Threat actors target Southeast Asian tech providers in hunt for scale

Last year saw threat actors target the technology sector across the Southeast Asia region to achieve economies of scale, according to the latest research by Singapore-based cyber security service provider Ensign InfoSecurity.  

Technology service providers were attractive targets for threat actors in 2020, with many organisations engaging their services during the pandemic to ensure business continuity, according to Ensign.  

This heightened service partner engagement presented a compelling draw for cyber criminals, with a successful cyber attack allowing threat actors to obtain the credentials of these service providers’ clients, potentially handing them illicit access to a wide range of companies.  

According to Ensign, threat actors also targeted technology hardware and software vendors to breach and implant malicious code and components into the vendors’ product development systems. This enabled perpetrators to rapidly develop zero-day exploits or create backdoors to compromise the integrity of the products, allowing them to readily reach a larger pool of targets. 

Tech companies are set to be prominent targets for the foreseeable future, according to Steven Ng, Ensign CIO and executive vice president of managed security services.   

“Technology suppliers and service providers will continue to be lucrative targets for threat actors as organisations become increasingly reliant on digital technologies to support their business operations and position themselves for the future,” said Ng. 

“If threat actors can successfully compromise just one of these companies’ systems, it can create a ripple effect that will impact large groups of organisations across industries and geographies,” he added.