Singapore Cyber Landscape 2020 | Privasec

Singapore Cyber Landscape Report 2020: Everything you need to know

Thoughts from Quan Heng Lim, Regional Head of Asia, Privasec – first posted on LinkedIn on 8 July 2021.

The annual Singapore Cyber Landscape report, published by Cyber Security Agency of Singapore (CSA), provides a good overview of Singapore’s yearly cyber security trends. It highlights the country’s efforts in creating a safe and trustworthy cyberspace and sheds light on the cyber security plans and strategies of Singapore’s cyber leaders, with the latest report released on 8 July 2021.

In 2020, Singapore witnessed more than 16,000 cases of cyber crimes, given the backdrop of increased online connectivity as well as accelerated changes to businesses and process transformations during the pandemic. This was a significant rise from 2019 which saw 9,349 cases. According to a survey recently released by CSA, nearly four in ten people in Singapore (or 37 per cent) have reported being victims of at least one cyber crime in 2020, up from 28 per cent in 2019. Key malicious cyber activities in 2020 include ransomware attacks, website defacements and phishing incidents.

Ransomware | Privasec
Ransomware blocks access to data till a ransom is paid.


Ransomware refers to cases where threat actors limit users from accessing their system, either by encrypting users’ files or locking the computer screens unless a ransom is paid. The aforementioned survey published by CSA showed that 80 per cent of respondents were moderately or extremely concerned about being hit by ransomware attacks. In 2020, CSA received 89 reports of ransomware cases, a significant increase of 154% from 35 cases in 2019. The majority of ransomware cases were reported by Small-and-Medium Enterprises (SMEs) but these cyber criminals were observed to be participating in more targeted “Big Game Hunting (BGH)” whereby large businesses are targeted in hopes of higher ransom pay-outs. 

Earlier this month, hundreds of businesses around the world had their operations disrupted when Kaseya, a U.S. information technology firm, fell victim to the single biggest global ransomware attack on record. In fact, the hackers who claimed responsibility for the attack have demanded a ransom of $70 million. Such attacks have intense ramifications on our daily lives, exemplified by how hundreds of supermarkets in Sweden had to close and some schools and kindergartens in New Zealand were even knocked offline. There is thus a clear need to remain vigilant to such disruptive threats.

Phishing Incidents

While phishing attacks have decreased slightly from 2019, about 47,000 phishing URLs with a Singapore link were still detected. In fact, SingCERT, the governmental agency responsible for responding to local cybersecurity incidents, handled more cases of phishing in 2020, witnessing an increase from 8,491 in 2019 to 9,080 last year. Phishing remains one of the most popular and effective cybercrime methods with threat actors impersonating trusted organisations and individuals to steal sensitive data from unsuspecting victims. In 2020, the majority of the organisations spoofed were social networking sites, like Facebook and WhatsApp, as well as entities in the banking and financial sector. Additionally, the most commonly spoofed websites of Government organisations in Singapore were the Ministry of Manpower (MOM), the Singapore Police Force (SPF) and the Ministry of Education (MOE). Cyber criminals also leveraged the pandemic to lure phishing victims by spoofing relevant health authorities, such as the World Health Organisation, and online retail entities that were in greater demand during the circuit breaker period. Phishing attacks were most pronounced in the period between March to May 2020, right when the pandemic first hit Singapore.

Website Defacements

On a more positive note, Singapore recorded a 43% decrease in website defacements, from 873 in 2019 to 495 in 2020. Website defacements mostly targeted Joomla-published websites, compared to the previous years where WordPress was the most targeted platform for defacements. Even so, the public should remain attentive as the report noted that the decrease in website defacements could suggest that activist groups have chosen other platforms with wider reach, such as social media networking sites, to disseminate their messages.

Cyber Security during the Pandemic

Both globally and locally, cyber threat actors exploit the panic and fear caused by COVID-19 to conduct malicious activities. These activities include impersonating government authorities, creating malicious COVID-19-related websites for credentials theft as well as initiating malware attacks on organisations in the healthcare-related industries which could disrupt COVID-19 recovery efforts.

The pandemic has shifted many daily operations online, such as work, commerce, schools, shopping and even contact-tracing. As such, without proper cyber security measures in place, an environment ripe for exploitation by cyber threat actors will be created. As elaborated in my previous article, working from home carries with it its own cyber security risks if one is not careful. Additionally, the report also noted the use of pandemic-themed phishing lures, scams and ransomware cases. False COVID-19 contact tracing applications with the ability to deliver malware was even detected in June of 2020.

Good Cyber Hygiene Every Day, Keeps the Threats at Bay 

It remains clear that as COVID-19 becomes endemic, our daily lives will continue to be tied to the online cyber landscape. Thus, it is of utmost importance that we proactively protect ourselves from cyber threats by practising good cyber hygiene habits at all times. 

As cyber threats continue to evolve in sophistication, robust cyber security practices remain the best defence. Systems and networks should be regularly patched and individuals should not reuse credentials across accounts. We should also be wary of cyber threats posed by both phishing and malspam — or malicious spam — e-mails. In addition, computer protection software should be installed and kept updated, and Two-Factor Authentication (2FA) should be enabled wherever possible.

After all, as the adage goes, prevention (of cyber viruses) is better than cure.

Scroll to Top