More online shoppers are falling for scams in Singapore, where cybercrime accounted for 26.8% of all crimes last year with e-commerce scams the most popular. Some 9,430 cybercrime cases were reported last year, up 51.7% from 2018 when there were 6,215 cases.
E-commerce remained the leading tactic used by scammers who hoodwinked 2,809 victims in 2019. This was a 30% increase from 2,161 reported cases in 2018, according to the Singapore Cyber Landscape 2019 report released Friday by the Cyber Security Agency of Singapore (CSA).
Citing figures from the local police, the report further noted that victims of e-commerce scams continued to be lured by attractive online deals on items such as electronic gadgets and event tickets.
Last year also saw increases in website defacement, phishing incidents, and malware infections. The CSA report revealed that 873 websites were defaced, compared to 605 cases in 2018, with most of the affected websites operated by small and midsize businesses (SMBs) from various sectors including finance, manufacturing, and retail.
CSA attributed the increase partly to an Indonesia-based hacker group as well as ongoing developments in the Middle East.
The government agency also was alerted to 35 ransomware cases in 2019, up from 21 cases in 2018, with affected systems operated by organisations across several industries including travel and tourism, manufacturing, and logistics.
In addition, CSA said it detected 530 unique Command & Control servers last year, compared to 300 in 2018, and identified a daily average of 2,300 botnet drones with local IP addresses, which was a 20% drop from 2018. Almost 370 malware variants also were detected, with Mirai, Gamarue, Conficker, Nymaim, and Ranbyus amongst the top five and accounting for more than half of all observed infections.
It further noted that 47,500 Singapore-hosted phishing URLs were identified last year, up significantly from 16,100 URLs in 2018. Local organisations that often fell victim to such attacks included technology vendors, banking and financial companies, and e-mail service providers as well as government agencies such as the Ministry of Manpower (MOM), Immigration & Checkpoints Authority, and Singapore Police Force.
Just last week, Singapore was identified as amongst six nations targeted in a COVID-19 themed phishing campaign that was scheduled to take place June 21. Reportedly the work of North Korean state hacker group Lazarus, the attack was slated to target more than 5 million businesses and individuals including 8,000 organisations in Singapore, which were expected to receive phishing email messages from a spoofed Ministry of Manpower account.
According to Acronis' technology president Stas Protassov, there likely would be more phishing attacks in the near future as Singapore was expected to hold its General Elections next month. "We can expect to see much more phishing campaigns, malicious websites, and videos posing as General Elections-related websites, official portals, and addresses by candidates and parties," he said.
Protassov also noted that a pool of 530 unique C&C servers was a huge number given the size of Singapore. Once they have successfully penetrated a network, these C&C botnet servers will be able to command what the network does such as encrypt user files, delete them, or copy the data.
He added that the reported daily average of 2,300 botnet members was "a surprising ratio", given that there were 530 C&C centres. "There should have been more botnets," he said. "This means Singapore is simply used as a top destination to host C&C for targeting Southeast Asia."
He pointed to Singapore's excellent connectivity and infrastructure as the draw, as C&Cs required robust internet speed and low latency. Furthermore, all four major cloud providers -- Alibaba, Microsoft, Google, and Amazon Web Services -- had a strong presence here as well as data centre providers such as Equinix and Digital Realty.
"That makes it easy for malware operators to quickly switch between them and stay ahead of law enforcement agencies," Protassov said, adding that enterprises should deploy anti-malware tools to mitigate such risks.
According to CSA, the COVID-19 pandemic was likely to drive up the volume of cybersecurity incidents, as increased home-based work activities came with added security risks. The agency also pointed to businesses moving to the cloud as another catalyst since such deployment expanded their cybersecurity attack surface.
CSA's chief executive and commissioner of cybersecurity, David Koh, said: "As one of the most connected countries in the world, Singapore remains a target for cyber attacks and cybercrime. Threat actors have continued to evolve their tactics, resulting in an intensification of malicious cyber activities in 2019.
"The ongoing COVID-19 pandemic has also provided new opportunities and attack surfaces for them to capitalise on," Koh said. "Cybersecurity is a team sport and now, more than ever, we must come together to do our part to protect our cyberspace."
He added that with more enterprises adopting work-from-home policies, threat actors were likely to capitalise on this to gain unauthorised access to users' data or the organisations' networks.