Spike in activity of Emotet malware here

It is posing a greater threat to businesses and netizens, warns cyber security firm

Ensign InfoSecurity said in a release on Sept 16 that between Jan 1 and June 30 this year, it found that Emotet activities on the island had increased by more than 300 per cent compared to the same period last year. PHOTO: REUTERS
Hariz Baharudin
Indonesia Correspondent
Updated
Sep 17, 2019, 06:15 AM
Published
Sep 17, 2019, 05:00 AM

The level of activity of a variant of a global malicious software program, or malware, called Emotet increased by more than 300 per cent in Singapore in the first half of this year and is posing a greater threat to local businesses and netizens, a local cyber security firm has warned.

Emotet poses a multi-faceted threat to systems here, said Ensign InfoSecurity. It is known to act as a downloader for other malware, allow its users to steal personal data, and enable stealthy movements in an organisation's system. It is also able to alter itself to escape detection.

Ensign InfoSecurity said in a statement yesterday that between Jan 1 and June 30, it found that Emotet activities in Singapore had increased by more than 300 per cent compared with the same period last year.

It also found that one in two organisations had some form of Emotet-related activity in its network.

At a briefing yesterday, Ensign's vice-president of cyber analytics Royston Bok said the Emotet activities detected formed part of a structure of a cyber attack, known as a cyber kill chain.

The links uncovered included traces of scanning and communication pings to command-and-control centres that bad actors who have used this malware are known to perform.

When asked for more details about how many Emotet-related attacks or attempts happen here in a day, a spokesman for Ensign said that it was not able to provide the exact number.

More On This Topic
Cyber security firms welcome to set up base in Singapore: Teo Chee Hean
While aware of cyber-security threats, many here still not adopting defensive practices: Survey
Exercise Cyber Star adds complex cyber attack scenarios to strengthen Singapore's readiness

And while the spokesman also did not say how the level of Emotet activity compares with other malware here, she did say that Ensign was "certain" that Emotet had been "extremely active" in Singapore in recent months.

Discovered in 2014, Emotet initially targeted the financial service sector but has since been modified to target other industries too.

In its statement, Ensign said that the top five sectors here that Emotet has targeted are manufacturing, financial services, media, aviation and healthcare.

Ensign's executive vice-president for technology and capabilities Lim Woo Lip warned that Emotet could be difficult to detect, due to its ability to morph.

"Due to its modular and polymorphic composition, Emotet is almost invisible to conventional signature-based cyber security solutions," said Dr Lim.

"By tapping advanced analytics and deep learning to tackle sophisticated threats, cyber security teams will not only be able to detect and respond to an attack in a timely and effective manner, but also analyse and decipher valuable intelligence that can be used to devise pre-emptive measures to stop future attacks," he added.

Join ST's Telegram channel and get the latest breaking news delivered to you.

A version of this article appeared in the print edition of The Straits Times on September 17, 2019, with the headline Spike in activity of Emotet malware here. Subscribe

Available for
iPhones and iPads
Available in
Google Play

MCI (P) 066/10/2023. Published by SPH Media Limited, Co. Regn. No. 202120748H. Copyright © 2024 SPH Media Limited. All rights reserved.

Back to the top