Nearly all organisations polled hit by cyber attacks last year

Almost all the organisations and businesses polled in a new survey said they had suffered close to four cyber attacks in the past year.

Of the 250 company leaders and executives polled, only 4 per cent said their organisations were not attacked, according to private cyber-security provider Carbon Black.

The US-based company released its first Singa-pore threat report yesterday. The organisations and businesses polled cut across sectors such as fi-nance, healthcare, government, retail, manufacturing and media.

"Our first Singapore threat report indicates that organisations in Singapore are under intense pressure from escalating cyber attacks," said Mr Rick McElroy, head of security strategy for Carbon Black.

The survey was conducted in January and forms part of a global research project that Carbon Black is working on in other countries, including Canada, France, Germany, Italy and Japan.

The Singapore results also showed that 92 per cent of the organisations surveyed had seen an increase in attack volumes, and 95 per cent of the breaches were getting more sophisticated.

The most prolific attack type in Singapore was ransomware, which is a kind of software designed to block access to a computer system until a sum of money is paid. More than a quarter of those surveyed said that they frequently encountered such an attack.

The next common attacks were malware, or malicious software specifically designed to disrupt, damage, or gain unauthorised access to a computer system, and breaches to the cloud Google Drive.

The survey also found that some sectors showed particular vulnerability. For instance, 63 per cent of financial service companies reported that attack sophistication had grown significantly, and 61 per cent of manufacturing and engineering companies had been breached three to five times in the past year.

Carbon Black also said that human error contributed significantly to cyber attacks. Phishing attacks, which involve the gathering of personal information using deceptive e-mails and websites, were the root of 14 per cent of successful breaches.

In Singapore's worst cyber attack, the SingHealth data breach, phishing was one of the ways the attackers got into the healthcare cluster's system.

The breach resulted in the stolen data of more than 1.5 million patients, including that of Prime Minister Lee Hsien Loong.

Carbon Black's survey results come after news that a new committee to review and strengthen data security practices across the entire public service had been set up by the Government, following a series of data-related incidents.

The Public Sector Data Security Review Committee - convened by PM Lee - will look into how data is collected and protected by agencies, ven-dors and authorised third parties, and recommend improvements.

It will propose technical measures and capabilities to improve the Government's response to incidents and protection of citizens' data, and develop an action plan to implement them in the immediate and longer term.

Commenting on his company's survey results, Mr McElroy said in a media release: "The research indicates increases across the board in attack volume and sophistication, causing frequent breaches.

"In response, an encouraging number of Singapore organisations are adopting threat hunting and seeing positive results. As threat-hunting strategies start to mature, we hope to see fewer attacks making it to full breach status."

A version of this article appeared in the print edition of The Straits Times on April 03, 2019, with the headline 'Nearly all organisations polled hit by cyber attacks last year'. Print Edition | Subscribe