The level of activity of a variant of a global malicious software program, or malware, called Emotet increased by more than 300 per cent in Singapore in the first half of this year and is posing a greater threat to local businesses and netizens, a local cyber security firm has warned.
Emotet poses a multi-faceted threat to systems here, said Ensign InfoSecurity. It is known to act as a downloader for other malware, allow its users to steal personal data, and enable stealthy movements in an organisation's system. It is also able to alter itself to escape detection.
Ensign InfoSecurity said in a statement yesterday that between Jan 1 and June 30, it found that Emotet activities in Singapore had increased by more than 300 per cent compared with the same period last year.
It also found that one in two organisations had some form of Emotet-related activity in its network.
At a briefing yesterday, Ensign's vice-president of cyber analytics Royston Bok said the Emotet activities detected formed part of a structure of a cyber attack, known as a cyber kill chain.
The links uncovered included traces of scanning and communication pings to command-and-control centres that bad actors who have used this malware are known to perform.
When asked for more details about how many Emotet-related attacks or attempts happen here in a day, a spokesman for Ensign said that it was not able to provide the exact number.
And while the spokesman also did not say how the level of Emotet activity compares with other malware here, she did say that Ensign was "certain" that Emotet had been "extremely active" in Singapore in recent months.
Discovered in 2014, Emotet initially targeted the financial service sector but has since been modified to target other industries too.
In its statement, Ensign said that the top five sectors here that Emotet has targeted are manufacturing, financial services, media, aviation and healthcare.
Ensign's executive vice-president for technology and capabilities Lim Woo Lip warned that Emotet could be difficult to detect, due to its ability to morph.
"Due to its modular and polymorphic composition, Emotet is almost invisible to conventional signature-based cyber security solutions," said Dr Lim.
"By tapping advanced analytics and deep learning to tackle sophisticated threats, cyber security teams will not only be able to detect and respond to an attack in a timely and effective manner, but also analyse and decipher valuable intelligence that can be used to devise pre-emptive measures to stop future attacks," he added.