Cyber Incident Victim: Aztech Global Ltd
Date:
Feb 2024
Location:
Singapore
Summary
Aztech Global Ltd. experienced a ransomware attack involving unauthorized access to its IT network, prompting immediate server shutdowns during the lunar new year break and deployment of cybersecurity screening tools to prevent further compromise. The company engaged third-party forensic advisors, notified law enforcement, and is consulting industry experts to enhance its security posture, maintaining that the incident has not materially impacted financials or operations. This attack aligns with a broader trend of ransomware incidents affecting Singapore-listed companies, following similar breaches disclosed by other firms earlier in the year.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Aztech Global Ltd. and its subsidiaries experienced a cybersecurity incident involving unauthorized network access by cyber criminals who deployed a ransomware attack. The Singapore-based, SGX Mainboard-listed company discovered the breach and responded by immediately shutting down all servers during the Lunar New Year break period. This containment measure coincided with deploying multiple advanced cybersecurity screening tools to audit server data integrity and prevent further compromise. The group engaged third-party forensic specialists to conduct a technical investigation into the attack vector and scope while simultaneously notifying relevant law enforcement agencies. Concurrently, Aztech Global initiated consultations with cybersecurity industry experts to evaluate and enhance its organizational security posture. The company publicly stated that available evidence indicated no material financial or operational disruptions resulted from the incident at the time of disclosure.
This ransomware event occurred amid a broader pattern of cyberattacks targeting Singapore-listed entities, following similar incidents disclosed in January by IPS Securex Holdings, ES Group (Holdings), and RE&S Holdings. Aztech Global maintained its servers in a secured offline state during preliminary forensic examinations while continuing system-wide data integrity verification processes. The company committed to providing shareholders with updates regarding material developments but advised against premature share transactions absent professional consultation. No data exfiltration specifics, ransom demands, or network restoration timelines were disclosed in the initial announcements. Investigations by forensic advisors and law enforcement remained ongoing as of the February 13, 2024, public disclosure, with no supplementary technical details about attacker methodologies or compromised systems released.