Story image

96% of Singaporean businesses breached in the past year

05 Apr 2019

Findings from a new survey have provided some food for thought in Singapore.

According to the Carbon Black report based off survey responses from 250 Singaporean CIOs, CTOs, and CISOs in January this year, a staggering 96% have been breached in the last 12 months.

Some other key findings include:

  • 3.98 is the average number of reported breaches per organisation
  • 92% have seen an increase in attack volumes
  • 95% say attacks have become more sophisticated
  • 97% plan to increase spending on cybersecurity

Despite being on the decline around the world, in Singapore ransomware is the most prolific method of attack, with 28% of organisations naming it the most frequently encountered. Malware and Google Drive (cloud data breach) were in second and third place at 25% and 11% respectively.

However, the human factor plays a big part in the attacks that lead to breaches, as phishing attacks are at the root of 14% of successful breaches. Process weakness was the identified cause in 12% of breaches, indicating that basic security hygiene should still be considered a priority by organisations.

In terms of industry, it was financial institutions that suffered the greatest growth in attack sophistication with 63% reporting that attacks had grown increasingly sophisticated.

Meanwhile, nearly two-thirds of businesses in the manufacturing and engineering industry have been breached three to five times in the past 12 months. Third-party applications and ransomware pose the greatest threats to this sector (both 23%), as these tactics were the primary causes of successful breaches.

Moving forward, 79% of surveyed Singaporean organisations said they are actively threat hunting, with over a third (34%) having threat hunted for more than one year, while 46% said they have started in the past year.

What is encouraging, Carbon Black security strategy head Rick McElroy says, is that 94% of those organisations report that threat hunting has strengthened their defences and 41% said that it has significantly strengthened their defences.

"Our first Singaporean threat report indicates that organisations in Singapore are under intense pressure from escalating cyberattacks," says McElroy

"The research indicates increases across the board in attack volume and sophistication, causing frequent breaches. In response, an encouraging number of Singaporean organisations are adopting threat hunting and seeing positive results. As threat hunting strategies start to mature, we hope to see fewer attacks making it to full breach status.''

Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Princeton study wants to know if you have a smart home - or a spy home
The IoT research team at Princeton University wants to know how your IoT devices send and receive data not only to each other, but also to any other third parties that may be involved.
Organisations not testing incident response plans – IBM Security
Failure to test can leave organisations less prepared to effectively manage the complex processes and coordination that must take place in the wake of an attack.
65% of manufacturers run outdated operating systems – Trend Micro
The report highlights the unique triple threat facing manufacturing, including the risks associated with IT, OT and IP.