Critical infrastructure in Singapore under attack by cyber espionage group: Shanmugam
Naming the nation's attacker for the first time on Friday (July 18), Coordinating Minister for National Security K. Shanmugam said that Singapore is facing serious threats from state-linked advanced persistent threat (APT) actors.
These are well-resourced attackers that use sophisticated techniques to evade detection. They lurk in networks to spy over the long term, to steal sensitive information or disrupt essential services, among other objectives.
"UNC3886 poses a serious threat to us, and has the potential to undermine our national security," said Mr Shanmugam at the Cyber Security Agency of Singapore's (CSA) 10th anniversary dinner at Sands Expo and Convention Centre.
"Even as we speak, UNC3886 is attacking our critical infrastructure right now."
Mr Shanmugam, who is also Home Affairs Minister, did not disclose UNC3886's sponsors, but experts have said that the group is linked to China.
Cyber-security firm Mandiant first detected the Chinese espionage group in 2022. UNC3886 is said to have targeted prominent strategic organisations - including those in the defence, technology and telecommunication sectors - on a global scale.
APT hackers like UNC3886 gain unauthorised access into networks by employing techniques such as custom malware and tools available on the victim's system to evade detection. Zero-day exploits, which are unpatched vulnerabilities, are also typically used to gain entry to networks.
Mr Shanmugam said CSA and relevant agencies are actively dealing with the attack, and are working with relevant critical information infrastructure owners.
Describing UNC3886 as highly sophisticated and persistent in victim networks, he said: "The intent of this threat actor in attacking Singapore is quite clear. They are going after high-value, strategic targets - vital infrastructure that delivers our essential services.
"If it succeeds, it can conduct espionage, and it can cause major disruption to Singapore and Singaporeans."
Mr Shanmugam said the number of suspected APT attacks in Singapore has increased more than fourfold from 2021 to 2024.
Illustrating how APTs seriously threaten national security, Mr Shanmugam said a cyber attack on Singapore's power system could disrupt its electricity supply, which could have a knock-on effect on other essential services such as healthcare or transport.
"There are also economic implications. Our banks, airport and industries would not be able to operate. Our economy can be substantially affected," he said.
Attacks on Singapore's telco systems and payment systems can have very serious consequences too, he added.
He said attacks on the nation's systems and infrastructure will impact how it does business, with Singapore having to relook its vendors and supply chains.
Trust and confidence in Singapore as a whole can also be affected, he added.
"Businesses may shy away if they are unsure about our systems - whether the systems are clean, resilient, safe," he said.
Mr Shanmugam cited APT attacks in Ukraine that caused a power outage. He also cited a cyber attack on a South Korean telecommunications company in April 2025 that exposed the SIM data of nearly 27 million users and caused widespread concern in the country.
"Singapore has been attacked as well. We are a relevant country geopolitically. We are a digital and data hub that connects the world," he said. "People want to get into our systems, to both influence us and threaten us."
He highlighted some attacks from APT actors in Singapore that have been made public, but where the culprits were not named due to national security reasons.
These include an incident in 2014 when the authorities detected a security breach in the Ministry of Foreign Affairs' technology systems. Steps were taken to isolate the affected devices, and the networks were strengthened following the discovery.
In what was the first sophisticated attack against universities here, NUS and NTU discovered intrusions in their networks in 2017.
No classified data or student personal data was stolen. But the attackers were believed to have targeted the two institutions to steal government and research data. The universities were involved in government-linked projects for the defence, foreign affairs and transport sectors.
Then in 2018, Singapore experienced its worst data breach involving the personal particulars of 1.5 million patients, including then Prime Minister Lee Hsien Loong.
The attacker in the SingHealth breach was said to be persistent in its efforts to penetrate the network, bypass the security measures, and illegally access and exfiltrate data.
The attacker is believed to have lurked in the healthcare group's network for at least nine months. Its mission: to access SingHealth's electronic medical records system, which is critical information infrastructure in Singapore. The unauthorised transfer of sensitive data took place in 2018.
Most recently in 2024, about 2,700 devices in Singapore were discovered to have been infected after CSA took part in a cyber operation against a global botnet.
APT hackers behind the botnet exploited poor cyber hygiene practices to infect devices, including baby monitors and internet routers. No critical information infrastructure was affected by the attack.
Mr Shanmugam said Singapore has been and continues to be attacked by cyber threat actors.
He cited a survey which showed that nearly 80 per cent of organisations in Singapore have experienced some form of cyber attack.
At the event on July 18, CSA chief executive David Koh noted that cyberspace is contested, and that the agency is on the front line of this dynamic domain.
"We will continue to be agile, to adapt to emerging threats, and to demonstrate our collective will and commitment to secure Singapore's cyberspace," he added.
This article was first published in The Straits Times. Permission required for reproduction.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
AsiaOne
an hour ago
- AsiaOne
Man gets 16 weeks' jail for molesting teen on MRT train, stealing wallet, Singapore News
A Peruvian man has been sentenced to 16 weeks jail for molesting a teenager on an MRT train as well as stealing a wallet, according to court records. The man had asked the 13-year-old victim for directions to the Downtown Line at Dhoby Ghaut MRT Station at around 5.30pm on May 18. The man cannot be named due to a gag order to protect the victim's identity, according to court records. The girl told him to take a train to Little India and transfer from there, according to the case. When his train arrived, however, the 60-year-old suddenly grabbed the teen's hand and pulled her into the carriage, asking her to sit next to him. She was so frightened that she did not know what to do, reported Shin Min Daily News. The man then put his left hand on her thigh and continued talking to her. Upon arriving at Little India MRT station, the man took the girl's hand and asked her to go to a restaurant with him, but she refused. He then let go and walked out by himself, reported the Chinese evening daily. When the teen finally made it to Sengkang MRT station, which was her intended destination, she told her sister about the incident. The latter relayed the information to their father, who called the police, according to Shin Min. Came to Singapore with intentions to steal The man, who works as a chef in Penang, flew to Singapore from Kuala Lumpur on May 11 with plans to stay for two weeks and commit theft, according to the case. He had been told by a friend that it was easy to steal things in Singapore, reported Shin Min. The man reportedly stole a black Louis Vuitton wallet from a woman's bag at Lau Pa Sat on May 17 while she was not paying attention. The wallet, valued at $1,000, contained about $1,010 worth of Hong Kong dollars, Australian dollars, Japanese yen and Singapore dollars, as well as an Australian SIM card and four credit cards. The man was also accused of stealing another diner's bag in a restaurant the previous night. He found nothing valuable except a mobile phone, which he pocketed before discarding the bag. The man appeared in court on Monday (July 21), facing five charges, including molestation and theft, three of which he pleaded guilty to. The man also reportedly requested for leniency, admitting to his mistakes. He is yet to make any compensation for the stolen items. [[nid:717062]]
Business Times
an hour ago
- Business Times
Trump deals bring some clarity for world's manufacturing base
[HONG KONG] After months of uncertainty, US President Donald Trump's latest tariff deals are providing clarity on the broad contours of a new trade landscape for the world's biggest manufacturing region. Trump on Tuesday (Jul 22) announced a deal with Japan that sets tariffs on the nation's imports at 15 per cent, including for autos, by far the biggest component of the trade deficit between the countries. A separate agreement with the Philippines set a 19 per cent rate, the same level as Indonesia agreed and a percentage point below Vietnam's 20 per cent baseline level, signalling that the bulk of South-east Asia is likely to get a similar rate. At the same time, US Treasury Secretary Scott Bessent said he will meet his Chinese counterparts in Stockholm next week for their third round of talks aimed at extending a tariff truce and widening the discussions. That suggests a continuing stabilisation in ties between the world's two largest economies after the US recently eased chip curbs and China resumed rare earths exports. 'We are getting along with China very well,' Trump told reporters on Tuesday. 'We have a very good relationship.' Throw it all together and a level of predictability is finally emerging after six months of tariff threats that had at one point jacked up tariff levels to 145 per cent on China and nearly 50 per cent on some smaller Asian exporters. BT in your inbox Start and end each day with the latest news stories and analyses delivered straight to your inbox. Sign Up Sign Up Investors cheered the moves, with Asian shares rising the most in a month and contracts for the S&P 500 up 0.2 per cent. The Nikkei-225 index in Japan jumped 3.2 per cent, with Toyota Motor and other carmakers leading the gains. Back in April, Trump hit the pause button on the steepest levies after a rare combination of weakening US stocks, bonds, and the US dollar showed investors were unnerved by his protectionist salvos. That bought time for policymakers from Tokyo, Manila and across the globe to negotiate more palatable deals. Although the latest deals bring some relief, key questions remain. The Trump administration is still considering a range of sectoral tariffs on goods such as semiconductors and pharmaceuticals that will be critical for Asian economies, including Taiwan and India, both of which have yet to announce tariff agreements with the US. South Korea is also more exposed to sectoral tariffs, even though the Japan deal provides a potential template for new President Lee Jae Myung. As Trump moves quickly on talks with countries accounting for the bulk of the US trade deficit, he has said he may hit around 150 smaller countries with a blanket rate of between 10 per cent and 15 per cent. With some certainty on tariff levels now emerging, businesses with complex supply chains across Asia and still reliant of the US consumer can start to game out how they will shift operations to minimise the hit to sales. For US consumers who have so far been spared the tariff ticket shock, economists warn there's likely to be some pass-through in the months ahead. The front-loading of shipments from Asia to the US to get ahead of the incoming levies will likely slow once the new rates kick in. While there's relief that tariff rates for South-east Asian economies and 15 per cent for Japan are lower than some of Trump's earlier threats, the reality is that they are far higher than they were before he took office. The latest deals 'continue the trend of tariff rates gravitating towards the 15 to 20 per cent range that US President Donald Trump recently indicated to be his preferred level for the blanket rate instead of 10 per cent currently', Barclays analysts including Brian Tan wrote in a note. That skews risks to GDP growth forecasts for Asia 'to the downside', they wrote. US Federal Reserve chair Jerome Powell has argued he wants to see where tariffs land and how they filter through the economy before cutting interest rates – much to the annoyance of Trump. For now, Trump is hailing a win on trade, and investors seem overall relieved. 'I just signed the largest trade deal in history, I think maybe the largest deal in history, with Japan,' Trump said at an event at the White House on Tuesday after announcing the deal on social media. 'It's a great deal for everybody.' BLOOMBERG
Straits Times
an hour ago
- Straits Times
China 'clearly' trying to interfere in Taiwan's democracy, Taipei says before recall vote
TAIPEI - China is "clearly" trying to interfere in Taiwan's democracy and it is up to Taiwan's people to decide who should be removed from or stay in office, the island's government said on Wednesday ahead of a recall vote for around one-fifth of lawmakers. On Saturday, Taiwan voters will decide on the fate of 24 lawmakers from Taiwan's largest opposition party, the Kuomintang (KMT), in a recall campaign started by civic groups who accuse the lawmakers of cozying up to Beijing, which views the island as its own territory. The KMT denies being pro-Beijing, but says it needs to keep lines of communication with China open, and has denounced the recalls as a "malicious" attack on democracy that does not respect the results of last year's parliamentary election. China's Taiwan Affairs Office and Chinese state media have repeatedly commented on the recall vote and used some of the same talking points as the Kuomintang, Reuters reported this week. In a post on Facebook citing the Reuters report and research by Taiwan's IORG, which analyses Chinese state media reports, Taiwan's Mainland Affairs Council said it "rejects the Chinese Communist Party's intervention". "The Chinese Communist Party's attempt to interfere with Taiwan's democratic operation is evident and clear," it said. "Recall in Taiwan is a civil right guaranteed by the constitution, and it is up to the people of Taiwan to decide who should or should not be removed from office." Top stories Swipe. Select. Stay informed. Singapore S'pore's domestic recycling rate drops to all time low of 11% Singapore HDB launches 10,209 BTO and balance flats, as priority scheme for singles kick in Business Singapore's digital banks finding their niche in areas like SMEs as they narrow losses in 2024 Asia Japan Prime Minister Ishiba to resign by August, Mainichi newspaper reports World Trump says US will charge 19% tariff on goods from Philippines, down from 20% Singapore Two found dead after fire in Toa Payoh flat Singapore 2 foreigners arrested for shop theft at Changi Airport Singapore Ports and planes: The 2 Singapore firms helping to keep the world moving China's Taiwan Affairs Office did not respond to a request for comment. It has also not responded to questions submitted last week by Reuters about the recall and whether China was seeking to interfere in the outcome. The recall campaign has been happening against a backdrop of China ramping up its own military and diplomatic pressure campaign against Taiwan to assert territorial claims that Taiwan resolutely rejects. REUTERS
