Turkish SMBs Targeted, Cyber Expert Shortage, Singapore’s Chinese Syndicate
Hello again! Here’s the second edition of the September cybersecurity news that you have been waiting for. This week, we will be talking about the CosmicBeetle attack on Turkish SMBs. Secondly, we will share some details on how the cyber staffing shortage is affecting critical cyber operations. Next in the pipeline is the shocking news that involves China’s connection to a recently arrested Singaporean cybercrime syndicate.
Let’s not waste any more time and get started with the juicy details!
CosmicBeetle ransomware attack targets Turkish SMBs
Turkish small and middle-sized businesses are under constant cyberattacks. CosmicBeetle- a group of threat actors (or maybe an individual), is targeting the technological vulnerabilities of these SMBs. Their ultimate goal is to install ransomware and make quick and easy money out of it.
It is highly likely that the attackers are based in Turkey itself. Also, their work process is not that sophisticated. Their encryption schemes appear to be quite “chaotic.” At present, they are working on developing a custom ransomware that is undergoing frequent changes and updates.
Slovakian cybersecurity experts have already jumped into action and are conducting a detailed investigation.
The immature skill sets of CosmicBeetle double up the problems faced by the victims. Data recovery failure is one of the most prevalent issues faced by victims now. While seasoned attackers play it cool and straightforward and keep the decryption process simple and convenient, CosmicBeetle is giving hard times to experts and victims because of their amateur moves.
Experts believe that CosmicBeetle targets old existing vulnerabilities that are more likely to be found in the case of small and middle-sized businesses. Large companies, on the other hand, tend to patch these vulnerabilities well in advance. The primary Turkish SMBs that are being targeted by CosmicBeetles belong to niches like pharmaceuticals, legal, healthcare industries, manufacturing, education and so on.
Implementing SPF, DKIM, and DMARC protocols can significantly bolster email security and help prevent phishing attacks, which are crucial in safeguarding against threats similar to the CosmicBeetle ransomware.
Cybersecurity experts shortage affecting critical cyber operations
The demand and supply gap in the cybersecurity world is indeed a cause of concern. It gets quite distressful to carry out crucial cyber operations in the absence of skilled manpower. As per a report by Zero Command, in the past 4 decades, all the technological developments that took place brought with them deep-rooted cybersecurity issues. From the internet to cloud computing, from AI to machine learning, each technical innovation comes with its own share of cybersecurity problems.
The major reason behind the increasing stronghold of threat actors in our professional and personal lives is the lack of cybersecurity professionals. Skill shortage is a major issue that even the White House has taken cognizance of. There are not enough cybersecurity professionals, and the skill gap is all the more prominent in the area of cyber investigations.
Experts believe that the main culprit is the unrealistic eligibility criteria of these cyber investigators. The extensive requirements seem too difficult to attain. For example, a cyber investigator is required to be a subject matter expert and also possess excellent analytical and administrative skills.
The existing cybersecurity professionals are already exhausted as they are expected to cater to the ongoing shortage of professionals. As a result, burnout and a fall in efficacy are gradually becoming common issues. Also, the need for constant upskilling puts these experts in a “fire-fighting” mode 24/7.
Singapore cybercrime syndicate has Chinese connections!
A cybercrime syndicate consisting of 6 members got arrested on Monday in Singapore. A raid was conducted on Monday by a group of 160 Singaporean officers, internal security departments and intelligence agencies. They got hold of 5 Chinese nationals and a Singaporean national.
Authority also seized their electronic devices and hacking tools. Some other crucial things that Singaporean police managed to seize are the credentials for servers and PII or Personally Identifiable Infomation. Also, cash worth $1,394,000 and cryptocurrencies have been seized by the police and will be thoroughly investigated.
As per the ongoing investigation, these threat actors had been leveraging PlugX, a type of trojan malware that is generally associated with Chinese threat campaigns. That’s exactly why experts believe that this Singapore cybercrime syndicate has a Chinese background.
The threat actors, aged between 32 to 42 years, are being thoroughly interrogated. They were arrested from across different areas of Singapore – Bidadari Park Drive, Mount Sinai Avenue, Cairnhill Road and Hougang Avenue.
Singapore authorities are considering this raid as a significant win as the threat actors were most likely a part of some major global cyber operations. They are determined to take strict actions against each of the threat actors despite their alleged connection with China.
Singapore has a complete zero-tolerance policy against any kind of cybercrime activities. Also, they have multiple departments that work together at different levels to nab cyber perpetrators.