The number of reported cybercrime cases accounted for almost half of total crimes in Singapore last year, where both ransomware and botnet attacks saw significant spikes. The city-state is anticipating intensifying threats from ransomware as well as malicious attacks targeting remote workers and supply chains.
The Singapore Computer Emergency Response Team (SingCERT) last year handled 9,080 cases, up from 8,491 the year before and 4,977 in 2018, according to the latest Singapore Cyber Landscape report released Thursday by Cyber Security Agency of Singapore (CSA). The government agency noted that last year saw marked increases in ransomware, online scams, ad COVID-19 phishing activities.
In particular, the number of reported ransomware attacks saw a significant spike of 154% in 2020, with 89 incidents, compared to 35 in 2019. These mostly affected small and midsize businesses (SMBs) in various sectors including manufacturing, retail, and healthcare.
In one such incident in August 2020, an F&B business found its servers and devices infected with NetWalker, with a ransom note directing the company to a webpage on the Dark Web to view the ransom demands. None of the F&B company’s data could be recovered as it also stored its backups on the affected servers and it had to rebuild its IT system from scratch.
CSA attributed the increase in ransomware cases in Singapore to the global ransomware outbreak, where such attacks moved from being indiscriminate and opportunistic in nature to more targeted “Big Game Hunting”. Cybercriminals also shifted towards ransomware-as-a-service and “leak and shame” tactics, the agency said.
It noted that the number of malicious command-and-control (C&C) server attacks also grew 94% to 1,026 reported incidents last year. These were fueled partly by the increase in such servers distributing the Emotet and Cobalt Strike malware, which accounted for one-third of malware in C&C servers.
Some 6,600 botnet drones with Singapore IP addresses were identified daily last year, up from 2,300 in 2019. CSA revealed that Mirai and Gamarue malware variants were prevalent amongst infected botnets in 2020, with the former malware targeting primarily Internet of Things (IoT) devices.
