Top Cyberattacks in Singapore and How to Safeguard Your Business

In 2021 alone, Singapore witnessed a dramatic 145% year-on-year rise in cyberattacks, indicating that the digital landscape has become increasingly vulnerable. These incidents affect not only large corporations but also profoundly impact small and medium-sized enterprises. With cyber threats continually evolving, understanding the dynamics of cyberattacks and implementing robust cybersecurity measures is necessary to protect your business.

Cybercrimes in Singapore vary widely, from common threats to highly notorious incidents, underlining the pressing need for companies to stay informed. Below are some of the major cyberattack incidents in the country.

In 2018, Singapore witnessed a significant data breach when hackers accessed the personal information of 1.5 million SingHealth patients, including names, NRIC numbers, addresses, and medical details. Notably, 160,000 individuals, including Senior Minister Lee Hsien Loong, had their outpatient prescriptions stolen.

The breach occurred through an infiltration of SingHealth’s IT system, which includes four hospitals, five specialty centres, and several polyclinics. This incident highlights the urgent need for robust data protection measures to safeguard sensitive personal information and prevent future breaches.

l measure to guard against data breaches and avoid hefty legal and financial repercussions. Understanding and complying with these laws is thus essential for businesses to operate securely and maintain trust with partners and customers.

StarHub’s broadband network experienced disruptions due to two waves of distributed denial of service (DDoS) attacks in 2016. These attacks originated from bug-infected machines within StarHub’s own customer base, turning them into zombie machines. These machines then overwhelmed the telecom’s Domain Name System (DNS) with repeated queries, spiking traffic and causing approximately two hours of service downtime on each occasion.

This underscores the network systems’ vulnerability to internal threats and shows the importance of implementing strategies like regular network monitoring and advanced intrusion detection systems to mitigate DDoS threats and ensure service continuity.

In a targeted cyberattack in 2017, personal details of 850 national servicemen and Ministry of Defence (MINDEF) staff were compromised from MINDEF’s I-net system. This system, which facilitates personal communications and internet surfing through dedicated terminals in MINDEF and Singapore Armed Forces (SAF) camps, experienced its first significant breach. The attackers remotely accessed NRIC numbers, telephone numbers, and birthdates without compromising any classified military information.

This incident stresses the demand for secure systems and regular security audits to effectively protect sensitive information. Ensuring the integrity of such systems is crucial, especially in national security contexts, to prevent potential vulnerabilities that could lead to similar breaches.

In 2017, AXA Insurance in Singapore suffered a significant cyberattack that compromised the firm’s Health Portal, leading to unauthorised access to the personal data of 5,400 customers. The exposed data included customers’ email addresses, mobile numbers, and dates of birth. This incident spotlights the vulnerabilities in digital data storage systems and the critical need for enhanced security measures.

To prevent similar issues, strengthening data security protocols is essential. Implementing robust encryption techniques and enhancing overall data security protocols can protect sensitive customer information from unauthorised access and potential cyber threats.

OCBC Bank customers fell victim to a series of sophisticated phishing scams, resulting in substantial financial losses totalling S$13.7 million in 2022. These scams exploited vulnerabilities through phishing websites where victims unknowingly provided their online banking login credentials and one-time PINs. This allowed scammers to access their bank accounts and execute fraudulent transactions.

This alarming problem highlights the gravity of phishing awareness training. Both employees and customers must be educated about the dangers of phishing scams and trained on how to identify and avoid falling prey to such deceptive tactics. Improving awareness can reduce the risk of similar attacks, safeguarding individual and corporate financial assets.

The cyberattack incidents on SingHealth, StarHub, MINDEF, AXA Insurance, and OCBC Bank emphasise the necessity for robust cybersecurity measures to protect sensitive data.

To secure your business, softScheck offers comprehensive cybersecurity solutions tailored to your specific needs. Our services, including vulnerability assessment in Singapore IT security audit in Singapore, ISO27001 Implementation and CISOaaS (CISO as-a-Service (CISOaaS), effectively identify and mitigate potential vulnerabilities.

By engaging our expertise, you can enhance your business’ security posture with ongoing monitoring and threat detection, ensuring a rapid response to security incidents. We also help companies comply with Singapore’s stringent cybersecurity laws, minimising legal and financial risks.

Partner with softScheck today for a comprehensive consultation to secure your business’ digital future.

siness gains access to premier cybersecurity expertise and services, safeguarding against evolving cyber threats.