ForgeRock: Phishing Scams Were the Biggest Contributor to Singapore’s Cyber Attacks

ForgeRock, an identity and access management software company, found that Singapore had witnessed a 43% increase in cybercrime year over year according to the findings from its 2022 Consumer Identity Breach Report,

The report noted that the largest contributing factor to the more than 16,000 reported cyberattacks were phishing scams which accounted for more than 12,000 incidents.

OCBC Bank’s customers were hit by SMS phishing scams that were described as “particularly aggressive and highly coordinated” earlier this year. The bank was hit with an additional S$330 million additional capital requirement by the Monetary Authority of Singapore (MAS).

According to the report, the next leading attack method was unauthorised access, which was used in more than 3,600 cases in 2020 compared to 1,701 in 2019.

Meanwhile, cyber extortion was the third-most-common approach, used in 245 attacks versus 68 the previous year.

However, website defacements showed a downwards trend in 2020 with just under 500 “.sg” websites were defaced a year ago, down 43% from 873 cases in 2019.

The report found that government bodies in Singapore that were commonly spoofed included the Ministry of Education (MOE), Ministry of Manpower (MOM), and the Singapore Police Force (SPF), while technology, the banking and financial services industry, and social networking firms were the main sectors attacked in 2020.

In line with the increasing attacks, MAS had recently published a set of new Business Continuity Management Guidelines (BCMG) that outlines measures that financial institutions can employ to sustain critical business services and to minimise service disruption.

MAS also warned banks that it would take supervisory action if the total unscheduled downtime for each critical system exceeds four hours within any 12-month period.

Fran Rosch

“This is no time for security teams to let their guard down as cybercriminals are getting even more bold in how they score their next payday. Exploits that target people’s usernames and passwords to break into organisations are becoming more sophisticated.

Now more than ever, companies need to adopt digital identity and access management solutions that strengthen their security posture without compromising the user experience.”

said Fran Rosch, CEO, ForgeRock.