A Global Issue: Cybercrime In Singapore

Uploaded on 2017-10-04 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

Singapore’s Cybercrimes nearly doubled in proportion between 2014 and last year, rising from 7.9 per cent to 13.7 per cent of all crimes, according to the inaugural Singapore Cyber Landscape report.

This issue is now global and is not being properly monitored or dealt with by the governmental authorities and national police forces.

The report by the Cyber Security Agency of Singapore (CSA) found that more than eight in 10 cybercrimes (83 per cent) involved online cheating. This was followed by unauthorised access to computer material (15 per cent) and cyber extortion (2 per cent).

The authorities received 19 reports of ransomware cases from individuals and small and medium enterprises (SMEs) last year, up from two cases in 2015. The figures could be under-reported as companies are reluctant to let their reputation take a hit, noted the agency.

Other cyber threats included phishing and defacements, 2,512 phishing URLs were detected and 1,750 websites were defaced last year.

Singapore’s high level of connectivity comes with a corresponding level of vulnerability, said CSA chief executive David Koh.

“While advances in digital technology have opened up new possibilities to enhance our lives, they have also exposed us to cyber threats that aim to cheat us, steal or alter our data, disrupt our daily business activities, and cripple our critical infrastructure.”

Offences under the Computer Misuse and Cybersecurity Act soared over the past three years, from 197 cases in 2014 to 691 cases last year. Criminals tend to make use of ransomware and hacking, as well as compromise online accounts, SingPass and Internet banking accounts.

Cyber criminals will continue to adopt “more sophisticated social engineering techniques to lure their victims”, said the CSA.

Victims of website defacements tend to be SMEs. One in 10 defaced websites were hosted on an outdated operating system, such as Windows Server 2003.

“Such operating systems may no longer have security patches for new vulnerabilities and hence are easier for hackers to exploit,” the CSA said.

Websites for banking and financial services were the most commonly spoofed here, forming 31 per cent of phishing websites found last year.

Electronic payments platform PayPal and file-hosting services such as Dropbox and Google Drive were popular targets, and even government bodies such as the Ministry of Manpower and the Immigration and Checkpoints Authority were not spared.

The CSA said attackers sought personal data, such as passport numbers, that could be traded in underground markets.

The Internet Surfing Separation policy, announced in June last year, would “go a significant way” towards securing the information communication technology environment for public agencies. By cutting off Internet access on work computers, cyber attackers will not be able to gain remote access to the Government’s network and extract data as easily, said the CSA.

The report also stated that around two in five security incidents (43 per cent) that individuals and SMEs flagged to the authorities involved phishing. “Cyber criminals may attack SMEs as a means of getting to larger corporations, to which SMEs are suppliers,” said the CSA.

Business email scams were one of the top cyber threats that SMEs faced last year, with millions of dollars lost through phishing scams, where hackers impersonated company executives or business partners via email, said the agency.

Accordingly, crime statistics reflected a 20 per cent jump in email impersonation scams between 2015 and last year.

Over 60 command and control servers were detected in Singapore’s cyber space last year. Hackers use these servers to communicate with malware-infected devices and carry out malicious attacks such as data theft, email spam campaigns and DDoS (Distributed Denial of Service) attacks.

A DDoS attack involves flooding a system with data, causing disruption to business operations or distracting victims from ongoing cybercrimes.

Singapore saw a spike in DDoS extortion threats last year, with several unnamed organisations receiving emails from hackers demanding payment in lieu of launching such attacks.

Stressing the importance of resilience in the cyber realm, Mr Koh said: “This is because it is impossible to prevent successful attacks 100 per cent of the time. As Singapore pursues its plans to build a Smart Nation, we cannot afford to ignore the threats that come with it.”

Today Online

You Might Also Read:

Singapore’s Mounting Cyber Threats:

Singapore Defense Ministry Under Remote Attack:

 

 

« The Shifting Sands of Cybersecurity
What Is Selling On the Dark Net? »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ISACA

ISACA

ISACA is a global professional association and learning organization for members who work in information security, governance, assurance, rissk and privacy.

Vanguard Integrity Professionals

Vanguard Integrity Professionals

Vanguard Integrity Professionals is an independent provider of enterprise security software solutions that address complex security and regulatory compliance challenges.

Nimbusec

Nimbusec

Nimbusec scans your website around the clock and informs immediately if it has been hacked or manipulated

Avanan

Avanan

Avanan is The Cloud Security Platform. Protect all your SaaS applications using tools from over 60 industry-leading vendors in just one click.

Airbus Cybersecurity

Airbus Cybersecurity

Airbus CyberSecurity is a European specialist in cyber security. Our mission is to protect governments, military and critical national infrastructure enterprises from cyber threats.

Temasoft

Temasoft

TEMASOFT is a software company focused on developing security and infrastructure products.

Extreme Protocol Solutions (EPS)

Extreme Protocol Solutions (EPS)

Extreme Protocol Solutions is an industry leading Data Sanitization Software, Hardware and Onsite Service Provider.

Sigma IT

Sigma IT

SIGMA IT is one of the largest IT services organizations in EMEA region providing a full range of solutions and services including cybersecurity, data protection and business continuity.

HITRUST Alliance

HITRUST Alliance

HITRUST provides widely-adopted common risk and compliance management frameworks, related assessment and assurance methodologies.

ThriveDX

ThriveDX

ThriveDX, the world’s premier EdTech provider (formerly HackerU), champions digital transformation training as a means of empowering individuals to thrive in the age of digital disruption.

Quantexa

Quantexa

Quantexa automates millions of operational decisions, at scale, across multiple business units, including Anti-Money Laundering, Know-Your-Customer, Fraud, Credit Risk and Customer Intelligence.

Chainguard

Chainguard

Founded by the industry's leading experts on open source software, security and cloud native development, Chainguard are on a mission to make the software supply chain secure by default.

JLS Technology

JLS Technology

Since 2007, JLS Tech has been recognized as one of the world’s most innovative cybersecurity and technology operations leaders.

Cyborg Security

Cyborg Security

Cyborg Security is a team of threat hunters, threat intelligence analysts, and security researchers from across North America.

Windstream

Windstream

Windstream is a leading provider of advanced network communications and technology solutions for consumers, small businesses, enterprise organizations and carrier partners across the US.

Ark Infotech

Ark Infotech

Ark Infotech is a provider of cloud management services, selective support services, and technology solutions.