What is UNC3886? Inside the state-linked group attacking S'pore's critical information infrastructure
A state-linked advanced persistent threat (APT) actor, it is a menace to national security in many countries, including Singapore.
Naming the nation's attacker for the first time on July 18, Coordinating Minister for National Security K. Shanmugam said: "UNC3886 poses a serious threat to us, and has the potential to undermine our national security. Even as we speak, UNC3886 is attacking our critical infrastructure right now."
What is UNC3886? Are essential services in Singapore safe from the attack? The Straits Times answers questions about the attack and APTs.
1. Who is UNC3886?
First detected in 2022 by cyber security firm Mandiant, UNC3886 is a China-linked cyber espionage group.
UNC3886's attempts are known to be persistent, with the intention of intelligence gathering and long-term spying.
The "UNC" label stands for "uncategorised" or "unclassified" as industry analysts have not formally classified it. "This does not mean that it is any less of a threat," said Mr Shanmugam.
2. How does UNC3886 operate?
Mr Vivek Chudgar, managing director of cyber security firm Mandiant Consulting in Asia Pacific and Japan, described UNC3886 as highly adept.
"UNC3886 operates in a sophisticated, cautious and evasive nature," he said, adding that the group largely focuses on defence, technology and telecommunication organisations in the US and Asia.
The Chinese espionage group is known to target network devices, virtualisation systems and critical information infrastructure with zero-day exploits.
Zero-day exploits are attacks that take advantage of security vulnerabilities in software that vendors have yet to develop patches for.
Unpatched vulnerabilities in the software of network devices, hypervisors, and virtual machines are typically harder to monitor, said Mr Chudgar.
UNC3886 also employs custom malware and tools available on the victim's system to evade detection.
Like other APT attackers, UNC3886 is persistent in that even if detected and removed from the network, it will attempt to re-enter the target networks.
3. What cyber attacks has UNC3886 been responsible for?
Mr Chudgar said UNC3886 has attacked organisations in the United States, Europe, and parts of Asia. Specifically, it has targeted sectors such as government, telecommunication, technology, aerospace, defense, energy and utility.
"UNC3886 poses a severe threat to national security for the organisations and the countries targeted," he added.
The Chinese espionage group has exploited vulnerabilities in routers from Juniper Networks, network security devices from Fortinet and virtual machines from VMware.
4. Are essential services in Singapore safe from the attack?
On July 18, the Cyber Security Agency said that UNC3886's activities have been detected in parts of Singapore's critical information infrastructure that power essential services.
"We have been investigating UNC3886's activities," said CSA, which is leading the investigations. The agency said it is monitoring all critical services sectors and sharing threat intelligence, but did not name the affected sectors.
Singapore's 11 critical services sectors are: energy, water, finance, healthcare, transport, government, infocomm, media as well as security and emergency services.
The agency is also working closely with other government bodies and partners to support the unnamed affected organisations.
CSA also did not say how long UNC3886 has been in the affected networks, saying instead: "These attacks are often protracted campaigns and CSA will need to preserve operational security by not disclosing further information at this stage."
5. What other APT attacks have hit Singapore?
In 2014, the authorities detected a security breach in the Ministry of Foreign Affairs' technology systems. Steps were taken to isolate the affected devices and the networks were strengthened following the discovery.
In what was the first sophisticated attack against universities here, National University of Singapore and the Nanyang Technological University discovered intrusions in their networks in 2017.
No classified data or student personal data was stolen. But the attackers were believed to have targeted the two institutions to steal government and research data. The varsities were involved in government-linked projects for the defence, foreign affairs and transport sectors.
Then in 2018, Singapore experienced its worst data breach involving the personal particulars of 1.5 million patients, including then Prime Minister Lee Hsien Loong.
The attacker in the SingHealth breach was said to be persistent in its efforts to penetrate the network, bypass the security measures and illegally access and exfiltrate data.
The attacker is believed to have lurked in the healthcare group's network for at least nine months. Its mission: to access SingHealth's electronic medical records system, a critical information infrastructure in Singapore. The unauthorised transfer of sensitive data took place in 2018.
Most recently in 2024, about 2,700 devices in Singapore were discovered to have been infected after CSA took part in a cyber operation against a global botnet.
APT hackers behind the botnet exploited poor cyber hygiene practices to infect devices, including baby monitors and internet routers. No critical information infrastructure was affected by the attack.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Business Times
7 hours ago
- Business Times
Humanoid robots embodiment of China's AI ambitions
[SHANGHAI] Serving craft beer, playing mahjong, stacking shelves and boxing, the dozens of humanoid robots at Shanghai's World AI Conference (WAIC) this weekend were embodiments of China's growing AI prowess and ambition. The annual event is primed at showcasing China's progress in the ever-evolving field of artificial intelligence, with the government aiming to position the country as a world leader on both technology and regulation as it snaps at the US' heels. Opening the event on Saturday, Premier Li Qiang announced China would set up a new organisation for cooperation on AI governance, warning the benefits of development must be balanced with the risks. But in the cavernous expo next door, the mood was more giddy than concerned. 'Demand is currently very strong, whether in terms of data, scenarios, model training, or artificial construction. The overall atmosphere in all these areas is very lively,' said Yang Yifan, R&D director at Transwarp, a Shanghai-based AI platform provider. This year's WAIC is the first since a breakthrough moment for Chinese AI this January when startup DeepSeek unveiled an AI model that performed as well as top US systems for an apparent fraction of the cost. A NEWSLETTER FOR YOU Friday, 2 pm Lifestyle Our picks of the latest dining, travel and leisure options to treat yourself. Sign Up Sign Up Organisers said the forum involved more than 800 companies, showcasing over 3,000 products – the undeniable crowd pleasers being the humanoid robots and their raft of slightly surreal party tricks. At one booth, a robot played drums, half a beat out of time, to Queen's 'We Will Rock You' while a man in safety goggles and a security vest hyped up a giggling crowd. Other droids, some dressed in working overalls or baseball caps, manned assembly lines, played curling with human opponents or sloppily served soft drinks from a dispenser. While most of the machines on display were still a little jerky, the increasing sophistication year-on-year was clear to see. The Chinese government has poured support into robotics, an area in which some experts think China might already have the upper hand over the US. At Hangzhou-based Unitree's stall, its G1 android – around 130 centimetres (four feet) tall, with a two-hour battery life – kicked, pivoted and punched, keeping its balance with relative fluidity as it shadowboxed around a ring. Ahead of the conference's opening, Unitree announced it would launch a full-size humanoid, the R1, for under US$6,000. 'Digital humans' Most high-tech helpers don't need hardware though. At the expo, AI companions – in the form of middle-aged businessmen, scantily clad women and ancient warriors – waved at people from screens, asking how their day was, while other stalls ran demos allowing visitors to create their own digital avatars. Tech giant Baidu on Saturday announced a new generation of technology for its 'digital humans' – AI agents modelled on real people, which it says are 'capable of thinking, making decisions, and collaborating'. The company recently ran a six-hour e-commerce broadcast hosted by the 'digital human' of a well-known streamer and another avatar. The two agents beat the human streamer's debut sales in some categories, Baidu said. Over ten thousand businesses are using the technology already, the department's head Wu Chenxia told AFP. Asked about the impact on jobs – one of the major concerns raised around widespread AI adoption – Wu insisted that AI was a tool that should be used to improve quality and save time and effort, which still required human input. For now, few visitors to the WAIC expo seemed worried about the potential ramifications of the back-flipping dog robots they were excitedly watching. 'When it comes to China's AI development, we have a comparatively good foundation of data and also a wealth of application scenarios,' said Transwarp's Yang. 'There are many more opportunities for experimentation.' AFP
Straits Times
8 hours ago
- Straits Times
Humanoid robots embodiment of China's AI ambitions
Find out what's new on ST website and app. A humanoid robot stands on stage after the opening ceremony of the WAIC 2025 in Shanghai, China. SHANGHAI - Serving craft beer, playing mahjong, stacking shelves and boxing, the dozens of humanoid robots at Shanghai's World AI Conference (WAIC) this weekend were embodiments of China's growing AI prowess and ambition. The annual event is primed at showcasing China's progress in the ever-evolving field of artificial intelligence, with the government aiming to position the country as a world leader on both technology and regulation as it snaps at the United States' heels. Opening the event on July 26, Premier Li Qiang announced China would set up a new organisation for cooperation on AI governance , warning the benefits of development must be balanced with the risks. But in the cavernous expo next door, the mood was more giddy than concerned. 'Demand is currently very strong, whether in terms of data, scenarios, model training, or artificial construction. The overall atmosphere in all these areas is very lively,' said Mr Yang Yifan, R&D director at Transwarp, a Shanghai-based AI platform provider. 2025's WAIC is the first since a breakthrough moment for Chinese AI this January when startup DeepSeek unveiled an AI model that performed as well as top US systems for an apparent fraction of the cost. Organisers said the forum involved more than 800 companies, showcasing over 3,000 products – the undeniable crowd pleasers being the humanoid robots and their raft of slightly surreal party tricks. Top stories Swipe. Select. Stay informed. Singapore Car that fell into Tanjong Katong Road South sinkhole removed; road remains closed for repairs Singapore Workers used nylon rope to rescue driver of car that fell into Tanjong Katong Road sinkhole Life Vet Talk: Pet owners and vets need to work together to prevent infectious zoonotic diseases Singapore Benchmark barrier: Six of her homeschooled kids had to retake the PSLE Singapore For Singapore to do well, PAP govt has to continue to hold its own: SM Lee Asia S'porean trainee doctor in Melbourne arrested for allegedly filming colleagues in toilets since 2021 Singapore Mum at 15: More teens in Singapore gave birth in 2024 Business Already owning 5 properties, woman wanted elderly dad's 4 homes At one booth, a robot played drums, half a beat out of time, to Queen's 'We Will Rock You' while a man in safety goggles and a security vest hyped up a giggling crowd. Other droids, some dressed in working overalls or baseball caps, manned assembly lines, played curling with human opponents or sloppily served soft drinks from a dispenser. While most of the machines on display were still a little jerky, the increasing sophistication year-on-year was clear to see. The Chinese government has poured support into robotics, an area in which some experts think China might already have the upper hand over the United States. At Hangzhou-based Unitree's stall, its G1 android – around 130cm tall, with a two-hour battery life – kicked, pivoted and punched, keeping its balance with relative fluidity as it shadowboxed around a ring. Ahead of the conference's opening, Unitree announced it would launch a full-size humanoid, the R1, for under US$6,000 (S$7,690). 'Digital humans' Most high-tech helpers do not need hardware though. At the expo, AI companions – in the form of middle-aged businessmen, scantily clad women and ancient warriors – waved at people from screens, asking how their day was, while other stalls ran demos allowing visitors to create their own digital avatars. Tech giant Baidu on July 26 announced a new generation of technology for its 'digital humans' – AI agents modelled on real people, which it says are 'capable of thinking, making decisions, and collaborating'. The company recently ran a six-hour e-commerce broadcast hosted by the 'digital human' of a well-known streamer and another avatar. The two agents beat the human streamer's debut sales in some categories, Baidu said. Over ten thousand businesses are using the technology already, the department's head Wu Chenxia told AFP. Asked about the impact on jobs – one of the major concerns raised around widespread AI adoption – Mr Wu insisted that AI was a tool that should be used to improve quality and save time and effort, which still required human input. For now, few visitors to the WAIC expo seemed worried about the potential ramifications of the back-flipping dog robots they were excitedly watching. 'When it comes to China's AI development, we have a comparatively good foundation of data and also a wealth of application scenarios,' said Transwarp's Yang. 'There are many more opportunities for experimentation.' AFP
Straits Times
10 hours ago
- Straits Times
US business delegation to visit China, SCMP says
Find out what's new on ST website and app. Both Washington and Beijing are working to secure a visit to China by the US president in 2025 BEIJING – A high-level delegation from the US-China Business Council will visit China this week and is expected to meet senior Chinese officials, the South China Morning Post (SCMP) reported on July 27, citing two sources familiar with the matter. The delegation will be led by FedEx Chief Executive Rajesh Subramaniam, the council's board chair, and is expected to include Boeing executives and USCBC President Sean Stein, the report added. Reuters could not immediately verify the report. 'They are expected to meet with Chinese officials - potentially to revive business discussions,' a source told the SCMP. Both sides are also working to secure a visit to China by the US president in 2025 , the SCMP report said. The council did not respond immediately to a request for comment. The visit coincides with the latest round of US-China trade negotiations in Sweden, where China's Vice-Premier He Lifeng is meeting US officials over July 27 to 30 for a new round of economic and trade talks. Top stories Swipe. Select. Stay informed. Singapore Car that fell into Tanjong Katong Road South sinkhole removed; road remains closed for repairs Singapore Workers used nylon rope to rescue driver of car that fell into Tanjong Katong Road sinkhole Asia Thai-Cambodia border shelling continues despite Trump's ceasefire call Singapore PAP has to retain its position for S'pore to keep doing well: SM Lee Asia S'porean trainee doctor in Melbourne arrested for allegedly filming colleagues in toilets since 2021 Singapore HSA will not trace vape users who throw away e-vaporisers in disposal bins at 23 CCs Singapore Mum at 15: More teens in Singapore gave birth in 2024 Business Already owning 5 properties, woman wanted elderly dad's 4 homes China faces an Aug 12 deadline to reach a durable deal with the White House or risk higher US tariffs. REUTERS
