30 Oct 2020 | Asia Cyber Summary

Blackpanda Feature

[PODCAST] Blackpanda CEO and Co-Founder Gene Yu spoke with Ruth Haller of Anapi about the cyber trends seen during the COVID-19 pandemic, ‘ransomware-as-a-service’ and what this means for startups. Listen here.

In the spotlight this week: 

  • Stradis Healthcare VP faced with a prison sentence and financial repercussions for sabotaging the company’s electronic shipping records

  • How remote working is making ransomware easier to pull off

  • Singapore sees a 20-fold increase in phishing attacks in the first half of 2020

  • Cellebrite ceases its digital intelligence offerings in Hong Kong and China

Insider Sentenced for Sabotaging Company’s Electronic Shipping Records for PPE Equipment, Causing Delays in Deliveries

Christopher Dobbins, former Stradis Healthcare Vice President, has been sentenced to prison and ordered to pay USD 221,000 for sabotaging the company's electronic shipping records during the COVID-19 pandemic which caused delays in deliveries. Dobbins deleted and modified his former employer's electronic shipping and other business records, causing more than USD 200,000 in damages.

Whilst Dobbin’s account was disabled on the day his employment was terminated, he used a fake user account that he had created while still employed at the company to access and tamper with sensitive records. Often the greatest risks to an organization are the employees they trust, especially those with privileged access to sensitive data and systems. Learn more about digital forensics and insider threat investigations.

The Battle Between Ransomware and Working From Home: How Remote Working is Making Cyberattacks Easier to Pull Off

Ransomware attacks have been on the rise since the beginning of 2020. Part of the reason for the upswing is the large number of people working from home as a result of the pandemic. While employees and their PCs were once safely behind the office firewall, now they're perched at a makeshift workstation, using all manner of cobbled-together technologies to get the job done. The attack surface has increased tremendously, not because of an increase in employee headcount, but because everyone is working from separate locations, operating from different networks outside of the organization’s perimeter.  Implementing multi-factor authentication and separating your network are some of the low hanging fruits for minimizing the ability of attackers to move laterally across the network. For more guidance on working from home, watch our webinar here.

Banking-related Phishing Scams See 20-fold Increase in First Half of 2020

Scammers have discovered new hunting grounds for victims through messaging apps and social media platforms. Phishing scams in the digital arena now involve fake advertising campaigns and lucky draws allegedly offered by banks. Most victims do not realize that they have been scammed until they discover unauthorized transactions made from their bank accounts. The Singapore Police Force reports that banking-related phishing scams notched up the fourth-highest number of reported cases among all scam types in the first six months of this year. From January to June 2020, 898 cases involving such scams were reported. This is a more than 20-fold increase from the 34 cases during the same period last year. In total, victims were cheated of SGD 3.6 million in the first half of 2020, up from SGD 93,000 in the same period in 2019.

Israeli Decryption Firm Cellebrite Ceases Its Digital Intelligence Offerings In Hong Kong and China 

Cellebrite, the global leader in Digital Intelligence (DI) solutions for public and private sectors, announced that it will stop selling its solutions and services to customers in Hong Kong and China, effective immediately, as a result of regulatory changes.

The announcement comes after a string of reports revealed that the firm’s technology was being used by China to spy on its citizens.

Subscribe Here to receive Blackpanda thought leadership, webinar invitations, and cyber intelligence direct to your inbox.