Ensign: Government, finance and insurance sectors most frequently affected by cyber attacks

TIME.CO, Jakarta – Cybersecurity service provider Ensign InfoSecurity has released a report on Indonesia’s cyberthreat landscape in 2022, one of which identifies the sectors most vulnerable to cyber attack.

“The government sector, financial services, insurance industry and commercial industry are the industry groups most often attacked by cyber threat actors,” Vice President of Advisory, Consulting, Ensign InfoSecurity Teo Xiang Zheng said in Jakarta on Wednesday .

The report also revealed that the phenomenon of spreading and buying and selling personal data belonging to Indonesian citizens on websites or black markets has also reached an unprecedented level, causing concern for the security of sensitive information and data integrity. .

Ensign also conducted an assessment of cyber attack groups and identified Dark Pink, Desorden and Naikon as groups to watch out for.

The attacks carried out by this group are not only driven by their intentions and technical capabilities, but also by the opportunities that exist due to Indonesia’s cyber security situation which still needs to be improved.

Another interesting point is that these groups were able to master the Malay language, demonstrating a high level of proficiency and adaptability.

Over the past year, the use of ransomware and wiperware as cyberweapons has increased regionally. These two cyberweapons platforms are becoming increasingly sophisticated.

This report also highlights the continued exploitation of cyber supply chain vulnerabilities, both hardware and software. Numerous large companies have fallen victim to ransomware attacks and the sale of compromised data.

Cyberthreat actors continually leverage IoT exploits, mobile devices, applications, and operational technologies to broaden their targets.

The development of the use of Ransomware as a Service (RaaS) has also seen an increase, targeting small and medium-sized enterprises (SMBs). RaaS allows people without technical skills to buy ransomware and carry out cyber attacks.

In the context of technology, the adoption of generative artificial intelligence continues to grow. Generative AI can be used by cyber attackers to create phishing content with a high visitor click-through rate, develop malware faster, and fool authentication and identity verification processes by creating images and sounds similar to the target of the target. ‘attack.

However, generative AI and other artificial intelligence technologies can also be used to increase the efficiency and effectiveness of dealing with low-level cyber attacks.

Teo said there are a number of key defense measures organizations can take against cyber threats.

“It applies zero trust architecture principles by implementing identity-based controls and network segmentation to limit unauthorized access and lateral movement,” he said.


Additionally, organizations are advised to conduct continuous vulnerability detection on the digital attack surface and prioritize patches to reduce the window of exposure.

To improve network security, the report recommends installing a network intrusion detection and prevention system (NIDPS) to prevent malicious network traffic from occurring on a network.

Additionally, organizations are advised to implement exploit protection solutions to detect and inhibit the execution of software exploits.

Read also: Recently opened, the Unesa Faculty of Medicine is inundated with hundreds of candidates

The importance of implementing data loss prevention solutions

The report also highlights the importance of implementing data loss prevention solutions to protect sensitive data from exfiltration.

Organizations are also encouraged to develop a robust data and archive backup strategy by validating the recovery process to ensure confidence in recovering from the impact of disruption or damage caused by loss of services, systems and data.

These defense measures are most effective when systems and equipment have been securely configured according to safeguarding principles and exception processes are carefully followed.

Additionally, the report emphasizes the need for continuous monitoring and analysis of cyber threat intelligence in order to adopt an informed threat-based defense approach.

In compiling the report, Ensign InfoSecurity implemented an intelligence-led defense approach by using cyber threat data belonging to selected parties complemented by open intelligence from public sources. All this information is then integrated into the MITER ATT&CK framework developed by agency.

Editor’s Choice: List of State Universities Opening Registration for Independent Path Medical Degree

Always update the latest information. Watch the latest news and news selected by on the Telegram channel “ Update”. Click stick. You need to install the Telegram application first.

Quoted From Many Source

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button