Cyber Threats in Singapore Grew in 2017, Mirroring Global Trends

Overall increase in cyber threats, such as phishing attacks, website defacements, and malware infections

The Cyber Security Agency of Singapore (CSA) released today its “Singapore Cyber Landscape 2017” publication, which highlights facts and figures on cyber threats that Singapore faced in 2017, as well as the need to build up cyber resilience.

In 2017, the global cyber landscape continued to evolve. Cyber threats continued to grow in frequency and impact. Notably, there was a shift from profit-motivated attacks towards those aimed at causing massive disruptions, such as the WannaCry ransomware campaign.

As a highly-connected country, Singapore’s cyber landscape mirrored these global trends. Common cyber threats such as phishing, website defacements, and malware infections also showed no signs of abating in 2017[1].   

1. Website Defacements. 2,040 website defacements were observed in 2017. Many defacements were part of global mass defacement campaigns. The defaced websites belonged mostly to Small and Medium Enterprises (SMEs) from a range of sectors such as manufacturing, retail, and Information and Communications Technology (ICT).

2. Phishing. 23,420 phishing URLs[2] with a Singapore-link were found in 2017. Phishing emails are one of the simplest and most effective methods that hackers use to steal sensitive personal data (e.g. passwords, contact information, credit card details), by tricking users into opening dubious links or attachments. The websites of technology companies such as Apple and Microsoft were commonly spoofed, making up about 40 per cent of the observed phishing       
    

3. Malware Infections.   

1. Compromised Systems. In 2017, CSA observed about 750 unique Command & Control (C&C) servers in Singapore, and a daily average of about 2,700 botnet drones with Singapore IP addresses. Of the more than 400 malware variants detected in 2017, five were observed to have caused the majority of the infections. Conficker, Mirai, Cutwail, Sality, and WannaCry accounted for more than half of the systems infected daily. The majority of these malware are not new, suggesting that many victims are not scanning for viruses and cleaning up their systems.

2. Ransomware. Singapore was relatively unscathed by major ransomware campaigns such as WannaCry. 25 cases of ransomware were reported to SingCERT in 2017. Besides WannaCry, victims were infected by ransomware such as Cerber, Dharma, and Sage, and faced ransom demands ranging between S$2,000 and S$4,000. 

Cybercrime on the Rise 

The Singapore Police Force (SPF) reported that cybercrime continued to rise in 2017, with 5,430 cybercrime cases reported. Between 2016 and 2017, cybercrime cases grew from 15.6 per cent[3] to 16.6 per cent of total crimes, even as overall crime fell. Online cheating accounted for the majority of cybercrime cases, with other cases involving compromised social media and SingPass accounts, impersonation scams, ransomware and unauthorised access. These are offences under the Computer Misuse and Cybersecurity Act. Singapore’s first conviction of a Dark Web-related crime took place in November 2017.   

Cyber Threats Singapore Faces

Threats to Critical Information Infrastructure (CII) Sectors.[4] CII sectors deliver essential services and a compromise of their systems can have a debilitating impact on Singapore’s society and economy. CII sectors such as Banking & Finance and Government remain prime targets for cyber-attacks, because of the sensitive information held by organisations in these sectors. In September 2017, the website of a Singapore insurance company was breached, compromising the personal data of 5,400 customers, including their e-mail addresses, mobile numbers and dates of birth. Government agencies also faced a range of cyber threats, including system intrusions and spoofed websites. To better protect Government systems and citizens’ data, Government agencies separated Internet surfing from Government networks in 2017.

Threats to Businesses. Businesses are common targets of cyber-attacks. SMEs are especially vulnerable, as they often lack the resources or know-how to adopt appropriate cybersecurity practices.  Almost 40 per cent of the 146 cases reported to SingCERT in 2017 involved businesses, particularly SMEs, and most of the cases involved phishing attacks and ransomware. Businesses are encouraged to invest in cybersecurity solutions to protect themselves from cyber-attacks.

Threats to Individuals. The three most common cyber threats reported to SingCERT by individuals were phishing, ransomware and tech support scams. A public awareness survey of 2,035 respondents conducted by CSA in 2017[5] showed that most respondents recognised that everyone had a role to play in cybersecurity, and were concerned about cybersecurity risks. However, there were still gaps in habits when it came to password management and updating of software. To encourage adoption of good cybersecurity practices, the publication highlights four cyber tips[6] to help readers go safe online.

Building up Singapore’s Cyber Resilience

A cyber-attack is inevitable. When it happens, it is important that Singapore is able to respond and recover expediently. CSA works closely with partners from the public and private sectors to build up Singapore’s cyber resilience. Efforts include the introduction of the new Cybersecurity Act to strengthen the protection of CII sectors, conducting regular cybersecurity exercises to raise CII sector readiness in responding and dealing with cyber incidents, as well as initiatives to develop a professional cybersecurity workforce.

CSA also reaches out to businesses and individuals to raise cybersecurity awareness and adoption through campaigns and platforms such as GoSafeOnline, SingCERT website and social media channels. Other efforts include the push for cybersecurity research and development to accelerate the growth of the industry to support Smart Nation initiatives.  CSA also collaborates with international partners to build cyber capacity and drive the adoption of voluntary cyber norms for a “rules-based” international order in cyberspace.

The “Singapore Cyber Landscape 2017” publication reviews Singapore’s cybersecurity situation in 2017 against the backdrop of global trends and events, and highlights Singapore’s efforts in creating a safe and trustworthy cyberspace.

"Given Singapore’s connectivity, what happens globally is often immediately felt here. As we continue our Smart Nation push, we have to raise our cyber hygiene and defences, especially against cyber-attackers who are getting better resourced and skilled. We need to play our part by being vigilant and adopting good cybersecurity practices to keep Singapore’s cyberspace safe and trustworthy for all."

Mr David Koh
Commissioner of Cybersecurity and Chief Executive of CSA

CSA analyses multiple data sources to shed light on the common cyber threats observed in Singapore’s cyberspace. Through case studies of incidents in Singapore, it aims to raise awareness of cyber threats amongst cyber stakeholders and the general public, and to offer practical and actionable insights to better defend ourselves against ever-evolving cyber threats.

Please refer to this link for a copy of the report. Please also see Appendix A for an overview of Singapore’s cyber threats in 2017.

Related Resource:  Appendix A 

[1] CSA regularly reviews and enhances its coverage of cyber threats globally and locally towards a comprehensive understanding of Singapore’s cyber landscape. The increase in the number of threats detected in 2017 was in part a result of such efforts.

[2] A Uniform Resource Locater (URL) is a unique, specific web address.

[3] In the Singapore Cyber Landscape 2016, it was reported that cybercrime accounted for 13.7 per cent of all crimes in 2016. SPF has since revised that 2016 figure to 15.6 per cent.

[4] Singapore’s 11 CII sectors are: Aviation, Banking & Finance, Energy, Government, Healthcare, Infocomm, Land Transport, Maritime, Media, Security & Emergency, and Water

[5] "CSA’s Public Awareness Survey in 2017 Reveals Signs of Improvement in Cybersecurity Practices,” CSA press release, 23 April 2018.

[6] CSA launched the second National Cybersecurity Awareness Campaign – “Cyber Tips 4 You” in April 2018. The campaign focuses on four cybersecurity tips namely: (1) use an anti-virus software, (2) use strong passwords and enable Two-Factor Authentication (2FA), (3) spot signs of phishing, and (4) update your software asap. These tips are presented to audiences by local celebrities Suhaimi Yusof and Jae Liew.

About the Cyber Security Agency of Singapore

The Cyber Security Agency of Singapore (CSA) provides dedicated and centralised oversight of national cyber security functions, and works with sector leads to protect Singapore’s critical services. It also engages with various industries, and stakeholders to heighten cyber security awareness as well as to ensure the holistic development of Singapore’s cyber security landscape. The Agency is part of the Prime Minister’s Office and is managed by the Ministry of Communications and Information.