Over 9,000 cyber security cases reported in 2020—CSA

This is the second consecutive year that cases handled increased.

The Cyber Security Agency of Singapore (CSA) reported that 9,080 cybersecurity cases were handled in 2020, the second year the country saw an increase in cases, flagging concerns about malicious activities online amidst increased digitalisation due to the global pandemic.

CSA’s Singapore Computer Emergency Response Team said that cases in 2020 were higher than the 8,491 cases reported in 2019 and the 4,977 cases in 2018.

According to a CSA press release dated 8 July, the cases targeted areas such as e-commerce, data security, vaccine-related research and operations, and contact tracing operations.

It said that there were 89 ransomware cases reported last year, a steep increase of 154% from the 35 cases reported in 2019. The cases affected mostly small-and-medium enterprises in various sectors such as manufacturing, retail, and healthcare.

Local ransomware cases were likely influenced by the ransomware outbreak globally where the operators employ “increasingly sophisticated tactics” such as shifting from indiscriminate opportunistic attacks to a more targeted “Big Game Hunting,” adoption of “leak and shame tactics,” and the rise in “ransomware-as-a-service models,” it said.

CSA said ransomware “evolved into a massive and systemic threat, and is no longer restricted to the sporadic and isolated incidents observed.”

It cited the recent series of high-profile ransomware incidents affecting service providers such as fuel pipeline company Colonial Pipeline in the United States and meat processing company JBS in Brazil, which indicates that these attacks may have the potential to become national security concerns.

Website defacements in the country dropped 43% to 495 from 873 in 2019, the CSA said, noting that the majority of the victims were SMEs and no government websites were affected. The fall in number can be traced to global trends and suggests that activist groups could have turned to other platforms such as social media to embarrass victims and attract visibility for their causes.

The Singapore Police Force also reported that cybercrime cases increased to 16,117 in 2020 from 9,394 cases in 2019. Online cheating was the top cybercrime category, with the agency attributing the trend to growing online transactions due to the pandemic.

David Koh, Commissioner of Cybersecurity and Chief Executive of CSA, said, the previous year “was a watershed for digitalisation efforts across all parts of the economy and society” due to the challenges brought by the pandemic.

CSA also said the work from home setup and poorly configured network and software systems “exposed organisations to greater risk of cyberattacks.” It also said that attacks on supply chains are becoming more sophisticated, noting that compromise of a trusted supplier or software “can result in widespread repercussions worldwide, as victims could include major vendors with huge customer bases.”