Singapore is facing a concerning surge in cyberattacks, with malware infections spiking by a staggering 67% in 2024. According to the Cyber Security Agency of Singapore (CSA), the number of infected systems jumped from approximately 70,200 in 2023 to 117,300 in 2024. This alarming increase is largely attributed to a failure by users to update and patch vulnerable software.
The Botnet Threat
The CSA's annual Singapore Cyber Landscape report highlights a significant rise in infected botnet drones. These drones, comprised of compromised computers, servers, and Internet of Things (IoT) devices, are controlled remotely by botnet operators. Threat actors exploit vulnerabilities in network edge devices such as routers, web cameras, and smart TVs to gain access and take control.
What's particularly troubling is that many of these infections involve old malware strains with readily available fixes. This suggests a widespread lack of vigilance in applying security updates, leaving systems exposed to known threats.
APT Groups and Critical Infrastructure
The report also notes a global increase in Advanced Persistent Threat (APT) activity, with Southeast Asia, including Singapore, being targeted for espionage purposes. These state-sponsored groups and sophisticated criminal organizations are focusing on government and critical infrastructure, posing a significant risk to national security.
Ransomware attacks are also on the rise. Reported cases increased from 132 in 2023 to 159 in 2024. This, coupled with the surge in infected infrastructure, underscores the urgent need for improved cybersecurity practices.
What Can Be Done?
The CSA is taking steps to address these threats, including participating in international operations to dismantle botnets and collaborating with critical infrastructure owners to protect their systems and supply chains. They also conducted Exercise Cyber Star to test participants' abilities to respond to cyber threats.
However, individual users and organizations must also take responsibility for their own cybersecurity. This includes:
- Regularly updating software and patching vulnerabilities.
- Implementing strong passwords and multi-factor authentication.
- Being cautious of phishing emails and suspicious links.
- Investing in cybersecurity training for employees.
The rising tide of cyberattacks in Singapore serves as a stark reminder of the importance of proactive cybersecurity measures. By taking steps to protect themselves, individuals and organizations can help to reduce their risk of becoming victims of cybercrime.