This article is more than 1 year old

Criminals prefer to WFH too: Singapore infosec agency says 43% of all crimes in the city-state happened online in 2020

The times they are a-changin'

The Cyber Security Agency of Singapore (CSA) today released data revealing that cybercrime accounted for 43 per cent of all crime in the city-state during 2020.

"Although the number of phishing incidents remained stable and website defacements declined slightly, malicious cyber activities remain a concern amid a rapidly evolving global cyber landscape and increased digitalisation brought about by the COVID-19 pandemic," said the agency.

The CSA said attackers capitalised on pandemic-related anxiety, targeting e-commerce, data security, vaccine-related research, and operations, including contact-tracing operations.

Ransomware attacks rose 154 per cent from 35 cases in 2019 to 89 in 2020, shifting from what CSA called "indiscriminate, opportunistic attacks" to "Big Game Hunting". They also adopted leak and shame tactics, and Ransomware-as-a-Service (RaaS) models.

The number of malicious command-and-control servers operating also rose 94 per cent between 2019 and 2020, with Emotet and Cobalt Strike malware responsible for one-third.

Botnet buzzing rose from an average of 2,300 per day in 2019 to 6,600 a day in 2020, with Mirai and Gamarue malware infecting ranges of IP addresses and targeting increasing use of IoT devices.

Phishing remained about level, with COVID-themed scams accounting for 10 per cent of URL spoofing experienced by online retail and payment portals. Website defacement decreased by 43 per cent, consistent with global trends. Most cases affected SMEs, none affected government entities.

Online cheating cases made up the top cybercrime activity, rising 62 per cent, attributed to the growth of e-commerce amid COVID restrictions.

The report said trends to watch out for include evolving traits of ransomware attacks, targeting of remote workforces by taking advantage of poorly configured networks, and an increase in supply chain breaches now that attacks like the one on SolarWinds have proven successful. ®

More about


Send us news

Other stories you might like