Search This Blog

Showing posts with label Singapore. Show all posts

Hackers Impersonate Bank Customers and Make $500k in Fraudulent Credit Card Payments

 

Hackers from other countries were able to impersonate 75 bank clients and made $500,000 in fraudulent credit card payments. This was accomplished using a clever way of intercepting one-time passwords (OTPs) sent by banks via SMS text messages. In a joint statement released on Wednesday, the Infocomm Media Development Authority (IMDA), the Monetary Authority of Singapore (MAS), and the Singapore Police Force detailed how hackers redirected SMS OTPs from banks to foreign mobile networks systems. 

The SMS diversion method, they said, “requires highly sophisticated expertise to compromise the systems of overseas telecommunication networks”. Last year's fraudulent transactions took place between September and December. The bank clients claimed that they did not initiate the transactions and that they did not get the SMS OTPs that were required to complete them. 

According to Mr. Wong, the MAS' deputy chairman, the Monetary Authority of Singapore (MAS) would engage with financial institutions to fine-tune the existing framework on fraudulent payment transactions, which covers the responsibilities and liabilities of banks and customers in such instances. 

Between September last year and February, the police received 89 reports of fraudulent card transactions using SMS one-time passwords (OTPs), according to Mr. Wong. Ms. Yeo Wan Ling (Pasir-Ris Punggol GRC) had inquired if bank-related cyber frauds had increased in the previous six months.

"While these cases represent less than 0.1 percent of fraudulent online card transactions reported, and the number of cases has come down since March 2021, it is nevertheless concerning," Mr. Wong said. 

Singapore's financial and telecommunications networks have not been hacked, according to the authorities. Affected customers who took efforts to safeguard their credentials would not be charged for any of the fraudulent transactions as a gesture of goodwill from the banks, according to the authorities. The names of the banks involved were kept under wraps. 

The cybercriminals utilized this method to get the victims' credit card information and mobile phone numbers in this incident. They also got into the networks of international telecoms and exploited them to alter the location information of the Singapore victims' mobile phones. 

By doing so, the hackers deceived Singapore telecom networks into believing that Singapore phone numbers were roaming overseas on the networks of other countries. The hackers subsequently made fraudulent online card payments using the victims' stolen credit card information.

As a result, when banks issued SMS OTPs to victims to authenticate transactions, the criminals were able to reroute these text messages to foreign mobile network systems. The fraudulent card payments were subsequently completed using the stolen OTPs. This corresponds to the victims' claims that they did not get the OTPs.

73,500 Patients Data was Compromised in a Ransomware Attack on a Singapore Eye Clinic

 

The personal data and clinical information of roughly 73,500 patients of a private eye clinic were hit by a ransomware attack earlier this month, the third such occurrence in a month. Names, addresses, identity card numbers, contact information, and clinical information such as patients' clinical notes and eye scans were among the data, according to Eye & Retina Surgeons (ERS) on Wednesday. 

The clinic, however, stated that no ransom has been paid and that no credit card or bank account information has been obtained or compromised. The compromised IT systems at the clinic are not connected to the ministry's IT systems, such as the National Electronic Health Record, and there have been no similar cyber-attacks on MOH's IT systems, according to the Ministry of Health. 

The ministry also requested ERS to look into the issue, conduct a thorough evaluation of its systems, and collaborate with the Cyber Security Agency (CSA) to "take prompt mitigation efforts to enhance its cyber defences."

"Following this incident, MOH will be reminding all its licensed healthcare institutions to remain vigilant, strengthen their cybersecurity posture, and ensure the security and integrity of their IT assets, systems, and patient data. It is only through the disciplined maintenance of a safe and secure data and IT system that healthcare professionals will be able to deliver accurate and appropriate care, and uphold patient safety," the MOH said. 

The clinic's IT system has recently been restored "securely," with IT experts performing "thorough" system checks, reformatting servers, and running anti-virus scans on all computer terminals. The ERS stated that it had taken steps to avoid the situation from happening again. It is currently telling patients about the cyber-attack. 

Following the ERS ransomware incident, identical problems occurred at insurer Tokio Marine Insurance Singapore and IT firm Pine Labs. According to a recent study from Singapore's Cyber Security Agency (CSA), there were 89 ransomware cases reported to the agency last year, up from 35 cases in 2019. The assaults mostly targeted small and medium-sized businesses in the manufacturing, retail, and healthcare sectors. 

To encourage all licensed healthcare providers to set up and continually assess their security protections, impose new measures, and apply best practices to secure their IT systems and endpoints, the MOH issued the Healthcare Cybersecurity Essentials guidelines in August.

Criminals Targeted Security Gaps at Financial Services Firms as Employees Moved to WFH

 

According to a report released on Tuesday by the international Financial Stability Board (FSB), criminals targeted security flaws at financial services organizations as their employees switched to working from home. The Financial Stability Board (FSB) was established after the G20 London meeting in April 2009 to offer non-binding recommendations on the global financial system and to coordinate financial policies for the G20 group of nations. 

“Working from home (WFH) arrangements propelled the adoption of new technologies and accelerated digitalization in financial services,” the report states. Phishing, spyware, and ransomware were used to target workers at home. Between February 2020 and April 2021, the number of crimes increased from less than 5000 per week to more than 200,000 per week. 

On July 8, 2021, the Cyber Security Agency of Singapore (CSA) released data suggesting that cybercrime accounted for 43% of all crime in the city-state in 2020. "Although the number of phishing incidents remained stable and website defacements declined slightly, malicious cyber activities remain a concern amid a rapidly evolving global cyber landscape and increased digitalization brought about by the COVID-19 pandemic," said the agency. 

Ransomware attacks increased by 154% from 35 in 2019 to 89 in 2020, ranging from "indiscriminate, opportunistic attacks" to "Big Game Hunting," according to the CSA. They also used leak and shame techniques, as well as RaaS (Ransomware-as-a-Service) models. Between 2019 and 2020, the number of hostile command-and-control servers increased by 94%, with Emotet and Cobalt Strike malware accounting for one-third of the total. 

As IT departments tried to secure remote workers, increased dependence on virtual private networks and unsecured WiFi access points “posed new types of hurdles in terms of patching and other cyber security issues,” according to the FSB assessment. External providers, according to the research, also built cracks for hackers to exploit. According to the report, "While outsourcing to third-party providers, such as cloud services, seems to have enhanced operational resilience at financial institutions, increased reliance on such services may give rise to new challenges and vulnerabilities." 

Working from home isn't going away any time soon. According to Gartner, nearly half of knowledge employees will be working remotely by 2022. Even Apple's retail team follows a hybrid work schedule. Institutions' cyber risk management systems, incident reporting, response and recovery efforts, and how they manage cloud and other third-party services should all be adjusted properly, according to the FSB.

Singapore Assessing WhatsApp Privacy Policy Change, Not 'Adversely Affected' In SolarWinds Breach

 

Currently, it is safe to say that Singapore’s government and non-government departments are safe from the adverse effects of SolarWinds security breach, nevertheless, the Singapore government has made requests to their organizations to protect their systems against potential threats. 

Additionally, the government has also exhibited deep concern regarding upcoming privacy policy changes on WhatsApp messenger, which is one of the platforms employed by the government to provide information to their citizens. The Minister for Communications and Information, S. Iswaran, said that when we got the news regarding the big data breach threat (SolarWinds security breach), our Cybersecurity Agency (CSA) has raised the national cyber threat alert level and immediately started working towards it. 

"There is no indication, thus far, that Singapore's CII and government systems have been adversely affected by the SolarWinds breach," said Iswaran, who was responding to questions raised in parliament. He added that, "The government is, nonetheless, adopting a cautious stance." 

Furthermore, he said that the “CSA had issued public advisories on steps enterprises should take to safeguard their systems against potential threats, including having full visibility of their networks and detecting unusual activity in a timely manner. The situation still was evolving as affected companies continued to investigate the breach’’. 

While advising on the matter, he suggested for the government to move towards a Zero Trust security posture, where organizations should not trust any activities until verification and there should be constant surveillance and alertness towards suspicious activities. Organizations should be establishing strong cyber-attack response plans to cope up with such incidents, as chronicled in the recent past. 

"The SolarWinds incident underscores the global and trans-border nature of cyber threats," the minister noted, “Though difficult to completely prevent, we need deliberate, targeted, and consistent efforts to strengthen our cyber defenses against [such] sophisticated threats, which exploit the supply chain of trusted vendors and software." 

Singapore Government's WhatsApp Channel Has 1.22M Subscribers

Ministry has also responded to the questions regarding WhatsApp's upcoming privacy policy changes, explaining that the government is concerned regarding this too as consumers have raised their voices on the matter. According to Iswaran, at present, there are 1.22 million users to Singapore's Gov.sg WhatsApp channel, which is one of the many platforms used to reach our local population, including Telegram, Twitter, as well as its own Gov.sg website.

Further, he ensured, "Private-sector organizations contracted by the government to perform data-related activities, including the processing and communication of personal data, are bound by contractual terms and conditions. These will determine whether organizations are permitted to share, for their own commercial purposes, the data that has been provided by, or collected on behalf of, the government”.

Singapore Witnessed a Sudden Surge in the Bank-Related Phishing Scam

 

Phishing emails are scams where the actors try to befool the user by sending emails that may concern the user. Generally, these emails are received in the name of a bank or some trusted company, that asks for your personal information. The entire process appears to be legitimate but it's designed to trick the user into extracting their personals information. 

We all buy or sell things online through various platforms and organizations that have our personal information stored in their database that is nevertheless safe until and unless the actors impersonate these organizations and befool users into submitting their OTP’s, passwords, etc. The user is safe from such phishing emails as long as they do not respond in the required condition to the mail. 

The city-state of Singapore has turned out to be a victim of extortion with phishing emails that have even agonized the government officials. On the 5th of January, the Singapore government officials stated that there have been bank-related phishing scams where the actors have been imitating to be Singapore Government officials and asking natives for their personal information.  Generally, the victims in such scams receive a call or email or even a message from some government agencies like the Ministry of Manpower, asserting some issues within the victim’s bank account. 

Furthermore, they ask to verify some personal details that should have stayed confidential – such as their NRIC numbers, password of bank account, log-in credentials, and much more. Following the aforesaid state of affairs, the actors then try to make illegitimate transactions of money from the victim’s account. 

The first six months of the year 2020 have reported some 900 cases of bank-related phishing scams and a more than 25-fold from the just 34 such cases for the same period in the year 2019, stated the Singapore Police. The amount of loss has been calculated to $ 3.6 million for the year 2020. 

The Singapore Police in charge of the case has requested the natives to ignore such calls and deny stipulating any information regarding the bank account or the log -in credentials and any private details. They clarified that no government agency in any situation would ask for any private information or bank account details over a phone call or via emails. Scammers or actors may mask their actual phone numbers and try to display a different profile using ID spoofing technology as further added by the police. 

After recording a significant surge in these cases Singapore government officials have asked for cooperation and support from the city natives, requesting them not to share their personal or internet banking details and OTP’s with anyone.

Singapore’s Move to Facilitate Contact Tracing Amidst the Covid-19 Pandemic Rejected by Its Residents


While each country is attempting to stymie the outbreak of the disastrous coronavirus in different ways, Singapore attempted the same perhaps it wasn't a plan well thought off as the country attempted to come up with an inventive and a profoundly technological solution to battle the everyday rising cases of the virus.

Their arrangement included developing a wearable device that would be issued to each resident as an approach to facilitate contact tracing in the midst of the COVID-19 pandemic, however, the move, unfortunately, wasn't well-received by the citizens as it started an open objection with respect to their worries about their privacy.

An online petition titled “Singapore says 'No' to wearable devices for COVID-19 contact tracing", has thus to date, garnered in excess of 17,500 signatures.

The online petition describes the usage of such devices as "conspicuous encroachments upon our privileges to protection, individual space, and opportunity of development".

In words of Wilson Low, who started the petition on June 5, "All that is stopping the Singapore government from becoming a surveillance state is the advent and mandating the compulsory usage of such a wearable device. What comes next would be laws that state these devices must not be turned off [or] remain on a person at all times -- thus, sealing our fate as a police state.”

Singapore's Minister-in-Charge of the Smart Nation Initiative and Minister for Foreign Affairs, Vivian Balakrishnan, said during a parliament session Friday that while the government had introduced a contact tracing app earlier, TraceTogether, a wearable device was essential as it would not rely upon somebody possessing a smartphone.

His team however is developing and would “soon roll out a portable wearable device" keeping in mind the existing issues with the application, which didn't function well on Apple devices as the iOS operating system would suspend Bluetooth scanning when the app was running in the background.

He said that if the devices are proved to work viably, then they may be issued to each resident in Singapore, yet didn't expressly say that the government would make it obligatory for everybody to utilize it.

Wilson, however, was very determined upon proving his point as he wrote, “Even if we're not, we recognize the potential creation of a two-tiered society -- those who wear the devices versus [those] do who do not -- therein, and an open pass to engage in yet another form of prejudice and societal stratification.”

Later including, "The only thing that stops this device from potentially being allowed to track citizens' movements 24 by 7 are: if the wearable device runs out of power; if a counter-measure device that broadcasts a jamming signal masking the device's whereabouts; or if the person chooses to live 'off the grid' in total isolation, away from others and outside of any smartphone or device effective range.”

Numerous different residents also came to his support as they very openly expressed their concerns with respect to the potential execution of wearable devices, further taking to Balakrishnan's Facebook page to ask the legislature against taking this course.

One user Ian Chionh went so far as to accusing the government of utilizing the coronavirus as "an excuse" to put a tracking device on all residents on Facebook.

Wilson had likewise referenced something similar to these worries adding that "The government looks to the COVID-19 pandemic as the perfect excuse to realize what it has always envisioned for us, this country's populace: to surveil us with impunity, to track us without any technological inhibitions, and maintain a form of movement monitoring on each of us at all times and places. And to do so by decreeing it compulsory for all law-abiding persons to become 'recipients'."

Aside from TraceTogether, the Singapore government utilizes an advanced digital check-in tool, SafeEntry, to facilitate its contact tracing efforts.

The system gathers visitors' very own data, either through QR codes or barcode scans whenever they enter a venue, like supermarkets and workplaces. Information gathered through SafeEntry is retained for 25 days, just like TraceTogether's data retention policy.

The TraceTogether app was updated just the previous week to incorporate the registration of passports numbers for travelers visiting Singapore and barcode scans to support SafeEntry.

The nation however has begun with easing the restrictions, initially set up to check the spread of the virus - in phases as more and more businesses wish to resume with their operations over the following month.

Massive HIV Data Leak; No Closure Yet!






Singapore: Finally the authorities have come up with some background details as to the circumstances that led to 14,200 people’s personal details along with their HIV status leakage.

The lingering questions, ever since the data was compromised have been intriguing. Such as, the reason behind not making it public in May 2016 when it was known that the information was in wrong hands?

According to a recent media briefing the Permanent Secretary of Health, cited that the ministry of health did wasn’t sure as to the whether the news’ being public was in the interest of the citizens.

They did mention though that they will take conservative measures and better approaches now that they know the persons in registry have concerns regarding a public announcement.


It’s disturbing that years after the incident took place no one knows why the data still remained with the unauthorized people.



According to sources, the Ministry of Health had lodged a police report in May 2016 after finding out that Mikhy Farrerra Brochez was in custody of the leaked information from the HIV registry.

After, the properties owned by Brochez and his partner Ler Teck Siang were searched by the police officials and all pertinent material found was seized.

Even after that Brochez managed to keep some information back and in turn leaked it later on. The Permanent Secretary of Health voiced that the police should have had a better search.

It was later in May 2018 when the people whose information as in the “unauthorized” hands were informed a\bout the entire leakage scenario.

In May 2018 the police found out that Brochez had managed to hold some records back which was a month after Brochez completed serving his jail sentence for other offenses and was deported from Singapore.

There is no way of knowing though, that how many people were informed that their persona details were in wrong hands.

MOH lodged a police report and had contacted the concerned individuals. The number of people was very small according to PSH Mr. Chan.


Where Brochez was deported to is still under wraps and the immigration department couldn’t share the details due to confidentiality concerns.

He is known to have arrived in the Kentucky state of the US. There’s no knowing if he’s being monitored, the sources said.

He had called at his mother’s house despite being warned to stay away and that’s when she informed the police about it.

After he refused to leave he was taken into custody and was charged. He has been asked to return to the district to face criminal trespass.

The Singapore police force is reportedly taking help of their foreign counterpart but didn’t mention which organizations or countries.

Brochez’s partner was charged with the Official Secrets Act for “failing to retain the possession of a thumb drive” containing data from the leak but was stood down and there is no answer as to why that happened.



According to Article 35(8) the AG gets a wide discretion as public prosecutor in the conduct of criminal proceedings. The prosecution “is not required to give reasons for why they decide to proceed with certain charges and not others”.

Another question that has yet to be addressed is how was the access to the confidential information disabled? We do know that the MOH had worked with “relevant parties” to disable the access.


Stolen information of such sorts is uploaded on various hack forums and file sharing sites such as “Pastebin” and “Mega” and is commonly hosted on web servers overseas.

If taking down a web domain. It could be done on a registrar level. Domain registrars are company people who create websites. But taking down a website can’t totally solve the problem.


Because once, data is on the dark web it’s almost irretrievable. As it could be copied or distributed across quite easily.


Absolutely different from the internet the commoners use, the Dark Web is “unregulated and decentralized and has no point of authority or disabling access to anything.

Massive HIV Data Leak: Thousands of Detailed Records Compromised.












In a recent major data leak in Singapore, thousands of HIV positive people’s records were compromised.


One of the victims of this leak was informed via a phone call that her record was out in the open along with those of approx. 14,000 others.

This enormous leak came off as really shocking to people as many of them were reluctant to let the fact surface in outer world.

The main target which has emerged in this database leakage incident is the Singaporean media.

The government said that a local doctor who had an American partner, who had access to all the records in question, is the main person who’s at fault.

Reportedly, according to the authorities the leak has been contained but an extreme emotional damage has been caused to the HIV infected.

In Singapore, as mandated by the law, the aforementioned victim’s HIV status was added to the national database.

The HIV registry was set up in 1985 by the ministry of health to keep a check on the infection and potential cases’ status.

The previously mentioned database is the one which got compromised accompanied by the names and addresses of more than 14,000 people.

According to the sources the name of the American partner has been reported to be as, Mikhy Farrera-Brochez. The data and the access to the registry had been wrested from his Singaporean doctor partner.

Mikhy couldn’t work in Singapore because as the Singaporean law states so. But he got convicted of fraud because he used someone else’s blood to pass a mandatory HIV test.

According to Mikhy there is more to the story of the leakage and it’s not just him who’s behind it all. He also said that he had contracted HIV in prison and that he was denied medication.

He also blamed Singapore for using the HIV database for keeping track of gay men in the country because same-sex sex there is illegal.

To this accusation Singaporean authorities have replied negatively and cited that the statement is absolutely untrue.

Singapore’s health minister is working with the authorities of the US regarding the case.
Earlier there was a total ban on people with HIV entering the borders of Singapore, which got lifted in 2015.

But the people who have married Singaporean citizens or have permanent residencies in the country could dodge it.

This leak has come as a shock as well as emotionally degrading. This chaotic circumstance has made the citizens question the way records are kept in security.

One of the senior doctors who have been working on safeguarding the interests of the HIV patients in Singapore said that many implementations exist which restrict the doctors from accessing such records.

This incident has wreaked a lot of emotional havoc to people who are infected and whose names are in those compromised records.

The victims aren’t even sure that whether the leak has actually been contained or not.

This leaked information could ruin a lot of lives and careers for the infected.

The victims are seriously concerned about the diaspora of the detailed information and the compromised records.