In 2017, the global cyber landscape continued to evolve. Cyber threats continued to grow in frequency and impact. Notably, there was a shift from profit-motivated attacks towards those aimed at causing massive disruptions, such as the WannaCry ransomware campaign.
As a highly-connected country, Singapore’s cyber landscape mirrored these global trends, according to the Cyber Security Agency of Singapore’s (CSA) “Singapore Cyber Landscape 2017” publication, which highlights facts and figures on cyber threats that Singapore faced in 2017, as well as the need to build up cyber resilience.
Common cyber threats such as phishing, website defacements, and malware infections also showed no signs of abating in 2017.
- Website Defacements. 2,040 website defacements were observed in 2017. Many defacements were part of global mass defacement campaigns. The defaced websites belonged mostly to Small and Medium Enterprises (SMEs) from a range of sectors such as manufacturing, retail, and Information and Communications Technology (ICT).
- Phishing. 23,420 phishing URLs[2] with a Singapore-link were found in 2017. Phishing emails are one of the simplest and most effective methods that hackers use to steal sensitive personal data (e.g. passwords, contact information, credit card details), by tricking users into opening dubious links or attachments. The websites of technology companies such as Apple and Microsoft were commonly spoofed, making up about 40 per cent of the observed phishing
- Malware Infections.
- Compromised Systems. In 2017, CSA observed about 750 unique Command & Control (C&C) servers in Singapore, and a daily average of about 2,700 botnet drones with Singapore IP addresses. Of the more than 400 malware variants detected in 2017, five were observed to have caused the majority of the infections. Conficker, Mirai, Cutwail, Sality, and WannaCry accounted for more than half of the systems infected daily. The majority of these malware are not new, suggesting that many victims are not scanning for viruses and cleaning up their systems.
- Ransomware. Singapore was relatively unscathed by major ransomware campaigns such as WannaCry. 25 cases of ransomware were reported to SingCERT in 2017. Besides WannaCry, victims were infected by ransomware such as Cerber, Dharma, and Sage, and faced ransom demands ranging between S$2,000 and S$4,000.
Cybercrime on the Rise
The Singapore Police Force (SPF) reported that cybercrime continued to rise in 2017, with 5,430 cybercrime cases reported. Between 2016 and 2017, cybercrime cases grew from 15.6 per cent to 16.6 per cent of total crimes, even as overall crime fell.
Online cheating accounted for the majority of cybercrime cases, with other cases involving compromised social media and SingPass accounts, impersonation scams, ransomware and unauthorised access. These are offences under the Computer Misuse and Cybersecurity Act. Singapore’s first conviction of a Dark Web-related crime took place in November 2017.
Cyber Threats Singapore Faces
Threats to Critical Information Infrastructure (CII) Sectors. CII sectors deliver essential services and a compromise of their systems can have a debilitating impact on Singapore’s society and economy. CII sectors such as Banking & Finance and Government remain prime targets for cyber-attacks, because of the sensitive information held by organisations in these sectors. In September 2017, the website of a Singapore insurance company was breached, compromising the personal data of 5,400 customers, including their e-mail addresses, mobile numbers and dates of birth. Government agencies also faced a range of cyber threats, including system intrusions and spoofed websites. To better protect Government systems and citizens’ data, Government agencies separated Internet surfing from Government networks in 2017.
Threats to Businesses. Businesses are common targets of cyber-attacks. SMEs are especially vulnerable, as they often lack the resources or know-how to adopt appropriate cybersecurity practices. Almost 40 per cent of the 146 cases reported to SingCERT in 2017 involved businesses, particularly SMEs, and most of the cases involved phishing attacks and ransomware. Businesses are encouraged to invest in cybersecurity solutions to protect themselves from cyber-attacks.
Threats to Individuals. The three most common cyber threats reported to SingCERT by individuals were phishing, ransomware and tech support scams. A public awareness survey of 2,035 respondents conducted by CSA in 2017 showed that most respondents recognised that everyone had a role to play in cybersecurity, and were concerned about cybersecurity risks. However, there were still gaps in habits when it came to password management and updating of software. To encourage adoption of good cybersecurity practices, the publication highlights four cyber tips o help readers go safe online.
Building up Singapore’s Cyber Resilience
A cyber-attack is inevitable. When it happens, it is important that Singapore is able to respond and recover expediently. CSA works closely with partners from the public and private sectors to build up Singapore’s cyber resilience. Efforts include the introduction of the new Cybersecurity Act to strengthen the protection of CII sectors, conducting regular cybersecurity exercises to raise CII sector readiness in responding and dealing with cyber incidents, as well as initiatives to develop a professional cybersecurity workforce.
CSA also reaches out to businesses and individuals to raise cybersecurity awareness and adoption through campaigns and platforms such as GoSafeOnline, SingCERT website and social media channels. Other efforts include the push for cybersecurity research and development to accelerate the growth of the industry to support Smart Nation initiatives. CSA also collaborates with international partners to build cyber capacity and drive the adoption of voluntary cyber norms for a “rules-based” international order in cyberspace.
David Koh, Commissioner of Cybersecurity and Chief Executive of CSA, said, “Given Singapore’s connectivity, what happens globally is often immediately felt here. As we continue our Smart Nation push, we have to raise our cyber hygiene and defences, especially against cyber-attackers who are getting better resourced and skilled. We need to play our part by being vigilant and adopting good cybersecurity practices to keep Singapore’s cyberspace safe and trustworthy for all.”