
Singapore is facing 'serious' cyberattack, says National Security Minister K. Shanmugam
SINGAPORE (AFP): Singapore announced it was battling a "serious" cyberattack against its critical infrastructure, attributing the hack to an espionage group that experts have linked to China.
The attack, a kind of Advanced Persistent Threat (APT), poses a serious danger to the city-state, Coordinating Minister for National Security K. Shanmugam said in a speech late Friday.
An APT refers to a cyberattack where an intruder establishes and maintains unauthorised access to a target, remaining undetected for a sustained period of time.
"I can say that it is serious and it is ongoing. And it has been identified to be UNC3886," he said.
Shanmugam, who is also home affairs minister, did not elaborate on the group's sponsors or the origin of the attack.
But Google-owned cybersecurity firm Mandiant described UNC3886 as a "highly adept China-nexus cyber espionage group".
APT actors typically steal sensitive information and disrupt essential services, such as healthcare, telecoms, water, transport and power, minister Shanmugam said.
"If it succeeds, it can conduct espionage and it can cause major disruption to Singapore and Singaporeans," he added.
A successful breach of Singapore's power system, for example, could wreak havoc with the electricity supply, with knock-on effects on essential services, such as healthcare and transport.
"There are also economic implications. Our banks, airports and industries would not be able to operate. Our economy can be substantially affected," he said.
Between 2021 and 2024, suspected APTs against Singapore increased more than fourfold.
A cyber breach on a public healthcare cluster in 2018 accessed the medication records of about 160,000 patients, including then-prime minister Lee Hsien Loong.
On Saturday, China's embassy in Singapore expressed "strong dissatisfaction" with media reports linking UNC3886 to China.
In a statement, the embassy said it "firmly opposes any unwarranted smearing of China" and that "in fact, China is one of the main victims of cyberattacks".
The statement added: "China firmly opposes and cracks down on all forms of cyberattacks in accordance with the law. China does not encourage, support, or condone hacking activities."
The attack on Singapore's critical infrastructure "highlights the extraordinary challenges posed by APT actors," said Satnam Narang, senior staff research engineer at US-based cybersecurity firm Tenable.
"Combating such stealthy opponents is becoming increasingly demanding as the scale and complexity of IT infrastructure that organisations and nations must defend continues to grow," he said. - AFP
Hashtags

Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles


The Sun
12 minutes ago
- The Sun
China denies ties to cyber espionage group targeting
SINGAPORE: The Chinese embassy in Singapore has dismissed allegations connecting an espionage group to cyberattacks targeting the country's critical infrastructure. In a Facebook statement, the embassy labeled the claims as 'groundless smears and accusations.' 'The embassy would like to reiterate that China is firmly against and cracks down all forms of cyberattacks in accordance with law. China does not encourage, support or condone hacking activities,' the statement read. The response follows remarks by a Singaporean minister last Friday, who identified UNC3886 as a threat to 'high value strategic targets, vital infrastructure that delivers essential services.' While the minister did not attribute the attacks to China, cybersecurity firm Mandiant—owned by Google—has previously linked UNC3886 to China, citing its operations against defence, tech, and telecom sectors in the U.S. and Asia. Beijing has consistently denied involvement in cyberespionage, maintaining its stance as a victim rather than a perpetrator of such threats. Singapore's critical infrastructure spans energy, water, finance, healthcare, transport, and emergency services, according to its cyber agency. - Reuters


The Star
an hour ago
- The Star
WhatsApp should prepare to exit Russian market, senior lawmaker says
The Meta-owned service is likely to be added to a list of software subject to restrictions due to its ties to Western countries, Gorelkin said. — AFP MOSCOW: Messaging app WhatsApp may soon be blocked in Russia, as lawmakers push for tighter restrictions on digital platforms from "unfriendly countries". "It's time for WhatsApp to prepare to leave the Russian market," Anton Gorelkin, deputy chairman of the Duma Committee on Information Policy, wrote on Telegram on July 18. The Meta-owned service is likely to be added to a list of software subject to restrictions due to its ties to Western countries, he said. Programmes from Western IT companies that have left Russia have long been a thorn in the Kremlin's side. Back in May, Russian President Vladimir Putin called for their services to be curtailed. In 2021, following a decree by Putin, the Russian government began compiling a list of "unfriendly countries," which initially included the United States and the Czech Republic. It was expanded after the invasion of Ukraine to encompass the European Union as a whole. In June, the Russian parliament, the State Duma, also passed a law to create its own messenging service. At the time, it was said that government services would also be integrated into this chat programme, likely to be called Max. Since the start of Russia's full-scale invasion of Ukraine more than three years ago, Moscow has massively tightened censorship and control of the Internet. On Thursday, parliament passed new legislation that makes searching for content that the authorities classify as "extremist" punishable by fines of up to 5,000 roubles (RM 269 ). Internet resources that criticise the ruling elite, such as The Anti-Corruption Foundation started by the late opposition leader Alexei Navalny, are among the sites targeted. Until now, there has been no legal regulation in Russia that would have hindered the free search for information. Only the creation and dissemination of "extremist content" was prohibited. Numerous websites, including those of Western and independent media, are already blocked in Russia. To make it even more difficult for Russians to access content, VPN services are increasingly being blocked. Mobile internet is also being shut down with increasing frequency. – dpa


Malay Mail
an hour ago
- Malay Mail
China embassy rejects links to UNC3886 cyberattacks on Singapore as ‘groundless smear'
SINGAPORE, July 21 — The Chinese embassy in Singapore refuted claims that an espionage group accused of performing cyberattacks on Singapore's critical infrastructure was linked to China. In a Facebook post published over the weekend, the Chinese embassy said such claims were 'groundless smears and accusations'. 'The embassy would like to reiterate that China is firmly against and cracks down all forms of cyberattacks in accordance with law. China does not encourage, support or condone hacking activities,' it wrote on Saturday. Last Friday, a Singapore minister said the espionage group UNC3886 was 'going after high value strategic threat targets, vital infrastructure that delivers essential services' but did not give details of the attacks. The minister did not link the group to China but Google-owned cybersecurity firm Mandiant has described UNC3886 as a 'China-nexus espionage group' that has attacked defence, technology and telecommunications organisations in the United States and Asia. Beijing routinely denies any allegations of cyberespionage, and says it opposes all forms of cyberattacks and is in fact a victim of such threats. Singapore's critical infrastructure sectors include energy, water, banking, finance, healthcare, transport, government, communication, media, as well as security and emergency services, according to the country's cyber agency. — Reuters