"2022新加坡网络全景报告：全面评估新加坡网络安全形势"

需积分: 5 198 浏览量更新于2024-03-20 收藏 18.11MB PDF 举报

身份认证购VIP最低享 7 折!

30元优惠券

资源详情

资源推荐

18 SINGAPORE CYBER LANDSCAPE 2022 SINGAPORE CYBER LANDSCAPE 2022 19

impact of ransomware globally. The CRI will

further its work in 2023 through three pillars:

(i) the Policy Pillar led by Singapore and

the United Kingdom (UK),

(ii) the Diplomacy and Capacity Building Pillar

led by Germany and Nigeria, and

(iii) the International Counter-Ransomware

Task Force, coordinated by Australia.

One notable success story of similar

global efforts was the FBI’s January 2023

announcement of a months-long US-led

international campaign to disrupt the Hive

ransomware group responsible for targeting

IMPLICATIONS

Ransomware continues to be a borderless

threat that shows no sign of letting up in

2023. BlackFog’s tracking indicates that

there have been 73 publicly disclosed

ransomware attacks globally by end-

February 2023, with potentially up to 543%

more attacks (i.e. 396) going unreported.

Ransomware attacks are a clear

demonstration of how cyber incidents can

have signicant real-world consequences.

The January 2023 ransomware attack

on the Royal Mail in the UK, for example,

disrupted the overseas delivery of parcels

and letters for two weeks. In March 2023,

a ransomware attack on the Hospital

Clinic de Barcelona in Spain shut down the

facility’s emergency rooms, laboratories

and pharmacy at three centres and

several external clinics, resulting in the

cancellation of up to 3,000 patient check-

ups and 150 non-urgent operations.

More than a year has passed since Russia

invaded Ukraine in late February 2022. What

has the past year taught us about the role of

cyber in a modern conict?

Since the onset, Ukraine and other countries

such as the US, UK and Australia have accused

Russia of carrying out disruptive wiper

malware attacks and inuence operations. The

attacks primarily targeted Ukraine, but some –

such as the attack on satellite communications

provider Viasat in February 2022 – also

affected countries and entities not directly

involved in the conict.

Researchers are not surprised by the use of

cyber by state-linked actors to support the

military invasion. What was surprising was

the extent of involvement that non-state

actors have had in the cyber conict. This

article discusses the rise of two particularly

prolic groups of non-state actors – namely,

hacktivists and Big Tech companies – and

examines how their involvement has shaped

the conflict and the global cybersecurity

landscape.

Rise of Hacktivism

Two days after Russia’s invasion of Ukraine,

Ukraine’s Vice Prime Minister and Minister

for Digital Transformation, Mykhailo Fedorov,

announced the creation of the government-

sanctioned volunteer army, “IT Army of

Ukraine”. He called for volunteers in Ukraine’s

hacker underground to provide cyber defence

for Ukraine’s critical infrastructure and to carry

out offensive cyber operations against Russia-

linked entities.

The formation of the “IT Army of Ukraine”

is unprecedented. It quickly led to a call to

arms by various groups, including the

Anonymous collective and self-declared

hacktivist group AgainstTheWest (previously

Cybersecurity Implications of the

Russia-Ukraine Conict: A Year On

GLOBAL TRENDS IN 2022

over 1,500 victims in more than 80 countries

for over US$100 million in ransoms. Such

high-prole operations have the potential to

signicantly undermine the RaaS economy

by visibly hampering one of the most prolic

groups.

The local parallel to the CRI is Singapore’s

CRTF established in 2022 to bring together

government agencies across relevant

domains to strengthen our national counter-

ransomware efforts. More information on the

CRTF’s upcoming initiatives can be found in

Chapter 3.

CSA is closely monitoring local

developments in ransomware attacks

and working with our international

counterparts on collective efforts to

counter the global ransomware threat. We

have issued several advisories on steps

that organisations and individuals can

take to protect themselves, many of which

relate to basic cyber hygiene practices.

Organisations with a robust cybersecurity

posture will invariably fare better against

ransomware as illustrated by a case

study in Chapter 4 that outlines how a

Singapore-based precision engineering

company managed to regain access to

its systems and data without paying the

ransom.

20 SINGAPORE CYBER LANDSCAPE 2022 SINGAPORE CYBER LANDSCAPE 2022 21

known for leaking data obtained from the

Chinese Communist Party) and hundreds of

thousands of netizens to take up digital arms

in support of Ukraine.

Since then, other hacker groups have also

taken sides. Pro-Russia hacktivist groups,

such as Killnet, rallied against countries they

felt were acting in an “unfriendly” manner

towards Russia – including but not limited to

the US, Germany, UK, Italy, Spain, Norway and

Japan.

Over the past year, reports of hacktivist

activities have continued at a brisk pace. In

their attempts to shape the global narrative

and discourse about the war, hacktivists have

engaged in a series of disruptive Distributed

Denial-of-Service (DDoS) attacks and hack-

and-leak campaigns targeting both public and

private organisations from military entities and

government ministries, to energy, banking,

and even healthcare institutions.

But this rise of hacktivism is not without risks.

As non-state actors, hacktivists often lack

the coordination and discipline to prevent

collateral damage or unintended effects on

uninvolved parties. For example, in March

2023, hacker group Anonymous claimed credit

for an attack on the servers of Russian radio

stations and TV channels to broadcast fake

air raid warnings in at least 10 cities, inducing

panic among Russian civilians.

Some researchers have also observed

hacktivist activities taking a more dangerous

turn over the course of the war. Beyond DDoS

attacks and data leaks, some hacktivists

are employing ransomware and destructive

malware on critical infrastructure to disrupt

essential services. For instance, pro-Ukraine

hacktivist group NB65 claims to have used

Conti’s leaked ransomware in a series of

attacks to disrupt the operations of Russian

entities. However, other researchers have

noted that that the impact of hacktivist

activities still pales in comparison to military

campaigns and is unlikely to signicantly shift

the course of the war.

IMPLICATIONS

Regardless of their direct impact,

the involvement of hacktivists has

increased the level of unpredictability

and instability of the cyber landscape

amidst the Russia-Ukraine conflict.

Any serious cyber incident triggered

by the hacktivists may inadvertently

escalate the conict – or be used as

a pretext by either side for escalation.

Globally, the resurgence of hacktivism

poses an increased risk of collateral

damage and unintended effects on

uninvolved countries. As the conict

enters its second year, organisations

are reminded to remain vigilant, and take

the necessary actions to review their

security preparedness and strengthen

their cybersecurity posture.

Role of Big Tech

The conict has also been characterised by

the unprecedented involvement of “Big Tech”

companies.

The impact of Big Tech is highly visible in our

everyday lives. They supply technology and

platforms used daily by billions of individuals

and organisations around the world. However,

in the arena of geopolitics – traditionally the

domain of nation states – Big Tech has often

opted to remain in the background, avoiding

the need to pick sides to minimise losses to

its bottom line.

This was not the case in the Russia-Ukraine

conict. Over the past year, many Big Tech

companies have publicly and actively taken

sides, demonstrating their support for Ukraine

in various ways. Many, including Google, IBM

and Microsoft, announced the suspension

of some or all of their business activities

in Russia at the start of the conict. Social

media platforms blocked access to Russian

state media from their sites. Facebook and

Instagram removed Russian state media from

their platforms in Europe, whereas Google

dropped Kremlin content from Google News.

Some Big Tech companies went a step further,

providing tactical support to Ukraine on the

physical and cyber battleelds. In the early

days of the conict, Microsoft reportedly

worked with the Ukrainian government to

transfer important digital operations and

data to the cloud within 10 weeks. They also

provided cybersecurity services to protect

Ukrainian critical infrastructure from cyber-

attacks. Google supported Ukraine’s efforts

to protect civilians on the ground when they

disabled some live features on their Maps

applications in Ukraine to protect the safety

of local communities, and introduced a rapid

Air Raid Alerts system for Android phones in

Ukraine, at the request of, and with the help of

the Ukrainian government.

The impact of these moves has not been

insignicant. In response to Meta’s move

to restrict access to Russian media on their

platforms, both Facebook and Instagram have

been banned by Russia. According to reports,

this could have cost Meta close to US$2 billion

in revenue. Despite these potential revenue

losses, Big Tech companies continue to play

a key role in the Russia-Ukraine conict,

demonstrating an unprecedented willingness

to support a geopolitical cause – even if it

comes at a short-term cost to their bottom

line.

IMPLICATIONS

By deciding what capabilities to supply

and to whom, Big Tech has demonstrated

that they too can have an independent

voice on the international stage, and

can play a part in shaping geopolitical

and wartime developments. However,

this raises the question of who in these

Big Tech companies makes these

decisions – whether it is the CEO, the

shareholders, or even the employees. As

the size of Big Tech companies continue

to grow, so too will their inuence and

impact on future cyber conicts and the

global cyber landscape.

GLOBAL TRENDS IN 2022

剩余55页未读，继续阅读

zhao-lucy

粉丝: 19
资源: 436

"2022新加坡网络全景报告：全面评估新加坡网络安全形势"

2022年双11电商营销全景洞察.pdf

2022人工智能厂商全景报告.pdf

2022年AIoT产业全景图谱报告.pdf

100大产业链全景图.pdf

720全景 three.js

网络安全行业全景图 pdf yunpan

unity制作360全景视频.

1分 python+opencv实现全景拼接.tar

360环视摄像头鱼眼四摄像头拼接算法.pdf

pythonvr全景地图代码

2021年干细胞医疗产业全景图谱 pdf

100大产业链全景图pdf

全景探秘游戏设计艺术pdf 中文版

自主可控和国产替代全景图 pdf 下载

云原生技术全景图 pdf

网络ict 业务全景图

three.js全景框架

vr全景可视化制作 1.0.46

three.js全景图

three.js播放全景视频

最新资源