News

Articles:

CSA Singapore Cyber Landscape 2017: Cyber threats in Singapore grew

CSA Singapore Cyber Landscape 2017: Cyber threats in Singapore grew, mirroring global trends

On 19 June, the Cyber Security Agency of Singapore
(CSA) released its Singapore
Cyber Landscape 2017 publication
, which highlights facts and figures
on cyber threats that Singapore faced in 2017, as well as the need to build up
cyber resilience.

The “Singapore Cyber Landscape 2017” publication reviews
Singapore’s cybersecurity situation in 2017 against the backdrop of global
trends and events, and highlights Singapore’s efforts in creating a safe and
trustworthy cyberspace.

CSA analyses multiple data sources to shed light on the
common cyber threats observed in Singapore’s cyberspace. Through case studies
of incidents in Singapore, it aims to raise awareness of cyber threats amongst
cyber stakeholders and the general public, and to offer practical and
actionable insights to better defend ourselves against ever-evolving cyber
threats.

“Given Singapore’s connectivity, what happens globally is
often immediately felt here. As we continue our Smart Nation push, we have to
raise our cyber hygiene and defences, especially against cyber-attackers who
are getting better resourced and skilled. We need to play our part by being
vigilant and adopting good cybersecurity practices to keep Singapore’s
cyberspace safe and trustworthy for all,” said Mr David Koh, Commissioner of
Cybersecurity and Chief Executive of CSA.

Key findings

According to the report, in 2017, the global cyber landscape
continued to evolve. Cyber threats continued to grow in frequency and impact.
Notably, there was a shift from profit-motivated attacks towards those aimed at
causing massive disruptions, such as the WannaCry ransomware campaign.

As a highly-connected country, Singapore’s cyber landscape
mirrored these global trends. Common cyber threats such as phishing, website
defacements, and malware infections also showed no signs of abating in 2017.

Credit: Cyber Security Agency of Singapore

Types of cyber
threats

(1)   
Website
defacement

In 2017, 2,040 website defacements were observed. Many
defacements were part of global mass defacement campaigns. The defaced websites
belonged mostly to Small and Medium Enterprises (SMEs) from a range of sectors
such as manufacturing, retail, and Information and Communications Technology
(ICT).

(2)   
Phishing

Phishing emails are one of the simplest and most effective
methods that hackers use to steal sensitive personal data such as passwords,
contact information, and credit card details, by tricking users into opening
dubious links or attachments.

In 2017, 23,420 phishing URLs with a Singapore-link were found.
The websites of large technology companies were commonly spoofed, making up
about 40% of the observed phishing URLs.

(3)   
Malware
infections

In 2017, CSA observed about 750 unique Command & Control
(C&C) servers in Singapore, and a daily average of about 2,700 botnet
drones with Singapore IP addresses. Of the more than 400 malware variants
detected in 2017, five were observed to have caused the majority of the
infections.

Conficker, Mirai, Cutwail, Sality, and WannaCry accounted
for more than half of the systems infected daily. The majority of these malware
are not new, suggesting that many victims are not scanning for viruses and
cleaning up their systems.

In terms of ransomware, Singapore was relatively unscathed
by major ransomware campaigns. In 2017, 25 cases of ransomware were reported to
SingCERT. Besides WannaCry, victims were infected by ransomware such as Cerber,
Dharma, and Sage, and faced ransom demands ranging between S$2,000 and S$4,000.

At the same time, the Singapore Police Force (SPF) reported that cybercrime
continued to rise in 2017, with 5,430 cybercrime cases reported. Between 2016
and 2017, cybercrime cases grew from 15.6% to 16.6% of total crimes, even as
overall crime fell.

Online cheating accounted for the majority of cybercrime
cases, with other cases involving compromised social media and SingPass
accounts, impersonation scams, ransomware and unauthorised access.

These are offences under the Computer Misuse and Cybersecurity
Act
. Singapore’s first conviction of a Dark Web-related crime took
place in November 2017.

The full document of the Singapore Cyber Landscape 2017 can
be found here.