Most organisations suffered around 4 cyber attacks in 2018: Report
Cyber-security provider says human error contributed greatly to such attacks
Almost all the organisations and businesses polled in a new survey said they have suffered close to four cyber attacks in the past year.
Of the 250 company leaders and executives polled, only 4 per cent said their organisations were not attacked, according to private cyber-security provider Carbon Black.
The US-based company released its first Singapore Threat Report yesterday. The organisations and businesses polled cut across sectors such as finance, healthcare, government, retail, manufacturing and media.
"Our first Singapore threat report indicates that organisations in Singapore are under intense pressure from escalating cyber attacks," said Mr Rick McElroy, head of security strategy for Carbon Black.
The survey was conducted in January and forms part of a global research project that Carbon Black is working on in other countries, including Canada, France, Germany, Italy and Japan.
The most prolific type of attack in Singapore is ransomware, a kind of software designed to block access to a computer system until a sum of money is paid.
More than a quarter of those surveyed said they frequently encountered such an attack.
The next common attacks are malware, or malicious software specifically designed to disrupt, damage, or gain unauthorised access to a computer system, and breaches to the cloud Google Drive.
Carbon Black said human error contributed significantly to cyber attacks. Phishing attacks, which involve the gathering of personal information using deceptive e-mails and websites, were the root of 14 per cent of successful breaches.
In Singapore's worst cyber attack, the SingHealth data breach, phishing was one of the ways the attackers got into the healthcare cluster's system.
The breach resulted in the stolen data of more than 1.5 million patients, including that of Prime Minister Lee Hsien Loong.
Carbon Black's survey results come after news that a new committee to review and strengthen data security practices across the entire public service has been set up.
The Public Sector Data Security Review Committee will look into how data is collected and protected by the agencies, vendors and authorised third parties, and recommend improvements.
Commenting on his company's survey results, Mr McElroy said in a media release: "The research indicates increases across the board in attack volume and sophistication, causing frequent breaches.
"In response, an encouraging number of Singapore organisations are adopting threat hunting and seeing positive results.
"As threat-hunting strategies start to mature, we hope to see fewer attacks making it to full breach status."