Singapore faced more cybercrime, phishing and ransomware threats in 2021
Online scams made up the top cybercrime category in Singapore, accounting for 81 per cent of cases.
SINGAPORE: Firms and individuals in Singapore faced an increased number of cybercrime, phishing and ransomware threats last year, according to a report released by the Cyber Security Agency of Singapore (CSA) on Monday (Aug 29).
There were 137 ransomware cases in 2021, a 54 per cent jump from the 89 reported in 2020.
In a ransomware attack, hackers - or threat actors - use malicious software to encrypt files on a device, then demand ransom to undo their work.
The cases affected mostly small-and-medium enterprises (SMEs) from sectors such as manufacturing and IT, said CSA in its annual Singapore Cyber Landscape publication.
"The around-the-clock nature of these sectors’ operations did not provide for much time to patch their systems, thus potentially allowing ransomware groups to exploit vulnerabilities," the agency added.
Ransomware groups targeting SMEs used a model known as "Ransomware-as-a-Service", which makes sophisticated ransomware strains accessible to less technically adept cybercriminals.
This made it easier for amateur hackers to use existing infrastructure to distribute ransomware payloads, said CSA.
Phishing cases also rose by 17 per cent last year, with about 55,000 unique Singapore-hosted phishing URLs - with a ".sg" domain - observed.
In 2020, there were 47,000 such URLs identified.
Phishing refers to the practice of inducing people to reveal their personal information such as account passwords and credit card numbers.
Social networking firms made up more than half of the spoofed targets of phishing cases, said CSA.
Scammers also exploited the COVID-19 pandemic amid the Omicron variant outbreak in late 2021 to spoof Government websites, said CSA.
ONLINE SCAMS THE NO.1 CYBERCRIME
The Singapore Police Force also reported cybercrime as a key concern, with 22,219 cases recorded last year - up 38 per cent from 16,117 cases in 2020.
Online scams made up the top cybercrime category in Singapore, accounting for 81 per cent of the cases.
Of the rest, 17 per cent were Computer Misuse Act offences and 2 per cent were cyber extortion cases.
CSA also noted there were 3,300 malicious command and control servers hosted in Singapore last year, more than a three-fold increase from 1,026 in 2020.
This was also the largest number of servers recorded since 2017.
These servers are centralised devices operated by attackers to maintain communications with compromised systems - known as botnets - within a targeted network.
About 4,800 botnet drones with Singapore IP addresses were detected daily last year, a 27 per cent drop from the daily average of 6,600 in 2020.
Cases of website defacements also fell by 15 per cent from 495 in 2020 to 419 last year, with most of the victims being SMEs.
This could be attributed to hacktivist activities moving to other platforms with potentially wider reach such as social media sites, said CSA.
RUSSIA-UKRAINE CONFLICT, CRYPTO SCAMS ARE TRENDS TO WATCH
In its report, CSA also highlighted the possibility of a world of differing cyber norms, ecosystems and standards in the near future, sparked by decreased global reliance on Western technology due to geopolitical tensions such as the Russia-Ukraine conflict.
“Russia had previously faced a major hurdle in decoupling from US technology, due to the risks that various payment services and product offerings used by Russian citizens would be suspended,” said CSA.
With sanctions imposed by Western technology firms following Russia’s invasion of Ukraine, Russia’s desire to wean itself off such tech is “very likely to strengthen”, the agency added.
Countries such as China are also seeking to gain self-sufficiency in advanced technology areas, said CSA.
The agency also observed that cybercriminal and hacktivist groups are taking sides in the Russia-Ukraine conflict and engaging in more malicious cyber activities for politically motivated purposes.
“This development increases the risk of reprisals, as any serious cyber incident by these groups may be used as a pretext for escalation by one side or the other,” said CSA.
Crypto-based crime has also been on the rise, largely through the use of peer-to-peer financial platforms that enable direct transactions.
The borderless accessibility of the platforms as well as anonymity features have made it difficult to track illicit activity and enforce regulations across borders, said CSA.
"Such challenges further embolden cybercriminals to perpetuate more of such crypto-based scams," it added.
CSA also identified a trend of cybercriminals targeting critical Internet of Things (IoT) devices in ransomware attacks, leading to significant downtime costs.
"Employees have also been known to connect their personal IoT devices to the organisation’s networks without the knowledge of security teams," the agency added.
"Should organisations in critical, time-sensitive industries such as healthcare be infected with ransomware, there could be serious, life-threatening consequences."
CYBERSECURITY A 'TEAM SPORT'
Improving awareness and adopting good cybersecurity practices is key to enabling a digital economy and digital way of life, said CSA.
The agency launched initiatives such as the SG Cyber Safe Programme last year to help companies better protect themselves online, and has also introduced cybersecurity toolkits catered to different enterprise roles.
CSA also worked with the Infocomm Media Development Authority (IMDA) to offer SMEs pre-approved cybersecurity solutions.
"The cyber landscape in 2021 was fraught with increasingly sophisticated threats and more brazen threat actors," said Mr David Koh, commissioner of cybersecurity and chief executive of CSA.
"The Government has stepped up efforts to work with our stakeholders to do more, but cybersecurity is a team sport. Only by banding together and working across borders, do we stand a fighting chance against the ever-evolving threat," he added.