Last year, more than 11 million cyberattacks originated from servers hosted in the little island, from 8th place in 2018.

The latest data from Kaspersky Security Network (KSN) has uncovered more than 11 million attacks caused by servers hosted in the Republic last year. While this represents a 150% decrease from the number of attacks caused by servers in 2018, Singapore continues to be a hotspot for originating cyberattacks, falling only two places to rank 10th worldwide in 2019.

The report also found that there is much more to go when it comes to building up cyber-resilience among individuals and businesses in Singapore, with 4,657,235 web threats detected, putting the city-state at 157th globally, a regression of only one position compared to the year before.

In Southeast Asia, the top 4 attack vectors of web-based threats are:

  1. Unintentional downloads of certain programs (or files) from the internet
  2. The download of malicious attachments from online e-mail services
  3. Browser extensions activity
  4. The download of malicious components or communications with command & control, run by other malware

While web-mining activity fell at the beginning of the year in Southeast Asia due to declining interest in cryptocurrencies, there was a significant growth in the number of online skimmers, using Trojan-PSW (Password Stealing Ware) to steal user account information such as logins and passwords from infected companies.

Says Yeo Siang Tiong, General Manager at Kaspersky, Southeast Asia: “Last year, Singapore’s cybersecurity landscape ended on a sombre note. The wave of cybersecurity breache—the leakage of personal data pertaining to 2,400 Ministry of Defence personnel, the Sephora hack, the exposure of over 800,000 blood donors’ personal details from the Health Sciences Authority database—are indicative that regardless of the statistics we have here, Singapore continues to be a key target for cybercriminals. The Singapore government is undoubtedly stepping up its efforts to build up its defences. For our part, we renewed our commitment to sharing threat intelligence with INTERPOL last year, as we believe that building cybersecurity capacity must be a shared responsibility.”

In this context, ‘local infection’ statistics for user computers can provide extremely important indicators as to how to improve cyber hygiene habits. Local infections refer to attacks caused by malware spread via removable USB drives, CDs, and DVDs, and other ‘offline’ methods. For example, Kaspersky detected 7,236,783 local incidents in 2019 for Singapore, as compared to 6,751,721 in the previous year.

In order to be secured against the evolving threats online and offline, security experts advise the following basic but important steps:

For businesses:

  • Secure internet access for your employees. Deploy solutions that can help provide multi-layered gateway level protection against the latest web-based threats and can block them before they reach your end points.
  • Raise your employees’ awareness of cybersecurity by educating them on good cyber hygiene. Awareness training can help develop cybersafe behavior by building your employee’s understanding of potential threats.
  • Configure your OS to avoid running anything from USB devices.

For consumers:

  • Use only USB devices, CDs and DVDs from trusted sources.
  • Carefully check every link before visiting a website, especially for misspelling or other irregularities, even if you think it is a site you have visited regularly before.
  • Enter your username and password only over a secure connection. NEVER log in or transact anything on ANY online banks and similar services via public Wi-Fi networks.
  • Be aware that URLs that begin with the “https” may not always be secure.
  • Never trust emails from unknown senders until you can verify the authenticity of their origins.
  • Always run a system with a quality, up-to-date anti-malware program that can help in observing many of the above precautions.