Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Singapore Companies Faced With the Threat of Sophisticated Ransomware Attacks. Is Your Company Prepared?

Cyber-attacks have intensified in the last eight months of 2021. The Straits Times reported an increase of ransomware attacks on mid-sized enterprises across healthcare finance across Singapore.

In fact, the Cyber Security Agency of Singapore (CSA) figures showed that ransomware cases in Singapore surged 154 percent from 2019’s 35 cases to 89 cases last year.

Ransomware is no longer a sporadic nuisance, affecting a handful of machines. It has been transformed into a massive, systemic threat affecting entire networks of both large and medium enterprises. We spoke with  Harsh Pant, Global Security Architect and Technical Director (for Products, Managed Security Services, Labs) from Trustwave, on what makes today’s ransomware attacks so dangerous to the health of an organization and how to protect your company from such an attack. Find the full interview below.

How has ransomware evolved?

Harsh: The global ransomware outbreak has bored four distinct characteristics exemplifying the evolution of ransomware activities. Firstly, shifting from indiscriminate, opportunistic attacks to targeting large businesses in the hope of higher ransom pay-outs. Secondly, the adoption of “leak and shame” tactics, whereby victims’ stolen data would be publicly leaked if ransom demands were not acceded to. Third, the rise in “Ransomware-as-a-Service” (RaaS) models, which made sophisticated ransomware strains accessible to less technically adept cybercriminals. Lastly, “double extortion”, whereby victims were demanded to pay a separate ransom to decrypt its locked files.

What are the common ransomware threats in Singapore?

Harsh: Ransomware strains detected in local ransomware cases, such as REvil, Netwalker and Altdos, were observed to both operate under the RaaS model and leverage leak sites to pressure victims into paying their ransoms. Revil, Avaddon  and NetWalker are mainly seen in Asia in the last couple of quarters, but the region is also at risk to more sophisticated like Conti.

How to reduce the risk of being attack?

Harsh: To prevent and respond to ransomware, there is a need to constantly monitor for anomalous activities and behavior within networks. The ‘zero-trust’ model is crucial to enhancing organizations’ cybersecurity posture against similar threats in the long run.

Regularly review the company’s data protection policies and processes, and conduct vulnerability assessment and penetration testing.

Does endpoint antivirus software give enough protection?

Harsh: By design, antivirus software can detect only known ransomware. The newest ransomware families will likely be left undetected. Antivirus solutions can detect some ransomware attacks but are unable to prevent ransomware from infecting your system completely.

How can organizations protect themselves against ransomware?

Harsh: The organization must perform Security Posture Assessments, Continuous Vulnerability Assessments and ongoing Threat Hunting. The organization must also ensure they can take an immediate response or isolation of endpoints and databases should a security incident occur. It’s critical to  set up the right systems for detection and response along with a mature integrated SOC.

What is Managed Detection and Response?

Harsh: Managed Detection and Response (MDR) is an advanced managed security service that provides threat intelligence, threat hunting, security monitoring, incident analysis, and incident response. This is unlike a traditional managed security services provider (MSSP) offering, who only provide alerts from security monitoring.

The benefits of having MDR services are:

  • Effective and timely, 24x7 threat detection
  • Proven threat hunting capability
  • Automation-enabled, expert response
  • Support for hybrid operation
  • Analyst-recognized service delivery excellence

At Trustwave, we provide Managed Detection and Response services, powered with our proven Trustwave Fusion platform and best-in-class Trustwave SpiderLabs® threat intelligence and expertise.

18105_fusion-mdr-multi-device

Trustwave Fusion Platform

 

How Trustwave Can Help?

Trustwave provides fast and effective detection and response

Trustwave Fusion, our cloud-based Extended Detection and Response (XDR) platform, provides rich API integrations to your environment to drive fast and effective detection and response outcomes. Built-in Security Orchestration, Automation and Response (SOAR) functionality enables us to enrich environment telemetry with cyber threat intelligence and sync and resolve findings on your systems.

Rapid Automated Response - Driven by Clients

We work with you to understand your specific needs and establish ‘rules of the road’ to inform how we respond. These protocols enable our skilled analysts to make fast and effective response decisions based on your business context.

Download our Managed Threat Detection and Response data sheet to learn more about how Trustwave identifies and eliminates active threats in your environment.

Why Trustwave?

Trustwave is recognized as a Top Leader in Managed Security Services by Gartner, IDC and Forrester and has more than 20 years of experience in securing data in government entities and large enterprises globally.

Talk to us to find out how we help to identify and eliminate active threats in your environment. www.trustwave.com

Latest Trustwave Blogs

Unlocking Cyber Resilience: UK’s NCSC Drafts Code of Practice to Elevate Cybersecurity Governance in UK Businesses

In late January, the UK’s National Cyber Security Centre (NCSC) issued the draft of its Code of Practice on Cybersecurity Governance. The document's goal is to raise the profile of cyber issues with...

Read More

Defending Healthcare Databases: Strategies to Safeguard Critical Information

The healthcare sector continues to be a primary target for threat actors, with 2023 seeing a record number of data breaches and compromised records. While successful attacks are inevitable, it’s...

Read More

Trustwave SpiderLabs: Ransomware Gangs Dominate 2024 Education Threat Landscape

The security teams manning the defenses at the higher education and primary school system levels often find themselves being tested by threat actors taking advantage of the sector's inherent cyber...

Read More