---
title: "Turkish SMBs Targeted, Cyber Expert Shortage, Singapore's Chinese Syndicate | DMARC Report"
description: "Turkish SMBs Targeted, Cyber Expert Shortage, Singapore"
image: "https://dmarcreport.com/og/blog/turkish-smbs-targeted-cyber-expert-shortage-singapores-chinese-syndicate.png"
canonical: "https://dmarcreport.com/blog/turkish-smbs-targeted-cyber-expert-shortage-singapores-chinese-syndicate/"
---
Quick Answer
\_According to the FBI's 2022 Internet Crime Report (IC3), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report Turkish SMBs Targeted, Cyber Expert Shortage, Singapore's Chinese Syndicate
Related: [Free DMARC Checker](/tools/dmarc-checker/) ·[How to Create an SPF Record](/tools/spf-record-generator/) ·[SPF Record Format](/blog/spf-format-checker-dos-and-donts-for-email-authentication/)
Share
[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fturkish-smbs-targeted-cyber-expert-shortage-singapores-chinese-syndicate%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Turkish%20SMBs%20Targeted%2C%20Cyber%20Expert%20Shortage%2C%20Singapore's%20Chinese%20Syndicate&url=undefined%2Fblog%2Fturkish-smbs-targeted-cyber-expert-shortage-singapores-chinese-syndicate%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fturkish-smbs-targeted-cyber-expert-shortage-singapores-chinese-syndicate%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fturkish-smbs-targeted-cyber-expert-shortage-singapores-chinese-syndicate%2F&title=Turkish%20SMBs%20Targeted%2C%20Cyber%20Expert%20Shortage%2C%20Singapore's%20Chinese%20Syndicate "Share on Reddit") [ ](mailto:?subject=Turkish%20SMBs%20Targeted%2C%20Cyber%20Expert%20Shortage%2C%20Singapore's%20Chinese%20Syndicate&body=Check out this article: undefined%2Fblog%2Fturkish-smbs-targeted-cyber-expert-shortage-singapores-chinese-syndicate%2F "Share via Email")
> From a product strategy perspective, DMARC reporting is evolving from a security tool to a business intelligence platform, says Brad Slavin, General Manager of DuoCircle. The data in aggregate reports tells you not just who’s spoofing you, but who’s sending legitimate email on your behalf - and whether they’re doing it correctly.
\_According to the [FBI’s 2022 Internet Crime Report (IC3)](https://www.ic3.gov/Media/PDF/AnnualReport/2022IC3Report.pdf), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report
Turkish SMBs Targeted, Cyber Expert Shortage, Singapore’s Chinese Syndicate
```
```
/
```
```
RSS Feed
```
Share
Link
Embed
```
/\*! This file is auto-generated \*/ ’ title=“Embed Code” class=“input-embed input-embed-15652” readonly/>
```
```
Hello again! Here’s the second edition of the September [cybersecurity](https://dmarcreport.com/blog/major-cybersecurity-trends-that-will-reign-in-2024/) news that you have been waiting for. This week, we will be talking about the [CosmicBeetle attack](https://cybersecuritynews.com/cosmicbeetle-exploiting-old-vulnerabilities-to-attack-smbs-all-over-the-world/) on **Turkish SMBs**. Secondly, we will share some details on how the cyber staffing shortage is affecting critical cyber operations. Next in the pipeline is the shocking news that involves China’s connection to a recently arrested Singaporean cybercrime syndicate.
Let’s not waste any more time and get started with the juicy details!
## CosmicBeetle ransomware attack targets Turkish SMBs
Turkish small and middle-sized businesses are under constant cyberattacks. CosmicBeetle- a group of threat actors (or maybe an individual), is targeting the technological vulnerabilities of these SMBs. Their ultimate goal is to install [ransomware](https://dmarcreport.com/blog/understanding-ransomware-as-a-service-raas/) and make quick and easy money out of it.
It is highly likely that the attackers are based in Turkey itself. Also, their work process is not that sophisticated. Their \*\*encryption schemes appear to be quite “chaotic.” At present, they are working on developing a custom ransomware that is undergoing frequent changes and updates.
[Slovakian cybersecurity experts](https://www.occrp.org/en/news/slovak-experts-cyber-attacks-target-aerospace-military-firms) have already jumped into action and are conducting a **detailed investigation**.
The immature skill sets of CosmicBeetle double up the problems faced by the victims. [Data recovery](https://www.techtarget.com/searchdisasterrecovery/definition/data-recovery) failure is one of the most prevalent issues faced by victims now. While seasoned attackers play it cool and straightforward and keep the \*\*decryption process simple and convenient, CosmicBeetle is giving hard times to experts and victims because of their amateur moves.
Experts believe that CosmicBeetle targets \*\*old existing vulnerabilities that are more likely to be found in the case of small and middle-sized businesses . Large companies, on the other hand, tend to patch these vulnerabilities well in advance. _The primary Turkish SMBs that are being targeted by CosmicBeetles belong to niches like pharmaceuticals, legal, healthcare industries, manufacturing, education and so on_.
Implementing [SPF](https://dmarcreport.com/what-is-spf/), [DKIM](https://dmarcreport.com/what-is-dkim/), and [DMARC](https://dmarcreport.com/) protocols can significantly bolster [email security](https://dmarcreport.com/blog/why-email-security-matters-and-how-to-get-it-right/) and help prevent [phishing attacks](https://www.wired.com/story/qr-codes-phishing-attack/), which are \*\*crucial in safeguarding against threats similar to the CosmicBeetle ransomware.
## Cybersecurity experts shortage affecting critical cyber operations
The demand and supply gap in the cybersecurity world is indeed a cause of concern. It gets quite distressful to carry out crucial cyber operations in the absence of skilled manpower. As per a [report by Zero Command](https://www.cmdzero.io/top-challenges-in-cyber-investigations-report), in the past 4 decades, all the \*\*technological developments that took place brought with them deep-rooted cybersecurity issues. From the internet to cloud computing, from AI to [machine learning](https://en.wikipedia.org/wiki/Machine%5Flearning), each technical innovation comes with its own share of cybersecurity problems.
The major reason behind the increasing stronghold of threat actors in our professional and personal lives is the lack of cybersecurity professionals . Skill shortage is a major issue that even the [White House ](https://www.darkreading.com/cybersecurity-operations/cybersecurity-talent-shortage-prompts-white-house-action)has taken cognizance of. _There are not enough cybersecurity professionals, and the skill gap is all the more prominent in the area of cyber investigations_.
Experts believe that the main culprit is the \*\*unrealistic eligibility criteria of these [cyber investigators](https://www.cbsnews.com/news/cybersecurity-investigators-worry-ransomware-attacks-may-worsen-as-young-hackers-in-us-work-with-russians-60-minutes-transcript/). The extensive requirements seem too difficult to attain. For example, a cyber investigator is required to be a subject matter expert and also possess excellent analytical and administrative skills .
The existing \*\*cybersecurity professionals are already exhausted as they are expected to cater to the ongoing shortage of professionals. As a result, burnout and a fall in efficacy are gradually becoming common issues. Also, the need for constant upskilling puts these experts in a “fire-fighting” mode 24/7.
## Singapore cybercrime syndicate has Chinese connections!
_A cybercrime syndicate consisting of 6 members got arrested on Monday in Singapore_. A raid was conducted on Monday by a group of 160 Singaporean officers, internal security departments and **intelligence agencies**. They got hold of 5 Chinese nationals and a Singaporean national.
Authority also seized their electronic devices and hacking tools. Some other crucial things that Singaporean police managed to seize are the credentials for servers and PII or [Personally Identifiable Infomation](https://www.investopedia.com/terms/p/personally-identifiable-information-pii.asp). Also, cash worth [$1,394,000](https://www.bleepingcomputer.com/news/legal/chinese-hackers-linked-to-PlugX-malware-arrested-in-singapore/) and cryptocurrencies have been seized by the police and will be thoroughly investigated.
As per the ongoing investigation, these threat actors had been leveraging PlugX, a type of [trojan malware](https://www.pcmag.com/news/new-android-trojan-malware-targets-bank-accounts-with-fake-chrome-updates) that is generally associated with [Chinese threat campaigns](https://www.infosecurity-magazine.com/news/chinese-campaign-targets-100/). That’s exactly why experts believe that this \*\*Singapore cybercrime syndicate has a Chinese background.
The threat actors, **aged between 32 to 42 years**, are being thoroughly interrogated. _They were arrested from across different areas of Singapore, Bidadari Park Drive, Mount Sinai Avenue, Cairnhill Road and Hougang Avenue_.
Singapore authorities are considering this raid as a significant win as the [threat actors](https://thehackernews.com/2024/07/tag-100-new-threat-actor-uses-open.html) were most likely a part of some major **global cyber operations**. They are determined to take strict actions against each of the threat actors despite their alleged connection with China.
Singapore has a complete \*\*zero-tolerance policy against any kind of [cybercrime activities](https://www.bbc.com/news/articles/c98qp0l1qpzo). Also, they have multiple departments that work together at different levels to nab cyber perpetrators.
## Topics
[ dkim ](/tags/dkim/)[ DMARC ](/tags/dmarc/)[ email security ](/tags/email-security/)[ News ](/tags/news/)[ SPF ](/tags/spf/)
[ Vasile Diaconu ](/authors/vasile-diaconu/)
Operations Lead
Operations Lead at DuoCircle. Runs project management, developer coordination, and technical support execution for DMARC Report.
[LinkedIn Profile →](https://www.linkedin.com/in/vasile-diaconu/)
## Take control of your DMARC reports
Turn raw XML into actionable dashboards. Start free - no credit card required.
[Start Free Trial](https://app.dmarcreport.com/) [Check Your DMARC Record](/tools/dmarc-checker/)
## Related Articles
[ Foundational 4m Akira flaunts victims, Idaho targets orthodontist, AI granny protects Nov 22, 2024 ](/blog/akira-flaunts-victims-idaho-targets-orthodontist-ai-granny-protects/)[ Foundational 4m Ambient Light Spying, Cybersecurity Prices Drop, Euro 2024 Threats Jul 10, 2024 ](/blog/ambient-light-spying-cybersecurity-prices-drop-euro-2024-threats/)[ Foundational 4m Banks Drop OTPs, Major Cyber Heist, Spying Spouses Arrested Jul 18, 2024 ](/blog/banks-drop-otps-major-cyber-heist-spying-spouses-arrested/)[ Foundational 4m Car Cameras Hackable, UK Water Breach, Thailand Frees Captives Feb 28, 2025 ](/blog/car-cameras-hackable-uk-water-breach-thailand-frees-captives/)
```json
{"@context":"https://schema.org","@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]}
```
```json
{"@context":"https://schema.org","@type":"WebSite","name":"DMARC Report","url":"https://dmarcreport.com","description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","publisher":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```
```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Turkish SMBs Targeted, Cyber Expert Shortage, Singapore's Chinese Syndicate","description":"Turkish SMBs Targeted, Cyber Expert Shortage, Singapore's Chinese Syndicate from DMARC Report explains practical steps for email authentication, domain.","url":"https://dmarcreport.com/blog/turkish-smbs-targeted-cyber-expert-shortage-singapores-chinese-syndicate/","datePublished":"2024-09-13T12:04:27.000Z","dateModified":"2026-04-16T15:53:43.000Z","dateCreated":"2024-09-13T12:04:27.000Z","author":{"@type":"Person","@id":"https://dmarcreport.com/authors/vasile-diaconu/#person","name":"Vasile Diaconu","url":"https://dmarcreport.com/authors/vasile-diaconu/","jobTitle":"Operations Lead","description":"Vasile Diaconu is the Operations Lead at DuoCircle, the company behind DMARC Report and AutoSPF. He coordinates between engineering, product, and technical support - running project management, interfacing with developers on customer-reported issues, and making sure work that comes in through the support channel actually gets closed out. Vasile sits at the intersection of customer feedback and engineering execution, giving him a direct view of which email authentication problems customers hit most often in production.","image":"https://media.mailhop.org/dmarcreport/images/team/vasile-diaconu.jpg","knowsAbout":["SaaS Operations","Technical Support Coordination","Customer Issue Resolution","Engineering Program Management","Deployment Operations"],"worksFor":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com"},"sameAs":["https://www.linkedin.com/in/vasile-diaconu/"]},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://dmarcreport.com/blog/turkish-smbs-targeted-cyber-expert-shortage-singapores-chinese-syndicate/"},"articleSection":"foundational","keywords":"dkim, DMARC, email security, News, SPF","wordCount":1123,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg","caption":"Turkish SMBs Targeted, Cyber Expert Shortage, Singapore's Chinese Syndicate","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}]
```
```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://dmarcreport.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://dmarcreport.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://dmarcreport.com/foundational/"},{"@type":"ListItem","position":4,"name":"Turkish SMBs Targeted, Cyber Expert Shortage, Singapore's Chinese Syndicate","item":"https://dmarcreport.com/blog/turkish-smbs-targeted-cyber-expert-shortage-singapores-chinese-syndicate/"}]}
```