Nearly all organisations in Singapore have suffered close to 4 cyber attacks in past year: Survey

The most prolific attack type in Singapore is ransomware, which is a kind of software designed to block access to a computer system until a sum of money is paid. PHOTO: REUTERS

SINGAPORE - Almost all organisations and businesses polled in a new survey have suffered close to four cyber attacks in the last year.

Of the 250 company leaders and executives polled, only four per cent said their organisations were not attacked, according to private cybersecurity provider Carbon Black.

The US-based firm released its first Singaporean Threat Report on Tuesday (April 2). The organisations and businesses polled cut across sectors like finance, healthcare, government, retail, manufacturing and media.

"Our first Singaporean threat report indicates that organisations in Singapore are under intense pressure from escalating cyber attacks," said Mr Rick McElroy, head of security strategy for Carbon Black.

The survey was conducted in January this year, and forms part of a global research project that Carbon Black is working on in other countries including Canada, France, Germany, Italy and Japan.

The Singapore results also show that 92 per cent of the organisations surveyed have seen an increase in attack volumes and 95 per cent of the breaches are getting more sophisticated.

The most prolific attack type in Singapore is ransomware, which is a kind of software designed to block access to a computer system until a sum of money is paid. More than a quarter of those surveyed said that they frequently encountered such an attack.

The next common attacks are malware, or malicious software specifically designed to disrupt, damage, or gain unauthorised access to a computer system, and breaches to the cloud Google Drive.

Carbon Black also said that human error contributes significantly to cyber attacks. Phishing attacks, which involve the gathering of personal information using deceptive e-mails and websites, were the root of 14 per cent of successful breaches.

In Singapore's worst cyber attack, the SingHealth data breach, phishing was one of the ways the attackers got into the healthcare cluster's system. The breach resulted in the stolen data of more than 1.5 million patients including that of Prime Minister Lee Hsien Loong.

Carbon Black's survey results come after news that a new committee to review and strengthen data security practices across the entire public service has been set up by the Government, following a series of data-related incidents.

The Public Sector Data Security Review Committee - convened by PM Lee - will look into how data is collected and protected by the agencies, vendors and authorised third parties, and recommend improvements.

It will recommend technical measures and capabilities to improve the Government's response to incidents and protection of citizens' data, and develop an action plan to implement them in the immediate and longer term.

Commenting on his company's survey results, Mr Rick said in the media release: "The research indicates increases across the board in attack volume and sophistication, causing frequent breaches.

"In response, an encouraging number of Singaporean organisations are adopting threat hunting and seeing positive results.

"As threat hunting strategies start to mature, we hope to see fewer attacks making it to full breach status."

Join ST's Telegram channel and get the latest breaking news delivered to you.