|Ensign InfoSecurity (Ensign), Asia’s cybersecurity firm, has unveiled the findings of its Cyber Threat Landscape 2021 report, which found that the technology, manufacturing, banking and finance industries were the top targets in Asia Pacific for threat actors in 2020.
Ensign’s latest report provides insights into the cyber risks and threats that surfaced across four Asia Pacific markets – Hong Kong, Malaysia, Singapore, and South Korea – as the pandemic dramatically reshaped the business landscape. It also explores cyber threat trends that are emerging or will persist in 2021.
Sector analysis: Threat actors targeted the technology sector to achieve economies of scale
Technology service providers were attractive targets for threat actors as many organisations have engaged their services during the pandemic to ensure business continuity. A successful cyber attack would allow the threat actors to obtain the credentials of these service providers’ clients, gaining them illicit access to a wide range of companies.
Threat actors also targeted technology hardware and software vendors to breach and implant malicious codes and components into the vendor’s product development systems. This enabled the perpetrators to rapidly develop zero-day exploits or create backdoors to compromise the integrity of the products, allowing them to readily reach a larger pool of targets.
The threat actor’s focus on these sectors is a concern as organisations continue to invest in digital technologies. According to IDC, digital transformation investments in Asia Pacific including Japan and China (APJC) are poised to hit an estimated US$ 921 billion by 2024, compared to US$ 430 billion in 2019. Additionally, IDC estimates that by the end of 2023, 80 per cent of enterprises in Asia Pacific will put mechanisms in place that will enable them to shift to cloud-centric infrastructure and applications twice as fast as before the pandemic.
“Technology suppliers and service providers will continue to be lucrative targets for threat actors as organisations become increasingly reliant on digital technologies to support their business operations and position themselves for the future. If threat actors can successfully compromise just one of these company’s systems, it can create a ripple effect that will impact large groups of organisations across industries and geographies,” said Steven Ng, CIO and EVP, Managed Security Services, Ensign.
“Organisations need to recognise that as their cyber supply chain ecosystem expands and diversifies, they will also need to take additional steps to mitigate the elevated cyber risks that come with it. This includes increasing the organisation’s situational awareness by maintaining a complete inventory of the software, hardware, and information assets that are within their network, and those managed by their partners and vendors,” added Steven.