Ransomware made up 58% of cyber incidents in 2025
The firm warned that AI-driven scams and nation-state activity could heighten risks in 2026.
Ransomware accounted for 58% of all recorded cyber incidents in Singapore in 2025, making it the country’s most prevalent cyber threat, according to Check Point Software Technologies.
In its Singapore Cyber Threat Landscape 2025 report, Check Point said more than 130 major cyber incidents were recorded during the year, affecting both the public and private sectors.
The report found that more than 60 ransomware cases were recorded in 2025, with groups such as Qilin and Lynx driving the surge through double-extortion tactics. These attacks involve both exfiltrating and encrypting sensitive data.
In one cited incident, a local chemical manufacturer allegedly lost 165 GB of sensitive data to Qilin.
Government sites were the primary targets for disruption. About 44% of distributed denial-of-service victims were in the government sector, with most targets using the gov.sg domain. Business services followed at 30%.
Business services and retail were amongst the most targeted sectors, reflecting Singapore’s role as a global financial and data hub.
Business services accounted for 32% of targeted sectors, whilst retail was highlighted as the most vulnerable to data breaches, making up 42% of all breach incidents in 2025.
Check Point also attributed information system disruptions largely to hacktivist collectives, including HIME666 and NullSec Philippines.
Rebecca Law, country manager for Singapore at Check Point Software, said Singapore’s status as a global digital hub makes it a primary target for both financially motivated criminals and strategic nation-state actors.