In-depth Data Breach Analysis of Critical Infrastructure in the Asia Pacific Region

Speakers: Mars Cheng, Threat Researcher for TXOne Networks and YenTing Lee, Cyber Threat Researcher for TXOne Networks

 

 

Recently, many enterprises globally have suffered from leaks of sensitive customer or employee information due to APT attacks, malware attacks, insider leaks, or mis-configured settings. Data breaches have a considerable impact: harming corporate reputations, causing business to be lost, and causing risk for customers. If bad actors acquire leaked data, we can easily imagine the harmful consequences. The critical infrastructures of Asia Pacific countries such as Taiwan, Japan, and Singapore are equally affected by these risks. If sensitive information about employees or external services leaks, hackers can easily apply it to social engineering or advanced continuous penetration attacks. Furthermore, a critical infrastructure security incident can cause more than financial loss – it can also create a threat to the safety of physical equipment or to people’s lives and property.

 

This is research series including data gathered from the USA, Asia Pacific, and global ICS vendors. For this part we collected publicly leaked data and will share some of the traps and fun that we found during the analysis and focus on the Asia Pacific region. We will also share how we have used our unique automatic analytical process for building on the cloud to conduct big data analysis on more than 10 billion pieces of data from 200 plus datasets, with a particular focus on the analysis of data leakage, password habits, follow-up effects, and cross-country analysis of Asia’s critical infrastructure service providers. Based on the in-depth analysis of our data, we will try to provide predictions and warnings to high-risk CI sectors that may be invaded due to information leakage. Finally, we will advise how to perform prevention and mitigation measures.