Singapore releases blueprint to combat ransomware attacks

by admin
0 comment

Singapore has published what it purports to be a blueprint for combating the growing threat of ransomware and provides guidelines on how to mitigate such attacks. chain” and a recommendation on whether or not to pay the ransom demand.

Ransomware risk The Cyber ​​Security Agency (CSA) said in a statement on Wednesday that the scale and impact of cyberattacks has grown significantly, making it a “urgent” issue that countries including Singapore must address.

“It is an international problem in its nature, as attackers operate across borders and jurisdictional lines to avoid justice,” the agency said. “Ransomware is fueled by illicit financial gain, creating a criminal ecosystem and providing criminal services, from unauthorized access to targeted networks to money laundering services.”

It emphasized the need to coordinate cybersecurity, law enforcement and financial regulators and support global collaboration to effectively address this challenge.

This will allow Singapore to Establish an inter-agency task force Earlier this year, it is made up of senior representatives from various ministries and government agencies, including the CSA, Government Technology Agency, Ministry of Defense, Singapore Monetary Authority and Singapore Police.

The task force focused on three key outcomes, including a reference model for the ransomware kill chain, which provides a foundation for government agencies to coordinate and develop anti-ransomware solutions. It also reviewed national policies on ransom payments and established recommendations for operational plans and features needed to effectively combat ransomware.

A kill chain outlines the five stages of a ransomware attack. It begins before the attack starts, when the attacker gains access to the target system and performs preparatory steps such as exfiltrating data and deleting backups. Stealth is a priority here, and according to the blueprint, attackers have been known to perform these stages months before activation.

The report emphasized that “prevention is better than cure,” adding that cutting the skill chain in the first two stages should be a priority.

“By having a common reference model for the ransomware kill chain, countries can better understand each other, facilitate information sharing, assess best practices in combating ransomware, and identify gaps in existing national defenses. We can do that,” the task force said in its report.

The blueprint also supported Singapore’s stance that ransom payments should be “strongly discouraged” as they further fuel the ransomware problem, as this was the attacker’s primary objective.

Furthermore, paying the ransom did not guarantee that the data would be decrypted or not exposed by hackers. The task force said that organizations that chose to pay the ransom were identified as “soft” targets, hit again.

Additionally, paying a ransom in such an attack under certain circumstances may violate the Terrorism Act 2002, which criminalizes the financing of terrorist acts.

With this in mind, the Task Force urges government agencies and critical information infrastructure (CII) owners to consider the risks before paying a ransom, and to help CSA and law enforcement in the event of a ransomware attack. advised to notify

It also suggests the government is considering four major action plans, including strengthening cyber defenses for high-risk targets such as: CII We were also able to help recover victims of ransomware attacks so they weren’t forced to pay a ransom.

According to CSA, Ransomware cases reported Last year’s total was 137, a 54% increase from 2020, with SMBs in sectors such as manufacturing and IT being the primary victims of such attacks. Additionally, a ransomware group targeting SMBs in Singapore ransomware as a service This made it easier for amateur hackers to use existing infrastructure to push ransomware payloads.

Related article

You may also like

Leave a Comment