Shifting from Russia to Singapore to establish a new cybersecurity unicorn

• 21% of users encountered online threats in the second quarter of 2022
• The importance of educating people and businesses about the value of good cyber-hygiene practices

There has been an increase in high-profile malicious activities worldwide, including ransomware attacks targeting critical industries and attacks that exploit vulnerabilities and weaknesses in widely used software. That’s exactly how the current cybersecurity landscape in Singapore looking like right now.

SecurityBrief Asia reported that, in Singapore, 23.1% of users experienced online threats in the second quarter of 2022. Singapore has risen 23 positions from 109th in the first quarter of 2022 to 86th overall in terms of the risks associated with using the internet. 

Global changes continue to influence and define the cybersecurity landscape. In order to reduce the likelihood of being a victim of a cyber-attack, it is necessary to continue educating people and businesses about the value of good cyber-hygiene practices.

Having said that, Tech Wire Asia got the chance to speak with Dmitry Volkov, the founder and CEO of Group-IB, to learn more about the threat landscape in Singapore and how moving its headquarters from Russia to Singapore will benefit businesses.

The shift from Russia to Singapore in 2019

As the Russia continues to face sanctions by the US and several other countries for its invasion in Ukraine, more global companies have been moving their businesses out of Russia. For Group IB, it no longer has any financial or legal ties to Russia. Their operation in Russia is wholly independent of their global stake holdings. However, this isn’t something new for the company.

It was a strategic decision made many years ago, according to Volkov. They relocated their global corporate headquarters to Singapore in 2019 and conduct business there.

“We made the decision to establish our HQ in Singapore at the time for business-driven reasons. The business objective was to establish a new cybersecurity unicorn, and Singapore was chosen as the ideal location because of its excellent balance between the East and the West. Additionally, it has a world class economic ecosystem that supports the growth of our company not just in APAC but also in the Middle East and Europe,” explained Volkov.

For them, the most important goal was to consistently fight against cybercrime, which has been their mission ever since the company was founded in 2003. Since the Interpol cybersecurity division, which is in charge of combating cybercrime, is also located in Singapore, their collaboration improved when they relocated there.

Since then, they have had various success stories in stopping cybercrimes, some of which are known to the public and some of which are not intended to be revealed. One of the former is the INTERPOL-coordinated operation Night Fury. Group-IB’s cyber investigations team in Singapore helped identify and apprehend the cybercriminals in Indonesia targeting hundreds of online shopping websites around the world.

The state of cybersecurity landscape in Singapore

Singapore is subject to a number of threats, including phishing, scams, and social engineering attacks. How do these threats usually commence? Some people might dial victims’ number, contact them via social media, social networks, instant messages, and so forth. Cybercriminals use these tactics to persuade victims to transfer them money, sensitive personal or corporate data in a variety of ways.

“How can we help them? We can be proactive because we have technologies in place that can assist our customers in preventing social engineering scams and fraud against their users by looking at their behavior and analyzing the environment. For example, we implement such security solutions in financial institutions,” said Volkov. “[Group-IB] will still be able to save them even when a potential victim’s account has already been compromised or at a point when a user account has been contacted by the fraudsters and they haven’t transferred any money yet, and we can take actions automatically.”

Group-IB’s fraud protection technology can identify fraud, social engineering attacks and bad bot activity in both web and mobile channels where potential victims can enter their personal information, including phone numbers, email addresses, and credit card details ultimately saving money for banks and eCommerce companies, including marketplaces and classifieds.

Scams is one of the biggest threats in the Asia-Pacific region. Few months ago Group-IB uncovered that Classiscam – a sophisticated scam-as-a-service operation – has expanded to Singapore. Active since March 2022 locally, Classiscam fraudsters, as its name suggests, target users of one of the leading classified platforms in Singapore.

In this field Group-IB’s main focus is to develop and patent the technologies to fight against scammers targeting banks, marketplaces and classifieds. So this year we’ve got our first patents here in Singapore related to a digital risk protection solution, created to monitor and identify phishing and scam domains and fake advertisements as well.

The number one threat for business and government organizations in the world is ransomware. According to Group-IB, average ransom demand grew by 45% to reach $247,000 in 2021. In 97% of ransomware attacks, it is impossible to regain access to data without decryption software. According to Volkov, ransomware targets’ include both large corporations and midsize businesses.

Ransomware is severe because it has the potential to disrupt business operations completely. That is why there is a triple damage, according to Volkov, “First, you need to recover quickly. In some cases companies choose to pay the ransom to avoid costly downtime, which increased from 18 days in 2020 to 22 days in 2021. Secondly, you need to erase any artifacts that attackers may have left on your network and make it clean, that’s why you need to hire an incident response team from a cybersecurity vendor.  And the final one, when you must pay fines to authorities simply because you permitted the damage. And for any business owners, this is a complete tragedy,” said Volkov.

Cybersecurity challenges that businesses in Singapore face

According to Volkov, COVID has been the primary force behind change over the past two years and is also responsible for cybercrime. Everyone would have to work remotely due to COVID. And this has made it possible for threat actors to use all remote access services as a primary attack vector. The attack surface has increased drastically.

“The main challenge was how to protect them. This is a global issue; Singapore is not the only place affected,” said Volkov. “Cybersecurity experts may have a wealth of knowledge regarding the use of various security technologies or controls that can assist in stopping threat actors. Although there isn’t a single cybersecurity solution or silver bullet that can be used to detect everything, [the problem they have] is that they don’t really understand how attackers operate, what tools they use, how exactly they use them, and how it is possible to detect them with non-traditional approaches.”

Threat intelligence, which provides information about threat actors and their methods of operation, has thus become one of the most crucial areas in the cybersecurity field. He believes large organizations can permit themselves to absorb this kind of knowledge and use it to safeguard their operations.

Other businesses, however, are not as well shielded. Hence, it became crucial for everyone to have access to Cybersecurity-as-a-Service (CSaaS) and threat Intelligence services available through local partners of Group-IB in Asia.

Group-IB’s role to prevent cyberattacks

Group-IB offers cyber security services, assisting organizations in various levels of protection. They can learn more about threat actors who are simply planning possible attacks on businesses, customers, or even partners.

We have these types of insights. During an attack, we can also defend organizations. Therefore, if [cybercriminals] were to take their first steps (register domains, configure their servers, etc.) toward attacking a company, our technology would be able to detect them, said Volkov.

Additionally, Group-IB offers services that aid organizations in recovering even after an incident has occurred. One of the most significant factors that sets Group-IB apart from the competition is that when they do incident response and cyber investigations, they receive information about threat actors’ tools, infrastructure, and behavior observed in the wild in real-time. In essence, it means that they are better able to recognize the latest threats, which is crucial for detection, prevention and identification of threat actors.

“By using this information, we can collaborate with regional and global law enforcement, whether it be INTERPOL , Europol, or if we have a direct connection, we can begin to work together immediately. Such operations demonstrate that prompt data exchange, public-private partnership, and cross-border cooperation are the only ways forward to make cyberspace safer. This can help us to stop threat actors so that our strategic clients can accomplish their objectives. Because [cybersecurity] is an endless game, they must continuously be reactive. To be resistant to new approaches used by threat actors, you must always implement something new,” explained Volkov.

Group-IB is aware of this and is promoting this type of strategy to its clients in order to help them stop threat actors.

Regional business expansion plan

Group IB uses the same approach everywhere. First, growing the technical experts team. Every year Group-IB researchers analyze the increasing complexity of the global threat landscape and particularly highlight the growing role of alliances between threat actors. “We’ve been witnessing a continuous evolution of threat actors and always managed to investigate the most complex cases of its time: DDoS attacks, Scam and Phishing, Digital weapon developers, Targeted attacks on Banks and Insurance companies, Ransomware, Carding, Financial malware cases, Money laundering and many other extremely interesting cases” — Volkov said.

The tech team of Group-IB in Singapore and beyond consists of experts in digital forensics for incident response, malware reverse engineers, anti-fraud analysts, developers, threat intelligence experts, pentesters and others. These team members are crucial because they have access to information or intelligence regarding regional threat landscape that affect this particular geography and the companies that do business there.

“We’ve already done this in Singapore. Hence, we now invest more time on business growth. The next step will be creating a similar structure in other countries surrounding Singapore. Having started with Vietnam (Group-IB has its local office in Hanoi), we are currently choosing the new location for our next technical hub. Also, due to Singapore’s excellent education system, we want to hire more local talent, Volkov added.

Group-IB has an internship program globally that enables them to quickly onboard new local experts, and they will carry on with this endeavor in Singapore.

“Group-IB is growing at a fast pace. In May, we moved to a new, beautiful, and more spacious office in Fusionopolis. At present, we have close to 50 employees working in our global HQ in Singapore. By the end of this year, we are hoping to fill around 20 positions. Our goal is to have more than 120 people across the Asia-Pacific by the end of 2023, including in Singapore, Malaysia, Vietnam, Indonesia, India, and Australia,” he concluded.

---

---

---

---