Story image

Singapore CSA looks back at 2017's most rampant cyber threats

20 Jun 2018

The Cyber Security Agency of Singapore (CSA) has published a report of the biggest cyber threats the country experienced in 2017, with a notable shift from profit-motivated attacks to attacks designed to cause disruption.

The Singapore Cyber Landscape 2017 report shows that cyber threats continued to grow in frequency and in damage on a global scale – and Singapore statistics mirrored the trends.

“Given Singapore’s connectivity, what happens globally is often immediately felt here. As we continue our Smart Nation push, we have to raise our cyber hygiene and defences, especially against cyber-attackers who are getting better resourced and skilled,” Comments CSA chief David Koh.

“We need to play our part by being vigilant and adopting good cybersecurity practices to keep Singapore’s cyberspace safe and trustworthy for all.”

The CSA’s Cybersecurity Act, in addition to partnerships with GoSafeOnline, SingCERT and others, are designed to protect and raise awareness about cybersecurity issues.

According to the Singapore Police Force, Singaporeans reported 5,430 cases of cybercrime. While overall crime rates fell, cybercrime cases grew to 16.6% of all cases.

Many cases involved online cheating, compromised social media and SingPass accounts, impersonation, scams, and unauthorised access. In September 2017, Singapore also dealt convictions in its first Dark Web-related crime case.

Singapore’s critical information infrastructure (CII) sectors remain prime targets, with banking, finance and government at the top. This became a reality for one Singapore insurance company in September 2017, when a data breach compromised = the personal data of 5,400 customers, including their e-mail addresses, mobile numbers and dates of birth.

Singapore’s business ecosystem, in particular SMEs, are especially vulnerable to attacks as they don’t have the resources or skills to deal with cyber threats.

The report says that of the 146 cases reported to SingCERT last year, almost 40% involved SMEs. CSA encourages businesses to invest in cybersecurity solutions.

Finally, phishing, ransomware and tech support scams continue to plague individuals.

Common cyber threats are detailed below.

  • Website Defacements. 2,040 website defacements were observed in 2017. Many defacements were part of global mass defacement campaigns. The defaced websites belonged mostly to Small and Medium Enterprises (SMEs) from a range of sectors such as manufacturing, retail, and Information and Communications Technology (ICT).
     
  • Phishing. 23,420 phishing URLs with a Singapore-link were found in 2017. Phishing emails are one of the simplest and most effective methods that hackers use to steal sensitive personal data (e.g. passwords, contact information, credit card details), by tricking users into opening dubious links or attachments. The websites of technology companies such as Apple and Microsoft were commonly spoofed, making up about 40 per cent of the observed phishing

Malware Infections

  • Compromised Systems. In 2017, CSA observed about 750 unique Command & Control (C&C) servers in Singapore, and a daily average of about 2,700 botnet drones with Singapore IP addresses. Of the more than 400 malware variants detected in 2017, five were observed to have caused the majority of the infections. Conficker, Mirai, Cutwail, Sality, and WannaCry accounted for more than half of the systems infected daily. The majority of these malware are not new, suggesting that many victims are not scanning for viruses and cleaning up their systems.
     
  • Ransomware. Singapore was relatively unscathed by major ransomware campaigns such as WannaCry. 25 cases of ransomware were reported to SingCERT in 2017. Besides WannaCry, victims were infected by ransomware such as Cerber, Dharma, and Sage, and faced ransom demands ranging between S$2,000 and S$4,000. 
SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.