Skip to main content
A Singapore Government Agency Website How to identify
Official website links end with .gov.sg
Government agencies communicate via .gov.sg websites (e.g. go.gov.sg/open). Trusted websites
Secure websites use HTTPS
Look for a lock () or https:// as an added precaution. Share sensitive information only on official, secure websites.

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
Press Releases

Fewer Cases of Common Cyber Threats Detected in Singapore in 2018

18 June 2019

CSA’s 2018 report shows a decrease in common threats like phishing and defacements, yet cybercrime cases and losses rose significantly. While typical attacks dropped, sophisticated threats from advanced actors persist, notably targeting SMEs and financial sectors. With trends pointing toward more data breaches and AI-driven malware, the CSA emphasizes the need for vigilant, collective defense.

scl2019

Singapore continues to be the target of cyber-attacks by advanced threat actors

1              The number of common cyber threats detected in Singapore saw a decrease in 2018, although Singapore continues to be the target of cyber-attacks by advanced actors. These are findings released by the Cyber Security Agency of Singapore (CSA) in the Singapore Cyber Landscape 2018 publication today. 

2              Common cyber threats – such as website defacements, phishing, ransomware and Command and Control (C&C) servers – were observed to have decreased in 2018 compared to the year before.

  1. Website defacements. 605 website defacements were detected in 2018, as compared to 2,040 in 2017. Most of the defaced websites belonged to Small and Medium Enterprises (SMEs), although larger organisations as well as two Singapore Government websites were also affected. Notably, CSA observed a spike in defacements in November 2018, likely caused by an attacker exploiting vulnerabilities in an unpatched web server. 101 websites - belonging to various businesses hosted on this web server - were compromised by the same attacker in a single day.

  2. Phishing. There was a 30 per cent decrease in phishing URLs with a Singapore-link, from 23,420 URLs in 2017 to 16,100 URLs in 2018. Phishing emails typically spoof a legitimate source to trick users into clicking on dubious links or opening file attachments. Companies in the banking and financial services, technology and file hosting services made up almost 90 per cent of spoofed companies in 2018.

  3. Ransomware. 21 ransomware cases were reported to CSA in 2018, a decrease from 25 in 2017. Ransomware remains lucrative and continues to evolve in sophistication. GandCrab, one of the more aggressive forms of ransomware, infected a private financial institution in Singapore in February 2018. Europol has warned that targeted attacks which are tailored to specific organisations such as GandCrab and SamSam, may become the new normal.

  4. Command and Control (C&C) servers. In 2018, CSA observed about 300 unique C&C servers in Singapore, a 60 per cent decrease from 2017. In addition, almost 2,900 botnet drones with Singapore IP addresses were observed on a daily basis in 2018. Of the 470 malware variants detected in 2018, five – Gamarue, Conficker, Mirai, WannaCry and Gamut – accounted for over half of the observed infections.  The prevalence of these malware variants indicate that many users have yet to adopt protective measures such as patching their devices and using anti-virus software.

Cybercrime cases continue to rise

3              The Singapore Police Force reported that cybercrime continued to rise, with 6,179 cases reported in 2018 and accounting for about 19 percent of the overall crime in Singapore. 1,204 cases were investigated under the Computer Misuse Act, an increase of about 40 per cent compared to 2017. Online scams continued to be a concern, with about 2,125 e-commerce scams reported in 2018, where victims lost a total of about S$1.9 million. 70 per cent of such scams took place on e-commerce platform Carousell, and involved electronic products and tickets to events and attractions. Separately, 378 business email impersonation scams were observed in 2018, up from 332 cases in 2017. Businesses in Singapore suffered losses of close to S$58 million in 2018, an increase of about 31 per cent from 2017.

Need to strengthen collective cybersecurity

4              Despite the decrease in the number of common cyber threats detected in 2018, Singapore has been, and will continue to be, the target of cyber-attacks by Advanced Persistent Threat (APT) groups and other actors. In 2018, notable incidents included cyber-attacks on SingHealth and a number of universities in Singapore. Other incidents where SingCERT rendered assistance included a compromise on a training institute’s web servers by crypto-mining malware and an email extortion scam on a member of the public by a scammer using the victim’s leaked email address and password. These incidents highlight the need for organisations, businesses and individuals to stay vigilant and strengthen their cybersecurity to keep pace with increasingly targeted and sophisticated threats.  

5              The report also identified six anticipated cybersecurity trends in the near future. These include more frequent data breaches, increased threat to global supply chains and more disruptive attacks against the Cloud. Smart buildings and connected systems will also face greater risks of attacks, given the proliferation of Internet of Things (IoT) devices and connected industrial control systems. In addition, threat actors may leverage on Artificial Intelligence (AI) to search for vulnerabilities and create smarter malware. They are also likely to target and manipulate biometric data to build virtual identities and gain access to personal information.

“Cybersecurity incidents made some of the biggest headlines in 2018. Data breaches across various industries affecting high-profile organisations were reported but smaller businesses and individual users were not spared either. We have to learn from these incidents and push further in our cybersecurity efforts collectively as a nation, so that we can defend ourselves against increasingly sophisticated threats and prepare ourselves for a digital future.” 

Mr David Koh
Chief Executive, Cyber Security Agency of Singapore (CSA)

Please refer to Appendix A [257kb] for an overview of Singapore’s cyber threats in 2018. 

Please refer to this link for the report.

[1] On 22 March 2018, the City of Atlanta in the US state of Georgia suffered a ransomware attack which affected several local government systems and disrupted businesses. Almost US$17 million was reportedly spent in recovery efforts. The ransomware used in the attack, dubbed ‘SamSam’, was also linked to another ransomware attack on the Port of San Diego in September 2018.

About Cyber Security Agency of Singapore

Established in 2015, the Cyber Security Agency of Singapore (CSA) seeks to keep Singapore’s cyberspace safe and secure to underpin our Nation Security, power a Digital Economy and protect our Digital Way of Life. It maintains an oversight of national cybersecurity functions and works with sector leads to protect Singapore’s Critical Information Infrastructure. CSA also engages with various stakeholders to heighten cyber security awareness, build a vibrant cybersecurity ecosystem supported by a robust workforce, pursue international partnerships and drive regional cybersecurity capacity building programmes.

CSA is part of the Prime Minister’s Office and is managed by the Ministry of Digital Development and Information. For more news and information, please visit www.csa.gov.sg.



Back to top