Singapore firms point to ransomware as most common attack mode

Some 96 percent of Singapore businesses experienced a security breach in the past year, during which ransomware was the most frequently used attack mode followed by malware and Google Drive.
Written by Eileen Yu, Senior Contributing Editor

Some 96 percent of Singapore companies admitted to experiencing a security breach in the past year, of which 28 percent said ransomware was the most frequently used attack mode. Another 25 percent selected malware as the attack type most commonly encountered, while 11 percent said it was cloud data breaches, specifically, Google Drive. 

Cyberattacks are also on the rise, with 92 percent surveyed noting an increase in attack volumes, according to a survey conducted by research firm Opinion Matters. Commissioned by security vendor Carbon Black, the study polled 250 chief information, technology, and cybersecurity officers in Singapore, from industries that included financial, healthcare, government, and retail.  

Some 95 percent of respondents described cyber attacks as more sophisticated than before. Of those, 14 percent highlighted phishing attacks as the cause of successful breaches -- suggesting that the human link played a key role in attacks. Another 12 percent named weakness in processes as the cause of breaches, the survey found. 

Amongst companies in the manufacturing and engineering sector, almost two-thirds had suffered a breach three to five times in the past 12 months, with 23 percent pointing to third-party applications as well as ransomware as the main causes of successful breaches.

Across the board, 97 percent of Singapore companies planned to expand their spending on cyberdefence. In fact, 79 percent said they actively conducted threat-hunting efforts, where 34 percent had done so for more than a year. 

In a recent survey by Citrix, 95 percent of employees in Singapore were found to be using applications not approved for the office and 85 percent of businesses expressed concern that they would not be able to respond to a data breach in compliance with regulations, such as the General Data Protection Regulation (GDPR). 

The country last month introduced changes to existing guidelines on technology risk and business continuity management that would require financial organisations to implement more measures to boost their operational resilience. These aimed to better prepare them for a physical and cybersecurity threat landscape that is rapidly changing, according to industry regulator Monetary Authority of Singapore.

There had been a spate of data security breaches over the past year, several of which targeted Singapore's public sector and resulted in the personal information of 808,201 blood donors and 14,200 individuals with HIV being compromised. Personal data of another 1.5 million SingHealth patients were also compromised last July in what was described as Singapore's most serious data security breach.


Singapore public sector reports yet another security lapse

Following a spate of data breaches affecting healthcare patients in Singapore, another lapse has occurred. A server containing personal information of 808,201 blood donors was not properly secured by a third-party vendor, potentially exposing data such as blood type and national identification number.

Singapore proposes new security guidelines to beef up financial resilience

Monetary Authority of Singapore is looking to introduce changes to existing technology risk and business continuity management guidelines that will require financial organisations to implement more measures, including cyber surveillance, to boost operational resilience.

Hacker group behind SingHealth data breach identified, targeted mainly Singapore firms

Hackers that compromised the data of 1.5 million healthcare patients have been identified as a group that launched attacks against several organisations based in Singapore, including multinational firms with operations in the country, and is likely part of a larger operation targeting other countries and regions.

Singapore now able to certify products under global cybersecurity standard

Now a certificate authorising nation for the Common Criteria, Singapore is one of 18 countries that can assess and certify cybersecurity products under the technical standard, which it says will enable local developers to attain the certification more quickly and at a lower cost.

Most Singapore employees using unapproved apps for work

To get work done, 95 percent of employees in the country acknowledge using applications not sanctioned for use in the office and while 98 percent of businesses have kicked off their digital transformation plans, just 18 percent have reached maturity.

Editorial standards