fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

US indicts members of Chinese-backed hacking group APT40

US indicts members of Chinese-backed hacking group APT40

Today, the US Department of Justice (DOJ) indicted four members of the Chinese state-sponsored hacking group known as APT40 for hacking various companies, universities, and government entities in the US and worldwide between 2011 and 2018.

Ding Xiaoyang (丁晓阳), Cheng Qingmin (程庆民) and Zhu Yunmin (朱允敏) were intelligence officers in the Hainan State Security Department (HSSD), a provincial arm of China’s Ministry of State Security (MSS).

They founded a front company, Hainan Xiandun Technology Development Co., Ltd. (海南仙盾) (Hainan Xiandun), that acted as a cover for their hacking operations as revealed in the indictment.

Also Read: Don’t Be Baited! 5 Signs of Phishing in Email

Wu Shurong (吴淑荣), the fourth Chinese national indicted today by the DOJ, was hired through Hainan Xiandun to create malware, hack into foreign governments’ computer systems, companies, and universities to steal trade secrets, intellectual property, and other high-value information, as well as to supervise other Hainan Xiandun hackers.

Industry sectors targeted by APT40 state hackers include, among others, aviation, defense, education, government, health care, biopharmaceutical, and maritime.

Examples of APT40 activity include targeting maritime industries and naval defense contractors in the US and Europe, regional opponents of the Belt and Road Initiative, multiple Cambodian electoral entities in the run-up to the 2018 election per UK’s National Cyber Security Centre (NCSC).

The APT40 operators used multiple tactics to breach their targets’ networks, including spearphishing emails, hijacked credentials, as well as malware (BADFLICK aka GreenCrash, PHOTO aka Derusbi; MURKYTOP, and HOMEFRY) which helped gain initial access to victim systems, move laterally within networks, and steal credentials.

APT40 operatives indicted by US DOJ
APT40 operatives indicted by US DOJ

“Stolen trade secrets and confidential business information included, among other things, sensitive technologies used for submersibles and autonomous vehicles, specialty chemical formulas, commercial aircraft servicing, proprietary genetic-sequencing technology and data, and foreign information to support China’s efforts to secure contracts for state-owned enterprises within the targeted country (e.g., large-scale high-speed railway development projects),” the DOJ said.

“At research institutes and universities, the conspiracy targeted infectious-disease research related to Ebola, MERS, HIV/AIDS, Marburg and tularemia.”

The four suspects are charged with one count of conspiracy to commit computer fraud and one count of conspiracy to commit economic espionage, carrying maximum sentences of five and 15 years in prison, respectively.

CISA and the FBI published today indicators of compromise and TTPs to help organizations detect and remediate APT40 intrusions and established footholds within their networks.

The NSA, CISA, and FBI also issued a joint advisory with over 50 tactics, techniques, and procedures (TTPs) that APT40 and other Chinese-backed threat groups have used in attacks targeting the US and allied networks.

Last but not least, the indictment of the four APT40 members comes after the US and allies, including the European Union, the United Kingdom, and NATO, have today officially accused China (the APT group tracked by Microsoft as Hafnium, in particular) of coordinating this year’s widespread Microsoft Exchange hacking campaign.

Also Read: 5 Most Frequently Asked Questions About Ransomware

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us