Weekly Comments

2 - 9 October 2018

The recent attacks on financial institutions, healthcare institutions, and government organisations in Singapore and around the world have thrust APT groups into the limelight again.
The recent attacks on financial institutions, healthcare institutions, and government organisations in Singapore and around the world have thrust APT groups into the limelight again. North Korean APT groups like Hidden Cobra and APT38 are targeting financial institutions, Russian APT group Fancy Bear has been carrying out low-profile espionage operations on military and government organisations, and an unidentified APT group had compromised SingHealth’s network. These APT groups are highly skilled, and they operate in a highly targeted manner using a trove of both customised and open source tools to evade detection and minimise suspicion. APT attacks can cause substantial financial and corporate damages for individuals and organisations, as recent attacks have shown.

Like any other attacks, there is no silver bullet to securing an organisation from APT attacks. We advise organisations to understand the cyber kill chain that illustrates the various stages of an APT attack – reconnaissance, weaponisation, delivery, exploitation, installation, command and control, and actions on objectives – and adopt defence measures at each stage of the kill chain. The earlier an organisation can detect and stop an attack closer to the beginning of the kill chain, the better. In addition, we recommend organisations to subscribe to threat intelligence services that offer research and analysis about APT groups targeting their industries or geographies, so that they are informed of the latest tactics, techniques, and procedures of certain APT groups and can make intelligence-led decisions to protect their assets from potential APT attacks. 

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Systems Integration

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence