As a global and regional hub for finance, commerce, and other business services, Singapore remains particularly vulnerable to recent cyber attacks in Singapore and cybersecurity threats in Singapore. The first quarter of 2024 witnessed a significant surge in cyber attacks in Singapore, with over a quarter of internet users in the nation falling victim, according to a report by Kaspersky.

As technology progresses, these cyber attacks will only become more frequent and sophisticated. Cyber attacks can have serious consequences for individuals and businesses alike, from identity theft to financial losses and damage to reputation.

When it comes to cyber attacks, it is important to stay proactive and vigilant rather than reactive and respond to attacks after they occur. By understanding the major cyber attacks that have happened in Singapore, individuals and businesses can be better prepared to prevent them from happening in the first place.

In this article, we’ll cover the top 9 major cyber attacks that have occurred in Singapore, their impact and the measures that can be taken to prevent them. By raising awareness of the importance of cybersecurity, we can encourage individuals and businesses to take proactive steps to protect themselves from cyber threats!

Cyber Attack #1: Shook Lin & Bok Law Firm Ransomware

One of the biggest cyber incidents of 2024, the ransomware attack on prestigious law firm Shook Lin & Bok, left the legal community shaken. The firm allegedly paid a staggering $18.9 million in Bitcoin to the attackers after their systems were compromised and data was encrypted. While the firm stated there was no evidence of client data theft, the attack highlighted the vulnerability of even well-established organizations to sophisticated ransomware threats. (Source: The Straits Times).

The attack on Shook Lin & Bok not only had financial repercussions but also damaged the firm’s reputation. Also, it highlighted the broader risk landscape for the legal sector in Singapore and emphasised the importance of robust cybersecurity protocols.

Cyber Attack 2: SingHealth Data Breach

In 2018, Singapore experienced its most significant cyber attack to date when the personal data of 1.5 million SingHealth patients were compromised. The breach included names, addresses, and national identification numbers, as well as information on patients’ diagnoses and medications. Most notably, the data breach also involved the theft of personal data belonging to Prime Minister Lee Hsien Loong, making it a high-profile incident that drew international attention, underscoring the severity of cyber threats faced by Singapore.

The impact of the breach was significant, with the government admitting that the attackers had “deliberately and specifically targeted” SingHealth’s data. It raised concerns about the security of sensitive personal data in Singapore, affecting its reputation as a safe haven for businesses with experts highlighting the need for stronger cybersecurity measures across all sectors.

As punishment, the Integrated Health Information Systems (IHiS) and SingHealth were fined $750,00 and $250,000 respectively by the Personal Data Protection Commission (PDPC).

Following the breach, the Singapore government implemented several measures to prevent similar incidents from occurring in the future. These included enhancing cybersecurity measures across all government agencies such as implementing mandatory two-factor authentication for government systems.

The high profile nature of the incident also prompted a broader conversation around the importance of data privacy and cybersecurity in Singapore. Finally, it also served as a wake-up call for organisations to take proactive measures against cyber threats — If a large and secure organisation like the government could be targeted, then no business was theoretically safe.

Cyber Attack #3: StarHub DDOS Attacks

On the 22nd and the 24th of October 2016, StarHub would face one of the most serious and malicious distributed denial-of-service (DDoS) attacks in the telecommunications company’s history.

Described as “unprecedented in scale, nature and complexity”, the DDoS attacks on StarHub’s domain name servers (DNS) caused internet connection disruptions for a large number of its home broadband customers. Investigations showed that the attacks were caused by hacked user routers, most likely with default username and passwords, which turned into “zombie machines” that repeatedly sent queries to StarHub’s DNS, overwhelming it.

According to StarHub’s Chief Technology Officer at the time, Mock Pak Lum, there was no evidence of any impact on the rest of its services, and the security of customers’ information was not compromised. StarHub mitigated the attacks by filtering unwanted traffic and increasing its DNS capacity to restore service within 2 hours.

The incident highlighted the potential consequences of DDoS attacks on critical infrastructure, including the disruption of essential services and loss of revenue for businesses. In response, Singaporean authorities advised other telecom firms to strengthen defences to protect against similar disruptions. As a result of the event, StarHub invested in advanced DDoS mitigation technologies, worked closely with government agencies to enhance threat intelligence sharing, and conducted regular cybersecurity audits to identify and address vulnerabilities.

Cyber Attack #4: MINDEF Data Breach

In February 2017, a cyber attack on Singapore’s Ministry of Defence (MINDEF) resulted in the personal data of 850 national servicemen and employees being stolen. The attack targeted MINDEF’s internet system (I-net), which is used for communication and internet access in camps. The breach was described by the Defence Minister Ng Eng Hen as a “deliberate, targeted and well-planned cyber attack”.

The stolen data included personal information such as national identification numbers, telephone numbers, and dates of birth. The information was non-classified and did not include any classified military information or operational data. In a security briefing, Mindef stated: “The real purpose may have been to gain access to official secrets, but this was prevented by the physical separation of I-net from our internal systems.”. At the same time, security experts speculated that the attacks could have even been state sponsored.

Thankfully, Mindef’s multilayer approach to cybersecurity ensured that the attacker only breached the outer layer but was not able to go deeper into the classified systems, preventing further damage. The breach highlighted the vulnerability of government agencies to cyber attacks underscored the effectiveness of robust cybersecurity policies.

Cyber Attack #5: National University of Singapore Society Hacked

In November 2021, the National University of Singapore Society (NUSS) was hit by a data breach that exposed the personal data of 1,355 members who used the online form feature on the website. The personal data that was exposed included names, NRIC numbers and contact information.

The cause of the data breach was a website intrusion from an unknown person or organisation. Once discovered, NUSS immediately reported the breach to authorities and notified affected members, advising them to remain vigilant against potential scams or phishing attempts using their personal information. They also engaged cybersecurity experts to investigate the breach and implemented additional security measures to prevent it from happening in the future.

While the impact of this cyber attack was low compared to high profile data breaches like the SingHealth data breach or the MINDEF breach, it is a reminder that cyber attackers do not just target large organisations. No matter how small, organisations must take online privacy and security seriously and be committed to cybersecurity best practices in order to protect personal information.

Cyber Attack #6: AXA Insurance Data Breach

In June 2020, personal data of 5,400 AXA Insurance customers in Singapore was stolen due to a cyberattack on AXA Insurance’s Health Portal. The compromised data included email addresses, mobile numbers and date of birth.

While AXA Insurance reported the breach to the PDPC and the police, they assured customers and media that no financial information was compromised. At the same time, the Monetary Authority of Singapore (MAS) asked AXA to initiate a thorough review of their IT security and remediate control gaps.

Exposing customers’ personal information can lead to potential identity theft or fraud. With customers’ information, hackers could potentially masquerade as AXA or any commercial entity to further trick victims into revealing their banking username and passwords. As a result, the breach tarnished AXA Insurance’s reputation and caused customers to lose trust in the company’s ability to protect their data.

Cyber Attack #7: OCBC Phishing Scams

In 2016, Singapore’s OCBC Bank was hit by a series of phishing scams that targeted its customers, resulting in financial losses totaling S$13.7 million. The scams were carried out via unsolicited SMSes impersonating OCBC bank, typically claiming that there were issues with their banking accounts, asking them to click on a link to resolve the issue. The link would lead to a phishing website, where the victims unknowingly provided their online banking log-in credentials and one-time PINs allowing scammers to take over their bank accounts and make fraudulent transactions.

Once the money has been fraudulently transferred out of the victim’s bank accounts, it becomes very challenging to retrieve the sums as the money is often rerouted through various accounts, making it hard to track their movement and recover it. As a result of the unprecedented amount of phishing scams within a short period of time, OCBC made the decision to reimburse affected customers in full “as a one-off gesture of goodwill given the circumstances of this scam”.

The bank also warned customers about phishing SMSes using different channels like its online banking platforms, social media page and media advisory. The bank also stopped sending SMSes containing Bitly links so customers would be able to verify at a glance that the links are from an official source.

Cyber Attack #8: Straits Times Hack

In February 2013, a hacker who called himself “The Messiah” claiming to be part of the global hacktivist group Anonymous targeted the website of Singapore’s English newspaper, The Straits Times. The hacker defaced the blog of a reporter for the Straits Times and left a message that read: “Dear ST: You just got hacked for misleading the people!”.

The hacker was unhappy with the reporter for changing the sentence “war against the Singapore Government” to “war against Singapore” in an article quoting an Anonymous YouTube video posted two days earlier. Going as far as to demand an apology from the reporter to the citizens of Singapore and her resignation if she refused to apologise within 48 hours. He also claimed responsibility for hacking other local websites in the same year.

While the attack did not appear to have any significant impact on the newspaper’s operations, as the defaced homepage was quickly removed and restored, the incident highlighted the vulnerability of even major media outlets to cyber attacks. Not to mention the anxiety it might have caused to the reporter in question.

Cyber Attack #9: Consumer Association of Singapore Email Hacked

In October 2022, cyber attackers hacked the mail server for Singapore’s consumer watchdog Consumer Association of Singapore (Case). Two mailboxes belonging to Case “[email protected]” and “[email protected]” were used to send out phishing emails to more than 5,000 consumers telling them to make payment transactions to receive monetary compensation for their complaints.

The attack led to total losses amounting to at least $225,000 as at least 10 victims fell prey to the phishing emails.

The two mailboxes were primarily used by the association to communicate with customers who lodge complaints and those whose complaints are escalated to mediation. In response to the hack, Case advised consumers not to disclose personal or bank details and to report such incidents to the police and the anti-scam hotline. It also suspended the affected mailboxes and reconfigured its email accounts.

This incident highlights the need for individuals to prioritise personal cybersecurity measures for their finances such as two-factor authentication for their banking accounts. It also highlights the need for greater cybersecurity awareness such as the knowledge to identify phishing emails and awareness to verify dubious links with official sources.

Protect Yourself from Cyber Attacks

We hope the case studies featured in this article show that cyber attacks in Singapore are a frequent occurrence and should be taken seriously. No organisation, whether big or small, is immune from cyber attacks. These attacks can have serious consequences for both individuals and organisations, including financial losses and damage to reputation.

To protect yourself from cyber attacks, it is crucial to be proactive and implement proper, preventative cybersecurity policies and stay up-to-date with the latest cybersecurity trends and threats. That’s where FirstCom Academy’s cybersecurity course comes in.

FirstCom Academy provides comprehensive cybersecurity courses that cover topics such as network security, incident response, and risk management. By attending these courses, individuals and organisations can learn how to better protect themselves against cyber attacks and safeguard their digital assets.

Don’t wait until it’s too late – sign up for FirstCom Academy’s cybersecurity courses today and take the first step towards a more secure digital future!

Frequently Asked Questions:

The SingHealth data breach affected 1.5 million patients, making it the largest cyberattack in Singapore's history.

The SingHealth data breach resulted in the theft of patients' personal information such as names, addresses, IC numbers, as well as details about their medical conditions and treatments.

In October 2016, StarHub experienced DDoS attacks that overwhelmed its DNS servers, causing internet connection issues for many home broadband users. It was described as unprecedented in scale and complexity.

MINDEF's multilayer cybersecurity ensured the 2017 attack only breached the outer layer and prevented access to classified systems, minimizing further damage.

Read more: