Cyber threats in Singapore go up; phishing attacks see biggest jump

SINGAPORE – There was an increase in all forms of cyber threats last year, with phishing attacks topping the list and surging by almost 10 times, according to the latest annual report by the Cyber Security Agency of Singapore (CSA) released on Tuesday (June 19).

The Singapore Cyber Landscape report also noted a shift from "profit-motivated attacks towards those aimed at causing massive disruptions". For instance, technology companies faced the brunt of phishing attacks, a shift from companies in the banking and financial services which were the target of these threats in 2016.

Phishing attacks were top on the list of cyber threats reported to the Singapore Computer Emergency Response Team (SingCERT), which responds to cyber security incidents and comes under CSA's purview. They made up 39 per cent of the threats.

Next on the list was compromised systems at 21 per cent, followed by ransomware (17 per cent).

"As a highly-connected country, Singapore's cyber landscape mirrored these global trends," said the report.

"Common cyber threats such as phishing, website defacements, and malware infections also showed no signs of abating in 2017."

In a sign that cyber threats continue to be a huge concern in Singapore, data collected by American technology company F5 Networks and its data partner Loryka showed that Singapore was the top cyber attack target around the world during the Trump-Kim summit on June 12.

Singapore experienced close to 40,000 attacks during the meeting, with the nation receiving 4.5 times more attacks than the United States or Canada on both days.

The numbers for 2017 were also telling, as authorities detected 23,420 phishing uniform resource locators or URLs linked to Singapore, a huge jump from the 2016 figure of 2,512. The agency noted that phishing emails are one of the simplest and most effective methods used by hackers to steal sensitive personal data such as passwords and credit card details for financial gain.

In 2016, it was reported that such phishing attacks tend to target firms in the banking and financial services sector, followed by file-hosting service providers such as Dropbox and technology firms.

But data from last year showed a shift as phishing attacks moved to websites of technology companies such as Apple and Microsoft, with these firms making up about 40 per cent of the observed phishing URLs.

The number of website defacements also saw an increase of 16.6 per cent, from 1,750 cases in 2016 to about 2,040, many of which were part of global mass defacement campaigns. As with 2016, the majority of the websites affected belonged to small- and medium-sized enterprises in sectors that included manufacturing and retail.

Ransomware cases increased from 19 in 2016 to 25 last year, as did the number of compromised systems, as 750 command and control servers were detected in Singapore's cyber space last year – about 12 times more than the 60 servers detected in 2016.

Such servers are used by hackers to communicate with malware-infected devices. The objective is to carry out malicious attacks such as data theft, email spam campaigns, and Distributed Denial of Service (DDoS) attacks, which typically involve flooding a system with data, causing disruption to business operations or distracting victims from ongoing cybercrimes.

Last year also saw a number of major cyber incidents involving both public and private organisations. In February 2017, the Ministry of Defence was hit by a cyber attack that resulted in the theft of the personal data of about 850 national servicemen and the ministry's employees, though classified military information was not compromised.

In September, the personal data of about 5400 past and present customers of AXA Insurance were stolen in a separate cyber attack.

The CSA's report also showed that cybercrime cases were on the rise, growing from 15.6 per cent in 2016 to 16.6 per cent last year, with the majority involving online cheating.

The number of cases reported under the Computer Misuse and Cybersecurity Act also went up last year to 861, from 758 cases in 2016.