Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
US CISA advisory highlights ongoing state-sponsored attacks on routers...
CloudMile and Tookitaki Sign MoU to Strengthen AI-Driven Financial Cri...
Secure onboarding needed to verify new-hire identity 
Just a single malicious email can poison your AI agent’s memory: resea...
VIDA Demonstrates How Passwordless Authentication Can Break the Scam C...
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      S E Asia governments targeted by cyber-espionage group

      S E Asia governments targeted by cyber-espionage group

      Tuesday, June 23, 2026, 8:00 AM Asia/Singapore | Features
    • Featured

      Rethinking network and infrastructure design for resilience

      Rethinking network and infrastructure design for resilience

      Thursday, June 18, 2026, 2:17 PM Asia/Singapore | Features
    • Featured

      Bringing cybercriminals to justice in APAC

      Bringing cybercriminals to justice in APAC

      Thursday, June 11, 2026, 10:30 AM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • AWARDS 2026
  • Directory
  • E-Learning

Select Page

Tips

How to detect and contain evasive lateral threats in hybrid cloud environments

By Vladimir Yordanov, Senior Director, APJ (Solution Engineering), Gigamon | Thursday, July 17, 2025, 2:09 PM Asia/Singapore

How to detect and contain evasive lateral threats in hybrid cloud environments

Modern attackers bypass borders and spread silently. Strengthened internal observability helps leaders detect and contain them early. Find out how…

Imagine discovering that burglars have been secretly living in your house, wandering from room to room, helping themselves to your food, and subtly siphoning off small possessions, without you ever noticing. This act of “phrogging” can persist for weeks, even months.

Now, translate this to your enterprise network. Most security teams focus on locking the doors and watching who comes in and out: the North–South traffic crossing the perimeter. The problem is, once an intruder goes past your defenses and gets inside, they can move quietly across servers, workloads, and containers along the network’s hallways: the East–West lanes (i.e., lateral traffic).

As cloud environments and microservices proliferate, internal workload have grown significantly and often exceed inbound/outbound traffic volumes. This shift increases the risk of lateral movement by attackers if internal visibility is limited.

A growing regional risk landscape

Regionally, surveys and statistics suggest that sophisticated attacks have been increasingly exploiting East-West blind spots. A stark example of this kind of phrogging is the SingHealth Data Breach of 2018. Another case occurred in the Medibank Data Breach, Australia (2022).

Once inside a government cloud, attackers moved laterally across systems, infecting machines with malware, deleting files, and disabling services, underscoring the severe threat posed by lateral movement.

Compounding these risks are third-party vulnerabilities, with a high proportion of victimized firms unable to detect compromises originating from their vendors.

Why conventional telemetry falls short
Security operations centers have long relied heavily on telemetry for insights into system activity and performance. These signals are essential, but also fragile.

  • Logs can be deleted or never created
  • Agents can be disabled
  • The sheer volume of events from containerized environments can drown out real threats.

Attackers know this, and so they use legitimate admin tools, short bursts of encrypted traffic, and carefully timed data exfiltration to evade detection. Unlike logs, which are often manipulated or deleted after compromise, network packet captures — especially when collected out-of-band or from trusted points in the network — are generally harder to tamper with. (Editor’s note: Determined attackers with sufficient infrastructure access can still disrupt or obfuscate even network traffic, so no source of telemetry is completely immune.)

This is the principle behind strong system observability: complementing traditional signals with real-time, unfiltered data from across all data systems to give security and performance teams a clearer, more complete picture of what is going on.

Guarding against lateral movement
Today’s most dangerous threats range from ransomware to advanced persistent threats, which unfold over time and are often executed by well-resourced (and patient) attackers. They move laterally across systems and exploit blind spots between workloads, clouds, and containers to evade detection.

The urgent priority is to relook network observability and harden it:

  • Begin by capturing internal traffic, from virtual machines, cloud environments, and containers, and feeding it into a unified pipeline.
  • This pipeline filters out noise, de-duplicates packets, and adds context; turning huge amounts of raw data into focused, actionable intelligence without sacrificing forensic detail.
  • A major barrier to this visibility used to be encryption, which often hides malicious activity. However, modern security solutions now decrypt traffic in transit for inspection and re-encrypt it before delivery, uncovering hidden threats without compromising privacy or overwhelming security tools.
  • Armed with this enriched dataset, security teams can detect low-and-slow lateral access, suspicious file movements, or unusual spikes in outbound encrypted traffic that may be missed with traditional tools and team skillsets.
  • This deeper visibility also transforms incident response. Teams can trace the path of an attack across internal systems, enabling faster containment and reducing dwell time.

Most importantly, strengthened observability of lateral traffic operationalizes Zero Trust. It validates segmentation policies, detects misconfigurations, and closes internal blind spots.

Locking the front door is insufficient now
With strengthened observability turning on the lights everywhere data moves, the intruder’s advantage will be negated, including encrypted traffic where malicious activity is often hidden.

In doing this, organizations can detect threats earlier, respond faster, and operate more precisely.

It building and reinforcing a resilient security posture, true safety is not just about locking the front door: it is about knowing what is happening in every room at all times.

Share:

PreviousPenta Security Receives Frost & Sullivan’s 2025 South Korea Company of the Year Recognition for Excellence in Web Application Firewall Technology
NextMalicious extension in open code marketplace causes US$500k cryptocurrency theft from developer

Related Posts

On Safer Internet Day, raise the alarm on fake news and deepfakes

On Safer Internet Day, raise the alarm on fake news and deepfakes

Tuesday, February 9, 2021

Urgent: Your inactive cryptomining account is about to be deactivated!

Urgent: Your inactive cryptomining account is about to be deactivated!

Wednesday, April 12, 2023

How to mitigate security issues when teams return from WFH

How to mitigate security issues when teams return from WFH

Sunday, May 24, 2020

Do not assume data and cybersecurity are baked into cloud computing

Do not assume data and cybersecurity are baked into cloud computing

Friday, June 24, 2022

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

    Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

    Cyber threats have become more frequent and sophisticated, targeting organizations of all sizes across all …Download Whitepaper
  • Zero Trust Made Simple: Why it matters and how to get started

    Zero Trust Made Simple: Why it matters and how to get started

    Data breaches and cyberattacks are no longer limited to large, high-profile organizations.Download Whitepaper
  • Cloud Secure Edge: Remote access, better security

    Cloud Secure Edge: Remote access, better security

    ​SonicWall Cloud Secure Edge™ is a modern, cloud-native Security Service Edge (SSE) solution that addresses …Download Whitepaper
  • Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

    Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • How a Vietnamese D2C retailer built its own secure digital infrastructure

    How a Vietnamese D2C retailer built its own secure digital infrastructure

    Would your organization build your own digital infrastructure – including AI governance and cybersecurity – …Read more
  • Cyber protection for medical clinics in Singapore

    Cyber protection for medical clinics in Singapore

    As Singapore’s healthcare sector becomes increasingly digital and interconnected, clinics are facing heightened cyber risks, …Read more
  • India’s WazirX strengthens governance and digital asset security

    India’s WazirX strengthens governance and digital asset security

    Revamping its custody infrastructure using multi‑party computation tools has improved operational resilience and institutional‑grade safeguardsRead more
  • Bangladesh LGED modernizes communication while addressing data security concerns

    Bangladesh LGED modernizes communication while addressing data security concerns

    To meet emerging data localization/privacy regulations, the government engineering agency deploys a secure, unified digital …Read more

Bottom sidebar

Other News

  • CloudMile and Tookitaki Sign MoU to Strengthen AI-Driven Financial Crime Prevention in Malaysia

    Wednesday, July 15, 2026
    KUALA LUMPUR, Malaysia, July 15, …Read More »
  • VIDA Demonstrates How Passwordless Authentication Can Break the Scam Chain

    Monday, July 13, 2026
    KUALA LUMPUR, Malaysia, July 13, …Read More »
  • Sparsa AI Launches Sovereign Enterprise AI Platform with Global Deployment at QNET

    Wednesday, July 8, 2026
    The Sparsa AI Enterprise Operating …Read More »
  • Conifers AI Opens Singapore Data Region, Bringing Local Data Residency to Asia-Pacific Security Teams

    Wednesday, July 8, 2026
    With data regions now spanning …Read More »
  • DXC Opens Flagship AI-first Customer Experience Center in Bengaluru

    Tuesday, July 7, 2026
    Strengthens DXC’s India presence with …Read More »
  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2026 CybersecAsia All Rights Reserved.