Singapore reports record cyberattacks in Southeast Asia 2024

Kaspersky Security Network (KSN) has reported that in 2024, there were over 21 million cyberattacks originating from compromised servers in Singapore, marking the highest number in Southeast Asia.

Singapore was ranked 8th globally as a threat source destination in 2024. This ranking has been climbing from 12th in 2022 to 9th in 2023, according to Kaspersky's findings. Attack numbers over the past three years reveal an increase from 11,123,465 in 2022 to 17,010,939 in 2023, and reaching 21,926,752 in 2024.

Cybercriminals use these compromised servers to host websites designed to deliver malware to unsuspecting users. These threats are often masked using fake advertisements, phishing links, and other deception methods. Kaspersky's technologies detect, block, and trace the sources of these threats.

The data highlights Singapore's susceptibility due to its status as a respected tech hub, making it an appealing disguise for cybercriminals who use the city-state as a proxy. Such tactics include deploying multiple layers of obfuscation to evade detection.

Adrian Hia, Managing Director for Asia Pacific at Kaspersky, commented, "Singapore is a Tier 1 data centre market in Asia Pacific, and is home to large servers of tech giants. This entices cybercriminals to select servers based in Singapore to launch their attacks as it maximises the impact of their campaign. In a way, the high number of incidents originating from compromised servers here is a by-product of the large data centre industry in this country."

Despite these challenges, Singapore has taken significant steps to enhance its cybersecurity measures. Kaspersky's data shows Singapore recorded the fewest local threats in 2024 among Southeast Asian countries. These threats include offline and device-based malware transmissions, common in environments using removable media such as USB drives.

The number of local threats, however, has increased by 33.5%, with 2,217,922 instances noted between 2023 and 2024. This increase presents an ongoing challenge for Singapore in its fight against cybercrime.

An advisory by the Infocomm Media Development Authority (IMDA) identified an Advanced Persistent Threat (APT) group known as Stately Taurus as responsible for attacks across Southeast Asia, including Singapore. This group has used malware spread via removable drives and spear-phishing campaigns.

"The threat landscape is ever evolving, and threat actors continue to look for ways to disguise their identity and tactics to further their modus operandi. While digitalisation may mean that threats are more prevalent online, individuals and businesses should remain vigilant of the risks that local threats pose as global threat actors continue to leverage this type of threat," said Hia.

Kaspersky has proposed several measures for businesses and individuals to protect against these threats. Recommendations include regular updates of operating systems and software, being cautious of suspicious communications, and using endpoint detection and response solutions. Additionally, they advocate for upskilling cybersecurity teams and providing them access to threat intelligence.