Cybercrime jumps more than 50% in 2019, new threats emerge from COVID-19 pandemic

Cybercrime jumps more than 50% in 2019, new threats emerge from COVID-19 pandemic

person using computer
A person using a laptop. (File photo: AFP)

SINGAPORE: Cybercrime cases jumped by more than 50 per cent last year, accounting for more than a quarter of all crimes in committed in the country, said the Cyber Security Agency of Singapore (CSA) in its annual report published on Friday (Jun 26).

There were 9,430 cybercrime cases reported last year, up 51.7 per cent from the 6,215 cases reported in 2018, according to the key findings from the Singapore Cyber Landscape 2019 report. The common types of cybercrime were e-commerce scams, phishing and malware attacks.

The CSA, an agency managed by the Ministry of Communications and Information, said its data revealed how threats and attacks have grown in both “scale and complexity".

The COVID-19 pandemic has also created a new raft of vulnerabilities, with attackers exploiting the panic and fear to seek financial gain or gain access to classified information.

“Since its emergence in late-2019, COVID-19 has quite literally wreaked havoc all over the world … Even as nations fight to stem the effects of this pandemic, threat actors have brazenly exploited public fear and uncertainty over the coronavirus to carry out malicious cyber activities,” said Mr David Koh, CSA’s commissioner of cybersecurity and chief executive.

E-COMMERCE SCAMS REMAIN THE TOP SCAM TYPE IN SINGAPORE

E-commerce scams remained the top scam type in Singapore last year, with victims losing S$2.3 million, up from S$1.9 million in 2018.

In all, there were 2,809 such cases reported last year, a 30 per cent increase from 2,161 cases in 2018. Victims continued to fall for “too-good-to-be-true” online deals involved electronic gadgets and event tickets, said CSA.

"As one of the most connected countries in the world, Singapore remains a target for cyberattacks and cybercrime. Threat actors have continued to evolve their tactics, resulting in an intensification of malicious cyber activities in 2019,” said Mr Koh.

READ: Why scam cases continue to rise and what is being done about them

Phishing – where an attacker impersonates trusted organisations and individuals to steal sensitive data from victims – also remained a popular tactic, with the number of phishing URLs detected by CSA jumping about 200 per cent to 47,500 in 2019.

The Immigration and Checkpoints Authority, Ministry of Manpower and Singapore Police Force were the most commonly impersonated government organisations, the report said.

COVID-19 RISKS

CSA's report also captured the global rise of cyberattackers capitilising on the COVID-19 pandemic and work-from-home arrangements.

With more people working from home during the pandemic, applications that facilitate telecommuting have skyrocketed in popularity. But these contain vulnerabilities that attackers can exploit to sneak into meetings or steal information, said the report.

READ: MOE will allow teachers to 'progressively' resume use of Zoom, police reports filed on recent breaches

The pandemic has increased organisations’ exposure to hacking attempts “given that home networks are usually less secured than corporate networks”, said the report. Working from home may also result in occasional lapses in “security consciousness”.

“People may show greater willingness to take on calculated security risks and trade-offs in order to get work done, such as discussing urgent classified work with colleagues over unsecured video conference calls,” said CSA.

Remote working has also meant that more companies have moved into cloud computing and adopt the use of artificial intelligence and 5G networks, intensifying the risk of cyberattacks.

“As more individuals and businesses go online amid the pandemic, cybercriminals have capitalised on the situation to carry out malicious activities,” said Minister for Communications and Information S Iswaran in a Facebook post after the release of the report.

During the “circuit breaker” period that Singapore imposed to stem the spread of COVID-19, Singapore saw evidence of more cyberattacks.

From March to May, CSA observed more than 1,500 malicious phishing URLs targeting Singapore – more than double from the previous three months, said Mr Iswaran.

Additionally, there have also been attacks on healthcare systems around the world.

“Such attacks are unacceptable. They put lives at risk and impede the critical work of healthcare and frontline agencies in managing the pandemic,’’ said Mr Iswaran.

To combat the rise of cybercrime, the CSA said it will continue to work with both public and private organisations to strengthen cyber resilience. It conducts regular drills to ensure that businesses are ready to respond to threats and have robust infrastructures to do so.

Source: CNA/ga(aj)

Bookmark