On the first month of 2021, Asia-Pacific has become a hotbed of cyberattacks – targeting both individuals and organizations. Cybercriminals have been busy taking advantage of COVID-19’s effects as businesses have moved to remote work, more individuals do their transactions online, and governments widely using digital platforms to spread information. Let us take a look at the different incidents surrounding the region last January 2021.
Consumer and business attacks in Taiwan
Taiwanese businesses and citizens have been on the hook in the beginning of the year. Citizens have been targeted by delivery scams, where a fake UPS Taiwan online payment site was used to conduct a country-wide phishing attempt. The fake email leads to a page that collects the user’s credit or debit card information. Another phishing attempt in Taiwan spoofs the payment page of Chunghwa Post, Taiwan’s official postal service. Similar to the fake UPS Taiwan payment page, the Chunghwa phishing email aims to steal the victim’s financial information.
Businesses in Taiwan are also at risk. A suspected Chinese hacking group has coordinated a series of attacks against the Taiwanese superconductor industry. The same group has been identified to have launched attacks on the global airline industry for the past few years, getting business information and passenger details.
Bug patch on New Zealand’s Reserve Bank
Te Pūtea Matua, New Zealand’s Reserve Bank, has suffered a data breach following the hacking of Accellion’s File Transfer Application (FTA), a third-party file sharing service containing sensitive data. The attackers have exploited a critical vulnerability patched on the same day this breach occurred.
Post office phishing scams across Asia-Pacific
A total of 26 countries, including Australia, New Zealand, the Philippines, Singapore, Hong Kong, South Korea, Japan, Taiwan, and Malaysia have been targeted by a widespread phishing attempt that uses national postal systems as a disguise to capture the victim’s credit card information. Cybercriminals send an email to victims, stating that there is an issue with the receiver’s package. Clicking this leads to a phishing site where payment information is recorded. In the period December 1 to January 10, a total of 279,308 suspicious post office phishing URLs have been tracked, signifying that these attacks may continue all over the world.
Attacks on cybersecurity researchers by hackers in North Korea
Google believes that hackers based in North Korea are compromising the global cybersecurity landscape, including those in Australia and South Korea. The attackers pose as cybersecurity bloggers on social media platforms such as Twitter and LinkedIn, connecting with specific security researchers. They connect with researchers, claiming to have found suspicious websites. Once the victim clicks on the link, a malware is downloaded – damaging computers, networks, and servers.
Concurrent with several attacks in the Asia-Pacific region, countries have also made efforts in strengthening their cybersecurity landscapes. Vietnam, for instance, has been committed in improving their cyberdefense, being one of the first countries to announce the list of requirements for technical quotas for terminals, base transceiver stations and quality of 5G service. The Philippines is also improving its systems. The country’s air force is building a cybersecurity center that improves the capability of the military in countering cyberattacks.
A new year could mean a fresh start, but this also translates to new challenges in the cybersecurity sphere. As Asia-Pacific remains a hotbed for cyberattacks, it is important for individuals and businesses to be equipped with knowledge and appropriate defense systems in combatting and reducing the risks of data breaches or access to sensitive information.
