Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
Malvertising campaign targets Android users with advanced crypto-steal...
How are people in 15 countries leveraging AI for travel planning?
Insider threats cited alongside external attacks in terms of severity:...
How are people in 15 countries leveraging AI for travel planning?
North America financial institutions lead surge in financial regulator...
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      Resilience the true benchmark for smart infrastructure

      Resilience the true benchmark for smart infrastructure

      Wednesday, August 27, 2025, 8:21 PM Asia/Singapore | Features, IoT Security
    • Featured

      Deepfake a crisis of trust, not just technology

      Deepfake a crisis of trust, not just technology

      Tuesday, August 19, 2025, 10:06 AM Asia/Singapore | Features
    • Featured

      When talking sense into AI power mongers fails, talk $$$: A message from AI

      When talking sense into AI power mongers fails, talk $$$: A message from AI

      Thursday, August 14, 2025, 12:26 PM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • Awards 2025
  • Directory
  • E-Learning

Select Page

Cyberthreat LandscapeTips

APT threats: Prevention is better than cure

By JP Yu, VP, Southeast Asia and Korea, Proofpoint | Wednesday, August 13, 2025, 2:55 PM Asia/Singapore

APT threats: Prevention is better than cure

Strengthening Singapore’s – and Asia Pacific’s – cyber defenses against escalating APT threats to critical infrastructure.

Singapore is confronting an increasingly hostile cyberthreat landscape. Coordinating Minister for National Security K Shanmugam recently confirmed that the nation is actively responding to a “highly sophisticated threat actor” targeting its critical infrastructure. This isn’t an isolated incident — it’s part of a broader, sustained campaign by advanced persistent threat (APT) groups.

Today’s APT campaigns are smarter, faster, and more evasive. Asia-Pacific (APAC) accounts for the largest share (42%) of recorded exploitation attempts. Threat actors can leverage artificial intelligence, automation, and zero-day exploits to breach systems with surgical precision.

These actors are no longer content with reconnaissance. They’re embedding themselves deep within critical infrastructure, laying the groundwork for potential future disruption at a scale we’ve never seen before. The result is a threat environment that is dynamic, complex, and unforgiving.

This shift is a wake-up call for organizations across Singapore, especially those operating in critical infrastructure sectors such as energy, transport, finance, and healthcare. The stakes are high: a successful breach could compromise sensitive national data, disrupt essential services, and erode public trust.

Targeting humans: the new frontline

Unlike opportunistic cybercriminals, APT actors are patient, well-funded, and strategic. Often backed by nation-states or sophisticated criminal networks, they use spear-phishing, credential harvesting, and lateral movement to maintain persistence within target environments.

Proofpoint’s latest Human Factor 2025 Report reveals a striking trend:

  • 25% of all state-sponsored phishing campaigns now begin with “benign” emails designed to build trust.
  • 90% of these messages feign interest in collaboration or engagement.

For example, North Korean actor TA427 uses journalist personas to probe sensitive geopolitical issues, while Iran’s TA453 employs similar tactics in Middle Eastern affairs. These campaigns are increasingly psychological, exploiting human curiosity and trust rather than technical vulnerabilities.

Singapore’s strategic role as a regional financial hub makes it a high-value target. As our systems become more interconnected, our risk surface expands. The recent alert from the Cyber Security Agency of Singapore (CSA) regarding rising threats to critical information infrastructure (CII) underscores the urgency for a coordinated and resilient cyber defense posture.

Raising the bar: beyond compliance

To defend effectively against APTs, organizations must go beyond checkbox compliance. Owners of Singapore’s Critical Information Infrastructure (CII) across 11 sectors will soon be required to report incidents suspected to be caused by APTs. While alignment with CSA’s Cybersecurity Code of Practice is foundational, true resilience demands a proactive, layered approach:

  • Human-centric security
    People are the first line of defense — and the most targeted. Deploy a modern AI-powered human-centric platform to protect the human layer, which includes behavioral and intent-based detection and flags or blocks anomalies that may indicate compromise. These AI models continuously learn from real-world threats, customer deployments, collaboration platforms, cloud and on-premises data stores.
    This layer of protection helps organizations identify threats that bypass traditional security controls. Combined with regular awareness training, it builds a resilient security culture where employees are empowered to act as active defenders.
  • Real-time threat intelligence
    Staying ahead of adversaries requires insight into their tactics, techniques, and infrastructure. Intelligence platforms must translate global threat activity into actionable local context.
  • Incident response preparedness
    Breaches are inevitable, but delays are not. A rehearsed, cross-functional incident response plan can limit disruption and accelerate recovery.
  • Third-party risk management
    APT actors increasingly exploit supply chain vulnerabilities. Continuous monitoring of vendor and partner risk profiles is now a baseline requirement.

Cybersecurity as a strategic imperative

APT activity is not a passing wave, and it represents a long-term shift in the threat landscape. As adversaries grow more agile and resourceful, Singapore’s defences must become equally dynamic. Cybersecurity must be elevated from IT issue to board-level priority — from compliance to core strategy.

The time to act is now. Singapore’s future as a secure, trusted digital nation depends on it.

Share:

PreviousFrom insight to action: Securing APAC’s future with AI-driven cybersecurity
NextO.NE People and Prighter Forge Alliance to Deliver AI-Driven Privacy Compliance Solutions Worldwide

Related Posts

5 easy tips to become super safe online

5 easy tips to become super safe online

Wednesday, March 18, 2020

With increasing IT/OT convergence, reacting to any cyber incident is already too late!

With increasing IT/OT convergence, reacting to any cyber incident is already too late!

Monday, June 30, 2025

What does using Bluetooth-enabled contact tracing mean for us?

What does using Bluetooth-enabled contact tracing mean for us?

Tuesday, May 5, 2020

APAC’s cyberthreat landscape in 2023: a vivid snapshot

APAC’s cyberthreat landscape in 2023: a vivid snapshot

Friday, March 15, 2024

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
previous arrow
next arrow

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • 2024 Insider Threat Report: Trends, Challenges, and Solutions

    2024 Insider Threat Report: Trends, Challenges, and Solutions

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
  • AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
  • Data Management in the Age of Cloud and AI

    Data Management in the Age of Cloud and AI

    In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper
  • Mitigating Ransomware Risks with GRC Automation

    Mitigating Ransomware Risks with GRC Automation

    In today’s landscape, ransomware attacks pose significant threats to organizations of all sizes, with increasing …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • CISOs can navigate emerging risks from autonomous AI with a new security framework

    CISOs can navigate emerging risks from autonomous AI with a new security framework

    See how security leaders can adopt layered strategies addressing intent, governance, and oversight to manage …Read more
  • MoneyMe strengthens fraud prevention and credit decisioning

    MoneyMe strengthens fraud prevention and credit decisioning

    Australian fintech strengthens risk management with SEON to scale lending operations securely and efficiently.Read more
  • PT Kereta Api Indonesia announces nationwide email and communication overhaul

    PT Kereta Api Indonesia announces nationwide email and communication overhaul

    The state railway operator’s upgraded email system improves privacy, operational reliability, and regulatory alignment for …Read more
  • Operationalizing sustainability in cybersecurity: Group-IB’s approach

    Operationalizing sustainability in cybersecurity: Group-IB’s approach

    See how the firm turned malware-group takedowns into measurements of sustainability and resilience gains: by …Read more

Bottom sidebar

  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2025 CybersecAsia All Rights Reserved.