8 April 2022 | Asia Cyber Summary

In the Spotlight this Week:

  • Trezor cryptocurrency wallets targeted with phishing attacks following Mailchimp compromise

  • Nordex hit by cyber security incident, shuts IT systems

  • ICA calls for overhaul of cyber policy settings

  • Surveillance cameras can keep us safer but raise privacy concerns

  • Financial institutions to face higher penalty for cyber attacks, disruptions under new Bill

  • The Works forced to shut some shops after cyberattack

Trezor Cryptocurrency Wallets Targeted with Phishing Attacks Following Mailchimp Compromise

Cryptocurrency hardware wallet owners are being targeted by a phishing scam spread via Mailchimp email distribution services.

Trezor, the manufacturer of crypto wallets, announced on social media that its customers are being sent fake data breach notifications via its newsletters powered by Mailchimp. The company claimed that an “insider” is to blame for the phishing attacks, which Trezor says are also targeting other cryptocurrency firms.

“MailChimp have confirmed that their service has been compromised by an insider targeting crypto companies,” the tweet reads.

“We have managed to take the phishing domain offline. We are trying to determine how many email addresses have been affected.”

Nordex hit by Cyber Security Incident, Shuts IT Systems

Germany's Nordex Group, which along with its subsidiaries, develops, manufactures and distributes wind power systems, has been hit by a cyber security incident since Thursday and has shut down its IT systems across multiple locations and business units to contain the issue, the company said on Saturday.

It said the intrusion had been noticed at an early stage, and that customers, employees and other stakeholders might be affected by the shutdown of IT systems.

ICA Calls for Overhaul of Cyber Policy Settings

Australian businesses, insurers and government must work together to establish the settings for a vibrant and sustainable cyber insurance market to underpin economic growth into the future, the Insurance Council of Australia (ICA) today said.

Released in its Cyber Insurance: Protecting our way of life in a digital world paper, ICA highlights challenges to maintaining and developing a cyber insurance market to support Australian individuals, businesses and organizations operating in the digital economy following the COVID-19 pandemic.

This unprecedented growth in digitalization and connectivity has led to increased cyber risk. The spectrum of cyber risk includes inadvertent or deliberate data breaches by employees at one end, and ranges to criminal gangs and nation states targeting business operating systems at the other end.

Surveillance Cameras can Keep us Safer but Raise Privacy Concerns

While the use of surveillance cameras and facial recognition technology can keep countries safer, they also raise privacy concerns, Senior Minister Teo Chee Hean said on Tuesday the 5th April.

“We need to establish proper guidelines and standards on the use of technology to provide ample protection, and to preserve trust and confidence,” he said, stressing that technology is not an “unalloyed good”.

“Only with these in place can we make the best use of what technology can offer us, to improve our capability to protect our societies and people from the new dangers.”

Mr Teo, who is also Coordinating Minister for National Security, was speaking at an inaugural tech summit organised by the Home Team Science and Technology Agency (HTX).

Financial Institutions to Face Higher Penalty for Cyber Attacks, Disruptions Under New Bill

Financial institutions could face higher penalties for a cyber attack or disruption to essential services if a new Bill is passed in Parliament.

Financial institutions today rely heavily on technology to deliver financial services, Monetary Authority of Singapore (MAS) board member Alvin Tan told Parliament on Monday (April 4) during the second reading of the Financial Services and Markets Bill.

"However, the current maximum penalties that can be imposed for breaches of technology risk management requirements are not commensurate with the potential widespread impact to FIs' (financial institutions) customers and the financial industry that could result from such breaches," he added.

The Works Forced to Shut Some Shops After Cyber-Attack

The Works has been forced to shut shops temporarily and suspend new stock deliveries after a cyber-attack.

The retailer said five of its 526 shops have been closed since last week after hackers gained access to its computer systems and caused issues with its tills.

Customers are experiencing longer delivery times for online orders as a result.

The company said that no shoppers' payment details had been compromised.

In a statement, The Works said: "Customers can continue to shop safely at The Works, both in-store and online."

Subscribe Here to receive Blackpanda thought leadership, webinar invitations, and cyber intelligence direct to your inbox.