Singapore public organisation faced state-sponsored cyberattack last year: CSA

Singapore public organisation faced state-sponsored cyberattack last year: CSA

A man types on a computer keyboard in front of the displayed cyber code in this illustration picture taken Mar 1, 2017. (File Photo: Reuters/Kacper Pempel/Illustration)

SINGAPORE: An unidentified public organisation in Singapore faced a foreign "state-sponsored" cyberattack late last year, according to a report released by the Cyber Security Agency of Singapore (CSA) on Thursday (Sep 15). 

The group behind the attack, which was not known to be active in Asia up until then, was supported by a foreign government "to engage in cyber espionage to further their national interests". 

Investigations revealed that the advanced persistent threat (APT) malware infection was detected on only one of the organisation's computers, and did not spread beyond the single infected computer.

The computer did not contain sensitive information, added the report. 

The incident, which was described as more of an opportunistic, rather than a targeted attack, did not result in any data stolen, though the malware had the capability to do so. 

The attackers had used sophisticated anti-detection and infection techniques through a phishing email that allowed itself to access information through a backdoor. These activities were undetected as the warning indicators and malware signatures were not on known anti-malware databases, the report said.

HIGHEST NUMBER OF CYBERATTACKS IN HEALTHCARE

The report also highlighted that Singapore's healthcare sector experienced the highest number of cyberattacks compared with other sectors.

In a series of ransomware incidents, individual users in the sector were unable to access their encrypted files within their network. Investigations revealed that their computers were infected after opening attachments or clicking on links in their emails. 

The affected computers were subsequently isolated to prevent further spread of the infection, and were wiped clean and data restored from back-up systems. 

In an overview of cyberattacks that happened in 2016, the report said that small- and medium-size enterprises from a range of businesses were the main targets for website defacement. 

Statistics also showed that the proportion of cybercrime to overall crime cases rose from 7.9 per cent in 2014 to 13.7 per cent in 2016. 

Source: CNA/ad