SINGAPORE – Almost 1,800 website defacements were reported last year, but this is just the tip of the iceberg, said a newly-released report by the Cyber Security Agency of Singapore (CSA).
More malicious attacks such as the spread of ransomware was reported 19 times last year, up from two cases the year before, but CSA said these cases tend to be under reported.
For instance, cyber security software firm Trend Micro detected about 550 ransomware-related threats in Singapore each day.
Ransomware is malware often delivered via e-mail that infects unprotected computers in a network, and locks them down with a note demanding for ransom. The most notable example this year was WannaCry, which infected computers tied to some 500 Internet protocol addresses or Internet accounts in Singapore in May although Singapore escaped largely unscathed.
“Major cyber-attacks in the first half of 2017 continue to put everyone on alert. The WannaCry and NotPetya cyber-attacks led to disruptions in many services (globally),” said Mr David Koh, chief executive of CSA.
“Singapore is especially vulnerable due to its high Internet penetration rate,” according to the inaugural report, dubbed Singapore Cyber Landscape 2016, put up on CSA’s website on Thursday (Sept 14).
Individuals and small- and medium-sized enterprises accounted for most of the ransomware cases reported to CSA last year.
Overall, ransomware and the hacking of online accounts, among other crimes, committed under the Computer Misuse and Cybersecurity Act more than doubled to 691 cases last year from the year before.
In 2016, more than 2,500 phishing cases – where cybercriminals disguised as representatives from legitimate Singapore organisations, usually in e-mails – were also reported.
In these cases, the cyber criminals try to trick victims into revealing data such as e-banking usernames and passwords.
Websites belonging to the Ministry of Manpower and Immigration & Checkpoints Authority were spoofed last year, but bank websites topped the spoofed list.
CSA also highlighted the growing threat of advanced persistent threats (APTs), which are stealthy and continuous computer hacking processes to gain intelligence or steal information from another party.
For instance, late last year, CSA was alerted to an APT malware infection in a Government organisation.
The malware was found in an Internet-facing computer, which had not been used to process sensitive information.
CSA’s investigation showed it was the work of a state-sponsored hacker, which had not been known to be active in Asia. CSA did not identify the foreign Government behind this attack.
Investigations also concluded that data was not exfiltrated. Neither did the malware spread to other computers. Security software could not catch the malware as it was not known until then.
Attacks by hackers on National University of Singapore and Nanyang Technological University, discovered in April this year, were also aimed at stealing government and research data. NTU and NUS are involved in government-linked projects for the defence, foreign affairs and transport sectors.
CSA said the Singapore Government’s Internet Surfing Separation policy, fully implemented in May this year, “will go a significant way towards securing the Government’s network”.
Since May, all 143,000 public servants’ work computers have no Web surfing capabilities to plug potential leaks from work e-mail and shared documents amid heightened security threats. Public servants, however, can surf on dedicated Internet terminals supplied or on their personal mobile devices.
“In removing the link between the public officers’ computers from the Internet, it can disrupt the attackers’ cyber kill chain. Without a path out to the Internet, the attacker will not have remote access to the Government’s network, and will not be able to extract data as easily,” said CSA in the report.
More Info: www.straitstimes.com