Emotet is identified as one of the key emerging cyber threats in Singapore; its activities were detected in the networks of 1 out of 2 organisations
SINGAPORE - Media OutReach - 16 September 2019 - Ensign InfoSecurity (Ensign), one of the largest pure-play cybersecurity companies in Asia Pacific, unveiled today its proprietary, first of its kind, Cyber Threat Detection & Analytics engine. It is capable of providing highly localised cyber threat intelligence by analysing Singapore-centric network data, which is then correlated and corroborated with global cyber threat intelligence.
This provides organisations with highly contextualised and actionable information to preempt and defend against emerging threats.
The Ensign Cyber Threat Detection & Analytics engine was unveiled in conjunction with the official opening of Ensign's global headquarters and its new Security Operations Centre. Senior Minister and Coordinating Minister for National Security, Mr Teo Chee Hean, was the Guest-of-Honour of the event.
"Cyber threat actors today are constantly evolving their tactics, techniques and procedures (TTPs) that allow them to target new attack vectors and vulnerabilities, while staying undetected in an organisation's network," said Dr. Lim Woo Lip, Executive Vice President, Technology & Capabilities, Ensign InfoSecurity.
"The amalgamation of global and local threat intelligence enables Ensign to provide unique cyber threat insights that fuel effective and holistic cybersecurity strategies. This allows us to identify emerging threats and key vulnerabilities, and proactively implement a multidimensional cyber defence plan, hours or even days, before an attack," Dr Lim elaborated.
Providing Highly Contextualised, Actionable Cyber Threat Intelligence by Leveraging Local Insights and Global Sources
Ensign's proprietary Cyber Threat Detection & Analytics engine leverages big data analytics and advanced artificial intelligence (AI) to detect suspicious activities, and identify threats found in the networks of locally-based organisations.
One of the engine's key capabilities is real-time behavioural profiling of network data. This function allows Ensign to stay ahead of threat actors' fast evolving TTPs by examining anomalies in an organisation's network, such as malicious behaviours or patterns associated with different types of cyber threats.
Ensign also collaborates with its cybersecurity partners in gathering global threat intelligence to complement its local threat data sources.
The combination of local and global intelligence enables the Ensign Cyber Threat Detection & Analytics engine to provide real-time, highly contextualised, Singapore-centric threat insights that focus on attacks targeting local networks. It can also identify threats that are unique to different sectors.
This empowers critical information infrastructure providers, government institutions and enterprises with actionable, sector-specific information, giving them the ability to identify, detect and protect against emerging threats, such as Emotet, with higher confidence and greater accuracy.
Emotet -- A Key Emerging Threat in Singapore
Emotet is one of the key cyber threats that Ensign has identified through its Cyber Threat Detection & Analytics engine.
First detected by cybersecurity researchers in 2014, Emotet was created as a Trojan virus to steal financial data for illicit monetary gain. Today, Emotet is becoming a significant threat as cyber threat actors have modified the malware to download and deliver other malicious variants.
Between 1 January 2019 to 31 June 2019, Ensign found that Emotet activities in Singapore have increased by more than 300% compared to the same period last year. It has also detected activities from this malware in 50% of local organisations' network.
Traditionally used to target the financial services sector, Emotet has been modified to target other industries.
In Singapore, Ensign uncovered that the top five sectors with the highest regularity of observed Emotet activities in the first half of 2019 were:
"Due to its modular and polymorphic composition, Emotet is almost invisible to conventional signature-based cybersecurity solutions, explain Dr Lim.
"By tapping on advanced analytics and deep learning to tackle sophisticated threats, cybersecurity teams will not only be able to detect and respond to an attack in a timely and effective manner, but also analyse and decipher valuable intelligence that can be used to devise preemptive measures to stop future attacks," concluded Dr Lim.
About Ensign InfoSecurity
Ensign InfoSecurity is one of the largest pure-play cybersecurity companies in Asia with an extensive footprint within the region. The company is headquartered in Singapore and has offices in Malaysia and Hong Kong. It has a workforce of around 500 certified security professionals with skills in the provision of comprehensive cyber security services. Its core competencies include security architecture design, validation and management of advanced security solutions, as well as advanced threat hunting, red teaming and incident response services.
For more information, visit www.ensigninfosecurity.com.