparency leading to commercial leakages. Ship owners, operators, chartering agencies, insurance companies are now focussed on technology backed smarter processes to ensure “High vessel uptime , Sea worthiness and Predictability” with digital systems.

SSH’s “ship-to-shore and shore-to-ship” based management of fleet using smart sensors, IOT, big data is saving substantial operational costs while enhancing voyage efficiencies . The digital platform is helping predict possible machinery down time, malfunctioning, identify performance deviations, vessel routes to improve voyage and vessel performance. SSH’s ” Marine Insights ” is a unique maritime big data platform providing actionable intelligence, smart alerts and performance advisory for entire fleet using millions of records.

SSH’s global customers are able to achieve their target of ” minimal breakdown maintenance”, “optimum fuel utilization”, “staying in total compliance including for emissions”, ” optimize costs with condition based maintenance” and a much higher level of ” voyage control” . “Performance Advisory” feature is reducing number of incidents for these ships while saving maintenance and fuel costs . Future ready maritime companies are helping in creation of a connected ecosystem: connected ships,  shared services (routes, capacity, procurement) and “pay per use” model with SSH digital.

Joy Basu , Founder of Smart Ship Hub adds: “Digital platforms will play a fundamental role in disrupting maritime legacy processes. Inefficient…

Source…

Singapore rolls out cyber security certification scheme

/in


Singapore’s Cyber Security Agency (CSA) has launched a new cyber security certification scheme to recognise organisations with good cyber security practices.

Comprising two cyber security marks, Cyber Essentials and Cyber Trust, the scheme was developed in consultation with certification practitioners, technology providers and trade associations, taking into consideration the organisational profiles and operational needs of enterprises in Singapore.

Cyber Essentials is aimed at helping small and medium-sized enterprises (SMEs), which tend to have limited cyber security resources, adopt cyber security measures to protect their systems, such as data backups, access controls and incident response.

For larger firms, Cyber Trust will provide a risk-based approach to help them understand their risk profiles and identify relevant cyber security preparedness areas required to mitigate security risks.

This is done through five cyber security preparedness tiers that correspond to an organisation’s risk profile, with each tier comprising 10 to 22 domains such as governance, cyber education, information asset protection and cyber security resilience, among others.

Led by CSA and the Singapore Standards Council (SSC) with support from the Infocomm Media Development Authority, the preparedness tiers are part of a Technical Reference (TR) on cyber security standards which is expected to be published in the second quarter of 2022.

CSA said the new two cyber security marks do not certify the cyber security of specific products or services. Rather, they certify the cyber security measures adopted by an organisation.

In rolling out the certification programme, CSA has appointed eight independent certification bodies for enterprises applying for either Cyber Essentials or Cyber Trust. While the security marks are not mandatory, CSA said it will work with industry partners, such as trade associations and business groups to encourage adoption.

David Koh, chief executive of CSA, said the security certification scheme is timely and that companies could be required to demonstrate their cyber security to provide greater assurance to their customers. “Having the certification reflects the…

Source…

CSA looking into Singapore cybersecurity firm blacklisted by US for trafficking hacking tools

/in


COSEINC describes itself on its website as a “privately funded company dedicated to providing highly specialised information security services to our clients”. It was founded in 2004 and is based at the Citilink Warehouse Complex on 102F Pasir Panjang Road.

According to its website, the company’s services include research, consulting and education, in areas such as computer security, malware analysis and penetration testing. Accounting and Corporate Regulatory Authority records show that it is a live company.

COSEINC’s chief executive officer is Mr Thomas Lim, according to his LinkedIn page. His most recent post, about a month ago, said he could help anyone looking to hire “trained and certified” cybersecurity professionals.

Reuters reported on Nov 4 that Mr Lim is known for organising a security conference, named SyScan, which was sold to Chinese technology firm Qihoo 360, a sanctioned entity.

An email published by WikiLeaks in 2015 suggested that Mr Lim had also previously offered to sell hacking tools to Italian spyware vendor HackingTeam, the report said.

COSEINC did not respond to CNA’s request for comments. The telephone number listed on the company’s website could not be reached.

THREE OTHER COMPANIES BLACKLISTED

COSEINC was one of four companies added to the trade blacklist by the US last week, with the other three being Russia’s Positive Technologies as well as Israel’s Candiru and NSO Group.

NSO Group and Candiru were added to the list based on evidence that they “developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, business people, activists, academics and embassy workers”, said the US Department of Commerce on Nov 3.

NSO Group is the developer of Pegasus, a type of malware that infects iPhones and Android devices to enable operators of the tool to extract messages, photos and emails, record calls and secretly activate microphones.

Investigations have shown that some governments have used Pegasus to target rights activists, journalists and politicians around the world, with possible targets in Singapore. NSO Group has denied these reports.

Source…