Turkish SMBs Targeted, Cyber Expert Shortage, Singapore's Chinese Syndicate

From a product strategy perspective, DMARC reporting is evolving from a security tool to a business intelligence platform, says Brad Slavin, General Manager of DuoCircle. The data in aggregate reports tells you not just who’s spoofing you, but who’s sending legitimate email on your behalf - and whether they’re doing it correctly.

_According to the FBI’s 2022 Internet Crime Report (IC3), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report

Turkish SMBs Targeted, Cyber Expert Shortage, Singapore’s Chinese Syndicate

					<button title="Play" aria-label="Play Episode" aria-pressed="false" class="play-btn">
						

Play Episode

					</button>
					<button title="Pause" aria-label="Pause Episode" aria-pressed="false" class="pause-btn hide">
						

Pause Episode

					</button>
					


				

				

					<audio preload="none" class="clip clip-15652">
						<source src="https://media.mailhop.org/dmarcreport/images/2024/09/Turkish-SMBs-Targeted-Cyber-Expert-Shortage-Singapores-Chinese-Syndicate.mp3">
					</audio>
					

						

					

					

						

							<button class="player-btn player-btn__volume" title="Mute/Unmute">
								

Mute/Unmute Episode

							</button>
							<button data-skip="-10" class="player-btn player-btn__rwd" title="Rewind 10 seconds">
								

Rewind 10 Seconds

							</button>
							<button data-speed="1" class="player-btn player-btn__speed" title="Playback Speed" aria-label="Playback Speed">1x</button>
							<button data-skip="30" class="player-btn player-btn__fwd" title="Fast Forward 30 seconds">
								

Fast Forward 30 seconds

							</button>
						

						

							<time class="ssp-timer">00:00</time>
							

/

							<!-- We need actual duration here from the server -->
							<time class="ssp-duration" datetime="PT0H1M48S">1:48</time>
						

					

				

			

								<nav class="player-panels-nav">
												<button class="subscribe-btn" id="subscribe-btn-15652" title="Subscribe">Subscribe</button>
																		<button class="share-btn" id="share-btn-15652" title="Share">Share</button>
										</nav>
						

	



		

						

				

					

					

				

				

					

																																																																								

					

						

RSS Feed

							<input value="https://dmarcreport.com/feed/podcast/dmarc-report" class="input-rss input-rss-15652" title="RSS Feed URL" readonly />
						

						<button class="copy-rss copy-rss-15652" title="Copy RSS Feed URL" aria-label="Copy RSS Feed URL"></button>
					

				

			

									

				

					

					

				

				

					

						Share						

					

						<a href="https://www.facebook.com/sharer/sharer.php?u=https://dmarcreport.com/blog/podcast/turkish-smbs-targeted-cyber-expert-shortage-singapores-chinese-syndicate/&t=Turkish SMBs Targeted, Cyber Expert Shortage, Singapore's Chinese Syndicate" target="blank" rel="noopener noreferrer" class="share-icon facebook" title="Share on Facebook">
							

						</a>
						<a href="https://twitter.com/intent/tweet?text=https://dmarcreport.com/blog/podcast/turkish-smbs-targeted-cyber-expert-shortage-singapores-chinese-syndicate/&url=Turkish SMBs Targeted, Cyber Expert Shortage, Singapore's Chinese Syndicate" target="blank" rel="noopener noreferrer" class="share-icon twitter" title="Share on Twitter">
							

						</a>
						<a href="https://media.mailhop.org/dmarcreport/images/2024/09/Turkish-SMBs-Targeted-Cyber-Expert-Shortage-Singapores-Chinese-Syndicate.mp3" target="blank" rel="noopener noreferrer" class="share-icon download" title="Download" download>
							

						</a>
					

				

				

					

						Link						

					

						<input value="https://dmarcreport.com/blog/podcast/turkish-smbs-targeted-cyber-expert-shortage-singapores-chinese-syndicate/" class="input-link input-link-15652" title="Episode URL" readonly />
					

					<button class="copy-link copy-link-15652" title="Copy Episode URL" aria-label="Copy Episode URL" readonly=""></button>
				

				

					

						Embed						

					

/*! This file is auto-generated */ ’ title=“Embed Code” class=“input-embed input-embed-15652” readonly/>

					<button class="copy-embed copy-embed-15652" title="Copy Embed Code" aria-label="Copy Embed Code"></button>
				

			

				

Hello again! Here’s the second edition of the September cybersecurity news that you have been waiting for. This week, we will be talking about the CosmicBeetle attack on Turkish SMBs. Secondly, we will share some details on how the cyber staffing shortage is affecting critical cyber operations. Next in the pipeline is the shocking news that involves China’s connection to a recently arrested Singaporean cybercrime syndicate.

Let’s not waste any more time and get started with the juicy details!

CosmicBeetle ransomware attack targets Turkish SMBs

Turkish small and middle-sized businesses are under constant cyberattacks. CosmicBeetle- a group of threat actors (or maybe an individual), is targeting the technological vulnerabilities of these SMBs. Their ultimate goal is to install ransomware and make quick and easy money out of it.

It is highly likely that the attackers are based in Turkey itself. Also, their work process is not that sophisticated. Their **encryption schemes appear to be quite “chaotic.” At present, they are working on developing a custom ransomware that is undergoing frequent changes and updates.

Slovakian cybersecurity experts have already jumped into action and are conducting a detailed investigation.

The immature skill sets of CosmicBeetle double up the problems faced by the victims. Data recovery failure is one of the most prevalent issues faced by victims now. While seasoned attackers play it cool and straightforward and keep the **decryption process simple and convenient, CosmicBeetle is giving hard times to experts and victims because of their amateur moves.

Experts believe that CosmicBeetle targets **old existing vulnerabilities that are more likely to be found in the case of small and middle-sized businesses . Large companies, on the other hand, tend to patch these vulnerabilities well in advance. The primary Turkish SMBs that are being targeted by CosmicBeetles belong to niches like pharmaceuticals, legal, healthcare industries, manufacturing, education and so on.

Implementing SPF, DKIM, and DMARC protocols can significantly bolster email security and help prevent phishing attacks, which are **crucial in safeguarding against threats similar to the CosmicBeetle ransomware.

Cybersecurity experts shortage affecting critical cyber operations

The demand and supply gap in the cybersecurity world is indeed a cause of concern. It gets quite distressful to carry out crucial cyber operations in the absence of skilled manpower. As per a report by Zero Command, in the past 4 decades, all the **technological developments that took place brought with them deep-rooted cybersecurity issues. From the internet to cloud computing, from AI to machine learning, each technical innovation comes with its own share of cybersecurity problems.

The major reason behind the increasing stronghold of threat actors in our professional and personal lives is the lack of cybersecurity professionals . Skill shortage is a major issue that even the White House has taken cognizance of. There are not enough cybersecurity professionals, and the skill gap is all the more prominent in the area of cyber investigations.

Experts believe that the main culprit is the **unrealistic eligibility criteria of these cyber investigators. The extensive requirements seem too difficult to attain. For example, a cyber investigator is required to be a subject matter expert and also possess excellent analytical and administrative skills .

The existing **cybersecurity professionals are already exhausted as they are expected to cater to the ongoing shortage of professionals. As a result, burnout and a fall in efficacy are gradually becoming common issues. Also, the need for constant upskilling puts these experts in a “fire-fighting” mode 24/7.

Singapore cybercrime syndicate has Chinese connections!

A cybercrime syndicate consisting of 6 members got arrested on Monday in Singapore. A raid was conducted on Monday by a group of 160 Singaporean officers, internal security departments and intelligence agencies. They got hold of 5 Chinese nationals and a Singaporean national.

Authority also seized their electronic devices and hacking tools. Some other crucial things that Singaporean police managed to seize are the credentials for servers and PII or Personally Identifiable Infomation. Also, cash worth $1,394,000 and cryptocurrencies have been seized by the police and will be thoroughly investigated.

As per the ongoing investigation, these threat actors had been leveraging PlugX, a type of trojan malware that is generally associated with Chinese threat campaigns. That’s exactly why experts believe that this **Singapore cybercrime syndicate has a Chinese background.

The threat actors, aged between 32 to 42 years, are being thoroughly interrogated. They were arrested from across different areas of Singapore – Bidadari Park Drive, Mount Sinai Avenue, Cairnhill Road and Hougang Avenue.

Singapore authorities are considering this raid as a significant win as the threat actors were most likely a part of some major global cyber operations. They are determined to take strict actions against each of the threat actors despite their alleged connection with China.

Singapore has a complete **zero-tolerance policy against any kind of cybercrime activities. Also, they have multiple departments that work together at different levels to nab cyber perpetrators.