[ CAMPUS CLOSURE NOTICE ] Read More

Our City Campus: Main Wing and STEM Wing will be closed from 25 December 2024 to 1 January 2025. Merry Christmas & Happy New Year!

What Are the Most Dangerous Cyber Security Threats?

Posted on: 05th June, 2023

As Singapore continues to position itself as a leading digital and Smart Nation, the country’s rapid digital transformation has made it a target for cybercriminals. According to the Cyber Security Agency of Singapore (CSA), cyber-attacks have been on the rise, with the number of ransomware-reported incidents increasing by 54% in 2021 compared to the previous year.

The consequences of these threats can range from minor inconveniences to devastating financial losses and even threats to national security. In this blog, we will delve into the different types of cyber security threats faced by Singaporeans today and discuss how they can impact individuals, organisations, and the nation as a whole.

1. Ransomware

Ransomware is a type of malicious software that encrypts a victim’s files, rendering them inaccessible. The attacker then demands a ransom, typically in cryptocurrency, to unlock the files. In 2021, Singapore saw a significant increase in ransomware incidents, with 89 cases reported. Ransomware attacks have become increasingly sophisticated, targeting not only individuals but also large organisations, including hospitals and schools. For example, in February 2021, the personal data of 129,000 Singtel users were leaked and put on the Dark Web, according to Straits Times.

These attacks can lead to significant financial losses and operational disruption, and there is no guarantee that paying the ransom will result in the recovery of the encrypted data. To protect against ransomware, it is crucial to maintain regular backups of important files and to employ strong security measures such as firewalls and antivirus software.

2. Phishing

Phishing is a social engineering attack that tricks users into providing sensitive information or granting unauthorised access to systems. Attackers typically use deceptive emails or websites that appear to be from trusted sources, such as banks or reputable companies. Once the victim enters their information, the attacker can use it for malicious purposes, such as identity theft or financial fraud.

In Singapore, phishing cases were the most common ruse in 2022, with 7,097 reported incidents, as per Straits Times. Phishing attacks are increasingly sophisticated, with targeted “spear phishing” campaigns aimed at specific individuals or organisations. To combat phishing, it is essential to educate users about the risks, implement advanced email filtering, and encourage the use of multi-factor authentication. Additional solutions such as email security software can be implemented to further protect against phishing attacks. These employ advanced filtering, sandboxing, and machine learning to block phishing emails and malicious links. Anti-malware and endpoint security software is another anti-phishing solution that protects devices by scanning for and removing malware while preventing unauthorised access to sensitive data through continuous monitoring and blocking of suspicious activities.

3. Website Defacements

Website defacements involve unauthorised modifications to the appearance or content of a website, often with the intention of spreading political messages or showcasing the attacker’s skills. In Singapore, website defacements continue to be a prevalent issue, with 419 ‘.sg’ websites defaced in 2021, according to CSA.

While these incidents generally do not result in significant financial losses or the exposure of sensitive data, they can still cause reputational damage and undermine trust in the targeted organisation or entity. One effective solution to help prevent website defacements is the use of a web application firewall (WAF). WAFs are designed to protect web applications from known and emerging threats and vulnerabilities, safeguard sensitive data, and ensure the integrity and availability of web applications. However, WAFs should be used in conjunction with other security measures, such as secure coding practices, regular software patching, and strong authentication mechanisms, to form a comprehensive security strategy that includes multiple layers of protection for robust web application security.

4. Advanced Persistent Threats (APTs)

Advanced persistent threats (APTs) are highly sophisticated, long-term cyberattacks that target specific organisations or nations. APTs are typically state-sponsored or state-affiliated groups with significant resources at their disposal, enabling them to infiltrate networks, steal sensitive information, and disrupt critical infrastructure. APTs often use a combination of custom malware, zero-day exploits, and social engineering tactics to achieve their goals.

Perimeter defense technology and firewalls help guard against APTs by creating a robust protective barrier around the network. Perimeter defense technology monitors and controls incoming and outgoing network traffic based on predetermined security rules, detecting and preventing unauthorised access, intrusion attempts, and data exfiltration.

Firewalls, as hardware or software-based security systems, regulate traffic flow between networks, acting as a barrier between trusted and untrusted networks. Together, they secure network perimeters, reduce the likelihood of successful APT intrusions, and limit potential damage caused by advanced attacks.

5. Internet of Things (IoT) vulnerabilities

The Internet of Things (IoT) refers to the billions of interconnected devices, such as smart home appliances, wearable technology, and industrial sensors, that communicate and exchange data. While IoT devices offer numerous benefits, they also present significant security risks. Many IoT devices have poor security measures, making them easy targets for attackers who can exploit these vulnerabilities to gain unauthorised access to networks or launch large-scale distributed denial of service (DDoS) attacks. Standard network security tools, such as such as firewalls, intrusion detection and prevention systems (IDPS), virtual private network (VPN) solutions, and network monitoring tools can be used to safeguard against IoT vulnerabilities. These instruments aid in securing the communication between IoT devices and the network while identifying and obstructing potential attacks.

Kickstart Your Cyber Security Education with PSB Academy

The rising number of cyberattacks highlights the importance of staying vigilant and adopting robust cyber security measures. It is crucial for governments and organisations to educate themselves about these threats, invest in advanced security tools, and implement best practices to mitigate the risks associated with an increasingly interconnected world.

Understanding the importance of equipping aspiring cyber security specialists with the knowledge and expertise to tackle ever-evolving cyber threats, PSB Academy offers a suite of cyber security courses at different academic levels – diploma, bachelor’s degree and postgraduate, to cater to different learning needs.

The 12-month Diploma in Network Defence and Forensic Countermeasures comprises specialised cybersecurity modules developed by EC-Council coupled with essential InfoComm Technology modules, allowing you to acquire professional skills such as identifying and implementing network security controls, software engineering and more, while developing the ability to utilise forensic tools to perform electronic evidence collection.

After completing your diploma, you can progress to a bachelor’s degree with one of our partner universities – Edith Cowan University and Coventry University. At the degree level, you’ll focus on the practical and theoretical dimensions of cyber security across a range of areas such as digital forensics, information security governance, cryptographic concepts and many more.

For individuals who are looking for a career switch to the cyber security field, our Postgraduate Diploma in Cyber Security (E-Learning) is designed to equip students with the necessary skills, allowing them to work at a professional level. You’ll learn concepts such as computer networking, ethical hacking, computer forensics investigations, information security management, linux shell programming, and IoT fundamentals and Security. The course will also be a stepping stone for you to further your study at Master Level – Master of Science in Cyber Security, where you’ll gain a comprehensive and deeper understanding of security principles, and equip yourself with practical techniques used in solving security problems.

Contribute to a safer online environment by exploring a fulfilling career in cyber security. Begin your journey towards a thriving career in cyber security by signing up for a course at PSB Academy today.