Industry News: ESG5

The Target: Japanese electronics manufacturer Casio.

The Take: For the nearly 6,500 employees impacted, basic information collected by human resources was accessed, including names, employee numbers, email addresses and departments. Some employees had other information like gender, date of birth and home address leaked while a small number of those affected had taxpayer ID numbers exposed.

The Vector: An investigation conducted by an outside cybersecurity firm sourced the ransomware attack back to phishing emails that allowed the hackers into Casio’s servers.

As phishing actors continue to explore every potential abuse opportunity on legitimate service providers, novel security gaps constantly threaten to expose users to severe risks. It is essential not to rely solely on email protection solutions, and also scrutinize every email that lands on your inbox, look for inconsistencies, and double-check all claims made in those messages.

Read more...

2024-05-14

Dark Reading: Lawmakers in Singapore updated the nation's cybersecurity regulations on May 7, giving more power to the agency responsible for enforcing the rules, adopting definitions of computer systems that include cloud infrastructure, and requiring that critical information infrastructure (CII) operators report any cybersecurity incident to the government.

Read more...

2024-04-22

Dark Reading: Malaysia has joined at least two other nations — Singapore and Ghana — in passing laws that require cybersecurity professionals or their firms to be certified and licensed to provide some cybersecurity services in their country.

Read more...

2024-04-09

The Straits Times: The Monetary Authority of Singapore (MAS) and Mastercard on April 9, 2024 signed a memorandum of understanding (MOU) to enhance cooperation in cyber security, specifically with the aim of strengthening cyber resilience in Singapore’s financial services sector.

Read more...

2023-12-17

XM: Britain's National Grid NG.L has started removing components supplied by a unit of China-backed Nari Technology's 600406.SS from the electricity transmission network over cyber security fears, the Financial Times reported.

Read more...

2023-12-11

BNN Bloomberg: Taiwan’s financial system undergirds a $760 billion high-tech economy, but its vulnerability to advanced hacks has raised fears of a worst-case scenario: a full-blown cyberattack from China that sends its currency and markets into a tailspin.

Read more...

2023-12-05

MarketScreener: Lobby group Japan Association of New Economy has joined U.S. Big Tech to warn against proposed EU cybersecurity labelling rules that they said could hamper their access to the bloc's markets, according to a letter sent to the EU industry chief.

Read more...

2023-08-29

Business Standard: Capital markets regulator Sebi came out with guidelines to strengthen the existing cyber security and cyber resilience framework for stock exchanges and other market infrastructure institutions (MIIs).

Read more...

2023-06-13

CNBC: China’s cyber-espionage and sabotage capacities are an “epoch-defining threat,” the top U.S. cybersecurity official said, warning that in the event of open warfare “aggressive cyber operations” would threaten critical U.S. transportation infrastructure “to induce societal panic.”

Read more...

The Target: Leverage EDU, a software University Admission platform.

The Take: Exposure of over 240,000 records of Personally Identifiable Information including: names, email addresses, passport scans, applications, bank statements and loan information.

The Vector: A misconfigured database was left open and unsecured with no password, meaning anyone with an internet connection could have viewed and downloaded the trove of data.

This shows how important authentication controls are and that they are purposefully and smartly deployed with security in mind. Multi-factor authentication and password length and complexity rules on server access are effective strategies to mitigate these kinds of breaches to protect a firm’s data.

Read more...