Raising awareness on malware threats in cyberspace among SMEs and MNCs

Malware Awareness x AiSP seminar titled “Raising awareness on malware threats in cyberspace among SMEs and MNCs organisations.”

On 6 January 2023, Huawei held its Malware Awareness x AiSP seminar, titled “Raising awareness on malware threats in cyberspace among SMEs and MNCs organisations.” The event brought together a group of cybersecurity professionals including Mr Dennis Chan, AiSP Exco, Country Cybersecurity & Privacy Officer of Huawei International; Mr Yum Shoen Yih, Director of Cybersecurity Programme Centre, Cyber Security Agency of Singapore (CSA); Mr Wong Yong Wah, Cybersecurity Consultant, wizlynx group, and Mr Jeffery Zhang, CTO of Data Center and Storage Solution Sales, Huawei Singapore Enterprise Business.

The prevalence of malware attacks such as ransomware have continued to rise due to constantly evolving and elaborate phishing scams, in an attempt to stay ahead of law enforcement. During the event, the speakers shared the principle of zero trust as a mindset, while emphasising the importance of a practical approach when building cyber resilience. The journey towards cyber resilience within an organisation involves many factors - putting together a core cybersecurity framework, equipping an organisation with cybersecurity software, and education on cybersecurity related matters, among others. Participants also had the chance to network with industry experts and exchange views with other similar-minded peers.

The event began with speeches from four speakers who shared their unique perspectives and recommendations on how technology such as Huawei’s Ransomware Storage Solution can provide ransomware countermeasures, as well as essential requirements to mitigate cybersecurity risks in our local communities.

Giving the opening address for the event, Mr Chan shared about how Huawei labs have benefitted SMEs and the overall technology landscape through the use of Huawei AI and cloud innovation. He also gave a brief overview on AiSP and what the organisation does, with support from the Cyber Security Agency Singapore.

Mr Chan reiterated that in alignment with Singapore's initiatives to tackle rising ransomware attacks, AiSP aims to empower organisations to develop their own safe cyberspace. He also emphasised the need to raise awareness of cybersecurity issues in SMEs and MNCs.

“It’s important that we rope in more cybersecurity professionals or like-minded peers from our local communities to create awareness and mutual rapport to provide assistance or support, be it organisations, industry peers.” said Mr Chan.

Speaker: Mr Yum Shoen Yih, Director of Cybersecurity Programme Centre, Cyber Security Agency of Singapore (CSA)

Adding on to what Mr Chan shared in his opening speech, Mr Yum shared about CSA's advanced security solution, which is able to cover a wide range of cybersecurity threats, including malware. He spoke about the CSA’s pivot towards implementing a cyber resilient approach – “Zero Trust” when it comes to staying safe online. He further elaborated on the cybersecurity risk management framework - seven key steps for users to be safe online and future proof an organisation’s cyber defences. These steps are:

    1. Know Your Assets – Identify and understand the cyber components of your organisation, so as to prevent and detect unauthorised access to those assets.

    2. Allow Only Authorised Software to Work – Implement application control integrated with antivirus, so as to allow only authorised software to work.

    3. Timely Patching and Updating – Patch and update your operating systems, firmware, and applications in a timely manner to reduce system known vulnerabilities, minimising exploitative attacks.

    4. Giving the Right Admin ‘Passes’ – Restrict administrator privileges so as to not give attackers privileged rights to compromise systems.

    5. Detect Breaches Promptly – Detect breaches as soon as possible by setting up continuous monitoring with enabled audit trails/security logging.

    6. Access Control – Ensure authorised access only by implementing multifactor authentication.

    7. Encrypt Your crown Jewels – Encrypt classified or sensitive information to prevent exfiltrated data from being accessible by adversaries.

Sharing the latest statistics from the Singapore Cyber Landscape Report, Mr Yum highlighted that cyber threats such as ransomware and malware still loom over the years despite large amounts of funding poured into developing sophisticated cybersecurity software. He underlined that phishing scams are the main cyberattack technique to gain access to an organisation’s security endpoint or credentials. Mr Yum spoke about how CSA has been overseeing cybersecurity strategy, requirements, and user-friendly practices to tackle the ever-evolving global cybersecurity attacks and detect breaches of protections under the NICE cybersecurity framework.

Mr Yum further shared CSA's stance on cybersecurity - that it inherently is not a technical problem at its core. He stated that the only reason for the existence of cybersecurity is to combat adversaries who wish to compromise a company's systems, and that the best way to do so is through the utilisation of military doctrine - knowing yourself and your enemies. To facilitate this, he touched on the collaboration between NUS and local companies on the development of the AI Malware Analysis, for more effective detection of new and unknown malware. Highlighting steps which companies can take to ensure their cybersecurity, Mr Yum also shared about the two-tiered Singapore Cyber Essential Mark, which aims to enable organisations to prioritise cybersecurity measures required to safeguard themselves from common cyberattacks.

“Cybersecurity is a team sport, be it by yourself or your organisation would not have the capability to tackle cyber threats altogether, this is why the Cyber Security Agency (CSA) brought together three local companies to develop a technology solution to strengthen organisations’ cyber defences,” said Mr Yum.

Mr Yum Shoen Yih, Director of Cybersecurity Programme Centre, Cyber Security Agency of Singapore (CSA)

Moving on to measures that organisations can take to secure themselves from cyberattacks, Mr Zhang shared about the focus on the efficiency of storage solutions – whether physical or on the cloud – to secure data against ransomware or other cyber-attacks. Further sharing about the common solutions and countermeasures to tackle cyber threats from a technical perspective, he underlined that ransomware attacks are always evolving to encrypt valuable data, citing examples of recent global ransomware attacks and threat statistics.

He also spoke about Huawei’s unique Ransomware Storage Solution as a last line of defence against cyber-attacks, touching on its key features such as dual protection storage, encryption, air gap, secure snapshot, and WORM, which provides data anti-tampering, security detection, and secure recovery. He also emphasised the importance of encryption for end-to-end transmission to prevent data leaks.

“With the four key technologies, we have different solutions coming into place. When businesses are affected by ransomware attacks; it does not have the bandwidth for ample recovery time. However, Huawei’s holistic solution can restore data and reduce recovery time. With that, Huawei is the best choice to counter ransomware attacks with our unique technology solutions,” said Mr Zhang.

Mr Jeffery Zhang, CTO of Data Center and Storage Solution Sales, Huawei Singapore Enterprise Business

As the final speaker for the event, Mr Wong began his speech by sharing a video focusing on the victim’s perspective when encountering a ransomware attack. He also reiterated the point shared by CSA Director Mr Yum, that phishing still is the most effective cyberattack technique, further expounding on a Zero Trust approach to protect oneself from ransomware attacks.

Giving participants a breakdown of what happens during a ransomware attack, Mr Wong described how a ransomware attack encrypts files and data from a user's software system, and what happens when a user decides to give in to ransomware demands. He also shared examples of ransomware attacks and how to manage ransomware infections during the aftermath.

“When a victim such as organisations or businesses encounters a ransomware attack, thousands of computer systems are compromised. Victims are likely to be targeted for repeated ransomware attacks due to poor cybersecurity management or lingering vulnerabilities, often by the same attacker,” said Mr Wong.

Mr Wong Yong Wah, Cybersecurity Consultant, wizlynx group