Emotet is identified as one of the key emerging cyber threats in Singapore; its activities were detected in the networks of 1 out of 2 organisations

SINGAPORE - Media OutReach - 16 September 2019 - EnsignInfoSecurity (Ensign), one of the largest pure-play cybersecurity companies inAsia Pacific, unveiled today its proprietary, first of its kind, Cyber ThreatDetection & Analytics engine. It is capable of providing highly localisedcyber threat intelligence by analysing Singapore-centric network data, which isthen correlated and corroborated with global cyber threat intelligence.

This providesorganisations with highly contextualised and actionable information to preemptand defend against emerging threats.

The Ensign CyberThreat Detection & Analytics engine was unveiled in conjunction withthe official opening of Ensign's global headquarters and its new SecurityOperations Centre. Senior Minister and Coordinating Minister for NationalSecurity, Mr Teo Chee Hean, was the Guest-of-Honour ofthe event.

"Cyber threat actors today are constantly evolving their tactics,techniques and procedures (TTPs) that allow them to target new attack vectors and vulnerabilities, whilestaying undetected in an organisation's network," said Dr. Lim Woo Lip,Executive Vice President, Technology & Capabilities, Ensign InfoSecurity.

"The amalgamationof global and local threat intelligence enables Ensign to provide unique cyberthreat insights that fuel effective and holistic cybersecurity strategies. Thisallows us to identify emerging threats and key vulnerabilities, and proactivelyimplement a multidimensional cyber defence plan, hours or even days, before anattack," Dr Lim elaborated.

Providing HighlyContextualised, Actionable Cyber Threat Intelligence by Leveraging LocalInsights and Global Sources

Ensign's proprietary Cyber Threat Detection & Analytics engine leverages big data analytics and advanced artificial intelligence(AI) to detect suspicious activities, and identify threats found in thenetworks of locally-based organisations.

One of the engine's key capabilities is real-time behavioural profilingof network data. This function allows Ensign to stay ahead of threat actors'fast evolving TTPs by examining anomalies in an organisation's network, such asmalicious behaviours or patterns associated with different types of cyberthreats.

Ensign also collaborates with its cybersecuritypartners in gathering global threat intelligence to complement its local threat data sources.

The combination oflocal and global intelligence enables the Ensign Cyber Threat Detection &Analytics engine to provide real-time, highly contextualised, Singapore-centricthreat insights that focus on attacks targeting local networks. It can alsoidentify threats that are unique to different sectors.

This empowerscritical information infrastructure providers, government institutions andenterprises with actionable, sector-specific information, giving them theability to identify, detect and protect against emerging threats, such asEmotet, with higher confidence and greater accuracy.

Emotet -- A Key Emerging Threatin Singapore

Emotet is one of the key cyber threatsthat Ensign has identified through its Cyber Threat Detection & Analyticsengine.

First detected bycybersecurity researchers in 2014, Emotet was created as a Trojan virus tosteal financial data forillicit monetary gain. Today, Emotet is becoming a significant threat as cyberthreat actors have modified the malware to download and deliver other maliciousvariants. 

Between 1 January2019 to 31 June 2019, Ensign found that Emotet activities in Singapore haveincreased by more than 300% compared to the same period last year. It has also detectedactivities from this malware in 50% of local organisations' network.  

Traditionally used to target the financial services sector, Emotet hasbeen modified to target other industries. 

In Singapore, Ensign uncovered that the top five sectors with the highest regularityof observed Emotet activities in the first half of 2019 were:

"Due toits modular and polymorphic composition, Emotet is almost invisible to conventional signature-basedcybersecurity solutions, explain Dr Lim.

"By tapping on advancedanalytics and deep learning to tackle sophisticated threats, cybersecurityteams will not only be able to detect and respond to an attack in a timely andeffective manner, but also analyse and decipher valuable intelligence that canbe used to devise preemptive measures to stop future attacks," concluded DrLim.

About Ensign InfoSecurity

EnsignInfoSecurity is one of the largest pure-play cybersecurity companies in Asia with an extensive footprint within the region. The company isheadquartered in Singapore and has offices in Malaysia and Hong Kong. It has aworkforce of around 500 certified security professionals with skills in theprovision of comprehensive cyber security services. Its core competenciesinclude security architecture design, validation and management of advancedsecurity solutions, as well as advanced threat hunting, red teaming and incidentresponse services.

For moreinformation, visit www.ensigninfosecurity.com.