Two Ways You Can Help To Counter Cyber Heists?

When it comes to FTA, most business professionals would associate with Free Trade Agreement.

But on 20 Jan 2021, a less common "FTA" came to light with sinister overtone. SingTel was hacked and a treasure trove of data was suspected to be compromised.

This was subsequently confirmed in media reports.

The FTA in the SingTel cyber heist context refers to File Transfer Appliance. It is essentially a file-sharing system provided by US company, Accellion. Think Dropbox.

What is also unusual in this attack is perhaps the "hack-within-a-hack" technique which cyber criminals use. This is because a patch was applied to the FTA system, but the personnel who administered the patch received an "anomaly alert" when it was applied.

It is not exactly known what this anomaly alert was but it is confirmed by computer forensics that the attack was sophisticated.

That being said, at around 12 Jan 2021, the Australian government issued a press release about a similar cyber incident which may impact Australian organisations, and had attributed a hacking technique to SQL injection.

Another dimension to this cybersecurity incident falls into third-party risk. This is one where majority of the spotlight shines on now.

Many times, hackers may not attack the targeted entities directly, but find loopholes amongst its vendors and suppliers. This seems to be the case with SingTel and in the trail of SolarWinds hack when it was disclosed at the end of last year.

What can you and I do in the context of SingTel and SolarWinds cyber incidents? Depending on who you are and what you do, there is probably nothing much you can do about it. But still, we can better protect ourselves from the plethora of cyber threats by staying as vigilant as possible in our individual cyber hygiene.

For one, we can be less "trigger-happy" when we received emails, click on weblinks and forward messages whether on messaging apps or emails.

Pausing for a moment before taking any action can save us a lot of unnecessary future pain.

Technology is also a key central piece in our fight against cyber threats. Basic antivirus and firewall applications are recommended. Many SMEs tend to still take these as an after-thought approach.

In a small country like Singapore, many of us have our very first telephone line with SingTel. It is not far-fetched that anyone reading this is likely a customer.

As of now, being a stakeholder of SingTel, I just wait and see if I received a call or message from their customer service. Or perhaps, I should just go ahead and change my SingTel related login credentials.

#Singtel #FTA #Accellion #Dropbox #Solarwinds #cybersecurity #cyberthreat #hack #Australia