CNA – Firms and individuals in Singapore faced an increased number of cybercrime, phishing and ransomware threats last year, according to a report released by the Cyber Security Agency of Singapore (CSA) yesterday.
There were 137 ransomware cases in 2021, a 54 per cent jump from the 89 reported in 2020.
In a ransomware attack, hackers – or threat actors – use malicious software to encrypt files on a device, then demand ransom to undo their work.
The cases affected mostly small-and-medium enterprises (SMEs) from sectors such as manufacturing and IT, said CSA in its annual Singapore Cyber Landscape publication.
“The around-the-clock nature of these sectors’ operations did not provide for much time to patch their systems, thus potentially allowing ransomware groups to exploit vulnerabilities,” the agency added.
Ransomware groups targetting SMEs used a model known as “Ransomware-as-a-Service”, which makes sophisticated ransomware strains accessible to less technically adept cybercriminals.
This made it easier for amateur hackers to use existing infrastructure to distribute ransomware payloads, said CSA.
Phishing cases also rose by 17 per cent last year, with about 55,000 unique Singapore-hosted phishing URLs – with a “.sg” domain – observed.
In 2020, there were 47,000 such URLs identified.
Phishing refers to the practice of inducing people to reveal their personal information such as account passwords and credit card numbers.
Social networking firms made up more than half of the spoofed targets of phishing cases, said CSA.
Scammers also exploited the COVID-19 pandemic amid the Omicron variant outbreak in late 2021 to spoof government websites, said CSA.
The Singapore Police Force also reported cybercrime as a key concern, with 22,219 cases recorded last year – up 38 per cent from 16,117 cases in 2020.
Online scams made up the top cybercrime category in Singapore, accounting for 81 per cent of the cases. Of the rest, 17 per cent were Computer Misuse Act offences and two per cent were cyber extortion cases. CSA also noted there were 3,300 malicious command and control servers hosted in Singapore last year, more than a three-fold increase from 1,026 in 2020.
This was also the largest number of servers recorded since 2017.
These servers are centralised devices operated by attackers to maintain communications with compromised systems – known as botnets – within a targetted network.
About 4,800 botnet drones with Singapore IP addresses were detected daily last year, a 27 per cent drop from the daily average of 6,600 in 2020.
Cases of website defacements also fell by 15 per cent from 495 in 2020 to 419 last year, with most of the victims being SMEs.
This could be attributed to hacktivist activities moving to other platforms with potentially wider reach such as social media sites, said CSA.
In its report, CSA also highlighted the possibility of a world of differing cyber norms, ecosystems and standards in the near future, sparked by decreased global reliance on Western technology due to geopolitical tensions such as the Russia-Ukraine conflict.
“Russia had previously faced a major hurdle in decoupling from United States (US) technology, due to the risks that various payment services and product offerings used by Russian citizens would be suspended,” said CSA.
With sanctions imposed by Western technology firms following Russia’s invasion of Ukraine, Russia’s desire to wean itself off such tech is “very likely to strengthen”, the agency added.
Countries such as China are also seeking to gain self-sufficiency in advanced technology areas, said CSA.
The agency also observed that cybercriminal and hacktivist groups are taking sides in the Russia-Ukraine conflict and engaging in more malicious cyber activities for politically motivated purposes.
“This development increases the risk of reprisals, as any serious cyber incident by these groups may be used as a pretext for escalation by one side or the other,” said CSA.
Crypto-based crime has also been on the rise, largely through the use of peer-to-peer financial platforms that enable direct transactions.
The borderless accessibility of the platforms as well as anonymity features have made it difficult to track illicit activity and enforce regulations across borders, said CSA.
“Such challenges further embolden cybercriminals to perpetuate more of such crypto-based scams,” it added.