Story image

Singapore CSA looks back at 2017's most rampant cyber threats

20 Jun 2018

The Cyber Security Agency of Singapore (CSA) has published a report of the biggest cyber threats the country experienced in 2017, with a notable shift from profit-motivated attacks to attacks designed to cause disruption.

The Singapore Cyber Landscape 2017 report shows that cyber threats continued to grow in frequency and in damage on a global scale – and Singapore statistics mirrored the trends.

“Given Singapore’s connectivity, what happens globally is often immediately felt here. As we continue our Smart Nation push, we have to raise our cyber hygiene and defences, especially against cyber-attackers who are getting better resourced and skilled,” Comments CSA chief David Koh.

“We need to play our part by being vigilant and adopting good cybersecurity practices to keep Singapore’s cyberspace safe and trustworthy for all.”

The CSA’s Cybersecurity Act, in addition to partnerships with GoSafeOnline, SingCERT and others, are designed to protect and raise awareness about cybersecurity issues.

According to the Singapore Police Force, Singaporeans reported 5,430 cases of cybercrime. While overall crime rates fell, cybercrime cases grew to 16.6% of all cases.

Many cases involved online cheating, compromised social media and SingPass accounts, impersonation, scams, and unauthorised access. In September 2017, Singapore also dealt convictions in its first Dark Web-related crime case.

Singapore’s critical information infrastructure (CII) sectors remain prime targets, with banking, finance and government at the top. This became a reality for one Singapore insurance company in September 2017, when a data breach compromised = the personal data of 5,400 customers, including their e-mail addresses, mobile numbers and dates of birth.

Singapore’s business ecosystem, in particular SMEs, are especially vulnerable to attacks as they don’t have the resources or skills to deal with cyber threats.

The report says that of the 146 cases reported to SingCERT last year, almost 40% involved SMEs. CSA encourages businesses to invest in cybersecurity solutions.

Finally, phishing, ransomware and tech support scams continue to plague individuals.

Common cyber threats are detailed below.

  • Website Defacements. 2,040 website defacements were observed in 2017. Many defacements were part of global mass defacement campaigns. The defaced websites belonged mostly to Small and Medium Enterprises (SMEs) from a range of sectors such as manufacturing, retail, and Information and Communications Technology (ICT).  
  • Phishing. 23,420 phishing URLs with a Singapore-link were found in 2017. Phishing emails are one of the simplest and most effective methods that hackers use to steal sensitive personal data (e.g. passwords, contact information, credit card details), by tricking users into opening dubious links or attachments. The websites of technology companies such as Apple and Microsoft were commonly spoofed, making up about 40 per cent of the observed phishing

Malware Infections

  • Compromised Systems. In 2017, CSA observed about 750 unique Command & Control (C&C) servers in Singapore, and a daily average of about 2,700 botnet drones with Singapore IP addresses. Of the more than 400 malware variants detected in 2017, five were observed to have caused the majority of the infections. Conficker, Mirai, Cutwail, Sality, and WannaCry accounted for more than half of the systems infected daily. The majority of these malware are not new, suggesting that many victims are not scanning for viruses and cleaning up their systems.  
  • Ransomware. Singapore was relatively unscathed by major ransomware campaigns such as WannaCry. 25 cases of ransomware were reported to SingCERT in 2017. Besides WannaCry, victims were infected by ransomware such as Cerber, Dharma, and Sage, and faced ransom demands ranging between S$2,000 and S$4,000. 
ESET researchers break down latest arsenal of the infamous Sednit group
At the end of August 2018, the Sednit group launched a spear-phishing email campaign, in which it distributed shortened URLs that delivered first-stage Zebrocy components.
Container survey shows adoption accelerating while security concerns remain top of mind
The report features insights from over 500 IT professionals.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Fake apps on Google Play scamming users out of cryptocurrency
Fake cryptocurrency apps on Google Play have been discovered to be phishing and scamming users out of cryptocurrency, according to a new report from ESET.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
SEGA turns to Palo Alto Networks for cybersecurity protection
When one of the world’s largest video game pioneers wanted to strengthen its IT defences against cyber threats, it started with firewalls and real-time threat intelligence from Palo Alto Networks.
Forrester names Trend Micro Leader in email security
TrendMicro earned the highest score for technology leadership, deployment options and cloud integration.
LogRhythm releases cloud-based SIEM solution
LogRhythm Cloud provides the same feature set and user experience as its on-prem experience.