Cyber Security

Cyber awareness occupies a significant role in deterring hackers or external parties from intruding into personal devices. It is a role that requires the proactive participation of every employee so that everyone can identify what the security threats are.

Alternatively, when cyber awareness fails, cyber security sets up a defensive wall against malware and protects the user from the malicious attacker.

Through the years, it has been reiterated that cyber awareness and security should be one of the core focus of a company’s operations. In support of the global cyber awareness day in October, Orient Futures Singapore will provide information about recent events that highlight the importance of cyber security as well as possible flaws.  

Henceforth, this article will list 3 significant cyber-attacks of varying scales that have occurred in 2022.
 

Lloyds London Cyber Attack

Cyber-attacks can present certain signs.

In the case of Lloyd’s of London, an insurance firm, it was reported on October 2022 that the company detected unusual activity within its network. As a result, the proactive decision was made to take some systems offline and perform a cyber security investigation. Through active tracking and implementation, the investigation was announced as one with “no evidence of any compromise”. However, it has been suggested that “ransomware might have been involved”.
 

Shen Attack

Apart from a possible attack by hackers on the firm, Lloyds has also published an article stating the consequences of a cyber-attack on Asia Pacific Ports. The report calculated that “transportation, aviation, and aerospace sectors would suffer an estimated loss of $28.2bn of economic loss, while manufacturing would suffer an estimated loss of $23.6bn and retail would suffer an estimated loss of $18.5bn.”

 

Uber Cyber Attack 2022

In 2022, it was reported that over 77,000 Uber employee details were leaked in a data breach. On September 15, 2022, a hacker purchased stolen credentials belonging to an Uber employee from the dark web marketplace.

In the beginning phase of the scam, “an initial attempt to connect to Uber’s network with these credentials failed.”.  Subsequently, with the first attempt failed, the hacker then pressured the employee to approve an MFA notification by impersonating Uber’s security. Upon approval, the hacker gained full access to the employee’s account as well as sensitive information and the data breach ensued.  

Based on several sources, the hacker was believed to be from a hacking group named Lapsus$.   

Nonetheless, amidst this series of unfortunate events, the silver lining was that the hacker was a thrill seeker and not a financially motivated individual. This meant that the compromised data were not used to harm Uber (such as through selling information in the dark web). Previously, the company had also experienced a cyber attack in 2016, in that incident, the company paid $100,000 for the hackers to delete data and to sign a non-disclosure agreement.  

 

SQL Injection Cyber Attack  

The term SQL (Search Query Language) is the programming language to process information or draw data for analysis from a database such as Amazon AWS or any cloud-based platform. In an SQL Injection Cyber Attack (SQLi), the attackers interfere with these queries which then provides access to data that they are not normally able to retrieve.  

Types of SQL Attacks are also explained by portswigger, it include forms such as:
1) Retrieving hidden data
2) Subverting application logic
3) UNION attacks
4) Examining the database
5) Blind SQL injection

Among the other forms of cyber-attacks, the SQLi is one of the oldest and most destructive, so much so that it has remained the top 10 of the OWASP list. For example, in August 2007, a hacker made use of the technique to steal card data. In that attack, the hackers had also installed back doors to provide continued access and covered tracks through antivirus cloaks and malware usage. In total, 4.2 million stolen debit and credit card numbers were stolen.

Eventually, the TJX hacker, Albert Gonzalez was sentenced to 20 years and a day and fined $25,000 for his role in breaches.


Ways To Prevent SQL Injection Cyber Attack

To prevent SQL injections, corporations can use parameterized queries. A parameterized query is a query in which placeholders are used for parameters and the parameter values are supplied at execution time.

Through this parameterized query, web developers can actively avoid SQL injections during the building of the website.

 

Protect Your Intellectual Property

With the above examples of abnormal web traffic, impersonation, and SQL injections, the electronic and online world is highly vulnerable to a variety of cyber-dependent crimes. Hence, it is crucial that firms develop comprehensive cybersecurity procedures.

As an international brokerage, cloud security and security systems are our priority. We believe that cyber awareness should be available for all staff. This ensures that the personal data of every individual (both in the company and clients) remain under protection over the long run.

 

Start Trading With Orient Futures Singapore 

Being an Overseas Intermediary of Shanghai International Energy Exchange (INE), Dalian Commodity Exchange (DCE), and Zhengzhou Commodity Exchange (ZCE), when foreign clients participate in internationalised futures contracts in these Chinese markets with us, they have direct access to trading, clearing, and settlement. Our parent company, Shanghai Orient Futures, is the largest broker in terms of aggregated volume across the five regulated exchanges in China.

Orient Futures Singapore also currently holds memberships at the Singapore Exchange (SGX), Asia Pacific Exchange (APEX), and ICE Futures Singapore (ICE SG).

We provide premium customer service at an affordable cost to all our clients. Our team will be there for you 24 hours on trading days to provide a one-stop portal for all your trades, with simple processes and an intuitive user interface that has low or near-to-zero latency.