Financial institutions, public agencies, logistics most spoofed sectors in Singapore in 2022
Tay Peck Gek
PHISHING attempts reported to the Singapore Cyber Emergency Response Team nearly trebled to about 8,500 in 2022 from 3,100 in 2021, with the top three spoofed sectors being banking and financial services, the government and logistics.
More than 80 per cent of reported phishing sites in 2022 masqueraded as banking and financial institutions, the Singapore Cyber Landscape 2022 report published on Friday (Jun 23) showed.
Since 2016, the sector has been among the top three with the highest number of phishing attempts, said the publication by the Cyber Security Agency of Singapore (CSA). CSA maintains oversight of national cybersecurity functions, and works with sector leads to protect Singapore’s critical information infrastructure.
Banking and financial institutions are often targeted by phishing attacks as they are trusted organisations which hold sensitive and valuable information such as personal details and login credentials.
Nearly 50 per cent of all banking-related phishing attempts in 2022 involved China-based banks, despite the fact that several of those spoofed – such as Agricultural Bank of China, Zhongyuan Bank and China Minsheng Bank – have little to no presence in the Singapore retail banking scene.
The three most-spoofed government agencies or services in 2022 were the Land Transport Authority, Singpass, and the Inland Revenue Authority of Singapore. Many of these cases involved phishing e-mails or SMS messages exploiting the victims’ trust in, and tendency to comply with, the authorities.
BT in your inbox
Start and end each day with the latest news stories and analyses delivered straight to your inbox.
Singapore Post accounted for more than 80 per cent of logistics-related phishing attempts via fake websites or SMS alerts. These phishing attempts were designed to target the online shopping habits of customers, by sending e-mails on the pretext of an incoming delivery, shipment issues or missing packages.
Meanwhile, there was a slight drop in the number of reported ransomware cases to 132 incidents in 2022, from 137 in 2021.
Small and medium-sized enterprises (SMEs) in the manufacturing and retail sectors were most hit, as they can hold valuable data as well as intellectual property, which are targeted by cybercriminals for financial gain.
SEE ALSO
Many SMEs lack dedicated resources to protect their data from cyber threats.
To help SMEs counter such threats, CSA will launch a scheme in the third quarter to provide subsidised cybersecurity consultancy services and tailored cybersecurity health plans for SMEs to work towards national cybersecurity certification.
There was a 13 per cent decrease in the number of infected systems observed in Singapore to 81,500 in 2022, from 94,000 in 2021, and a dip in Singapore’s global share of infected infrastructure from 0.84 per cent to 0.34 per cent.
The top three malware infections on locally-hosted Command & Control servers were Cobalt Strike, Emotet and GuLoader. The top three malware found on locally-hosted botnet drones were Gamarue, Nymaim and Mirai, accounting for nearly 80 per cent of Singapore Internet Protocol addresses infected by malware in 2022.
A total of 340 websites with “.sg” in their domain names were defaced in 2022 – a decrease of 19 per cent. Defacements refer to websites having their visual appearance or informational content altered without permission. SMEs were the most hit.
Re-defacements accounted for almost 40 per cent of total observed defacements.
Websites published on the WordPress platform were the most defaced in 2022; about 60 per cent were running on outdated versions or before Version 6.0 of WordPress.
The Singapore Cyber Landscape 2022 report noted: “This highlights how some website owners are still negligent or even unaware of the need to regularly patch websites that are outdated or contain known vulnerabilities, which are often avenues for hackers to carry out defacements.”
Copyright SPH Media. All rights reserved.
