Story image

Singapore CSA looks back at 2017's most rampant cyber threats

20 Jun 2018

The Cyber Security Agency of Singapore (CSA) has published a report of the biggest cyber threats the country experienced in 2017, with a notable shift from profit-motivated attacks to attacks designed to cause disruption.

The Singapore Cyber Landscape 2017 report shows that cyber threats continued to grow in frequency and in damage on a global scale – and Singapore statistics mirrored the trends.

“Given Singapore’s connectivity, what happens globally is often immediately felt here. As we continue our Smart Nation push, we have to raise our cyber hygiene and defences, especially against cyber-attackers who are getting better resourced and skilled,” Comments CSA chief David Koh.

“We need to play our part by being vigilant and adopting good cybersecurity practices to keep Singapore’s cyberspace safe and trustworthy for all.”

The CSA’s Cybersecurity Act, in addition to partnerships with GoSafeOnline, SingCERT and others, are designed to protect and raise awareness about cybersecurity issues.

According to the Singapore Police Force, Singaporeans reported 5,430 cases of cybercrime. While overall crime rates fell, cybercrime cases grew to 16.6% of all cases.

Many cases involved online cheating, compromised social media and SingPass accounts, impersonation, scams, and unauthorised access. In September 2017, Singapore also dealt convictions in its first Dark Web-related crime case.

Singapore’s critical information infrastructure (CII) sectors remain prime targets, with banking, finance and government at the top. This became a reality for one Singapore insurance company in September 2017, when a data breach compromised = the personal data of 5,400 customers, including their e-mail addresses, mobile numbers and dates of birth.

Singapore’s business ecosystem, in particular SMEs, are especially vulnerable to attacks as they don’t have the resources or skills to deal with cyber threats.

The report says that of the 146 cases reported to SingCERT last year, almost 40% involved SMEs. CSA encourages businesses to invest in cybersecurity solutions.

Finally, phishing, ransomware and tech support scams continue to plague individuals.

Common cyber threats are detailed below.

  • Website Defacements. 2,040 website defacements were observed in 2017. Many defacements were part of global mass defacement campaigns. The defaced websites belonged mostly to Small and Medium Enterprises (SMEs) from a range of sectors such as manufacturing, retail, and Information and Communications Technology (ICT).  
  • Phishing. 23,420 phishing URLs with a Singapore-link were found in 2017. Phishing emails are one of the simplest and most effective methods that hackers use to steal sensitive personal data (e.g. passwords, contact information, credit card details), by tricking users into opening dubious links or attachments. The websites of technology companies such as Apple and Microsoft were commonly spoofed, making up about 40 per cent of the observed phishing

Malware Infections

  • Compromised Systems. In 2017, CSA observed about 750 unique Command & Control (C&C) servers in Singapore, and a daily average of about 2,700 botnet drones with Singapore IP addresses. Of the more than 400 malware variants detected in 2017, five were observed to have caused the majority of the infections. Conficker, Mirai, Cutwail, Sality, and WannaCry accounted for more than half of the systems infected daily. The majority of these malware are not new, suggesting that many victims are not scanning for viruses and cleaning up their systems.  
  • Ransomware. Singapore was relatively unscathed by major ransomware campaigns such as WannaCry. 25 cases of ransomware were reported to SingCERT in 2017. Besides WannaCry, victims were infected by ransomware such as Cerber, Dharma, and Sage, and faced ransom demands ranging between S$2,000 and S$4,000. 
Privacy: The real cost of “free” mobile apps
Sales of location targeted advertising, based on location data provided by apps, is set to reach $30 billion by 2020.
Myth-busting assumptions about identity governance - SailPoint
The identity governance space has evolved and matured over the past 10 years, changing with the world around it.
Forrester names Crowdstrike leader in incident response
The report provides an in-depth evaluation of the top 15 IR service providers across 11 criteria.
Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
Security professionals want to return fire – Venafi
Seventy-two percent of professionals surveyed believe nation-states have the right to ‘hack back’ cybercriminals.
Alcatraz AI to replace corporate badges with AI security
The Palo Alto-based startup supposedly leverages facial recognition, 3D sensing, and machine learning to enable secure access control.
Ensign and IronNet partner to create cyber analytics capabilities
The Singapore-based joint venture will form a Cyber Analytics Center for Excellence focused on securing regional enterprises from sophisticated cyber threats.
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.