Singapore is facing a marked surge in cyber attacks, according to the latest report from the authorities. The findings reveal that nearly 300,000 systems were infected over the past year, more than double the figure recorded the year before. Officials cautioned that even this sharp rise is likely an undercount, as many incidents are believed to go unreported, suggesting the true scale of the problem could be even larger.
Among the most pressing concerns flagged by the Cyber Security Agency are so-called advanced persistent threats, sophisticated campaigns frequently linked to state-backed actors. The report singled out UNC-3886, a group that managed to breach all four of Singapore's telecommunications operators, an intrusion that underscored the vulnerability of critical national infrastructure to determined and well-resourced attackers.
The watchdog is also keeping a close eye on developments in artificial intelligence, wary of how the technology could be exploited to make attacks faster and harder to detect. At the same time, the report highlighted the booming market for malware-as-a-service, in which criminal groups build ever larger botnets and rent them out to others to carry out a range of different attacks.
Ransomware remained a significant threat over the period, with 165 cases reported. In these incidents a victim's data is locked and effectively held hostage until a payment is made. The activity comes amid a broader global surge in attempts to sell compromised data on the dark web, feeding a criminal ecosystem that profits from stolen information.
The impact has not been spread evenly across the economy. According to the report, small and medium enterprises were the most affected by the wave of attacks, with businesses in the wholesale and retail trade among the hardest hit. Such firms often lack the dedicated resources and specialised expertise needed to defend against increasingly advanced threats.
Alongside the warnings, the authorities also pointed to measures aimed at strengthening defences for ordinary users. Logging into SingPass, the national digital identity service, is set to become safer and simpler with a new passkey option designed to replace passwords, a change intended to make it harder for criminals to succeed with phishing scams that prey on stolen login credentials.