Geographically speaking, Singapore is as close to the middle of the earth as it gets: just one degree off the equator. So, it is fitting that, as a global financial and technological destination, Singapore thrives on interconnectedness. However, this digital landscape also exposes Singapore to a growing array of cyber threats.
For example, in 2022, 132 ransomware attacks were reported in Singapore – a fourfold increase since 2019. This was part of a notable jump in overall cyber threats in Q2 of 2022. The recent attack on law firm Shook Lin & Bok led to the firm (allegedly) paying a $18.9mn Bitcoin ransom. Against this arsenal of threats, Singapore has begun to embrace the innovative technology of artificial intelligence (AI). It creates a high-stakes race to stay one step ahead of malicious actors.
The ransomware threat
Ransomware and data breaches have a notorious history in Singapore. Attacks have targeted critical infrastructure, including Singapore’s Ministry of Defence (MINDEF). The result was a breach that stole the personal data of 850 national service members and employees.
In 2018, the personal data of 1.5 million SingHealth patients were compromised. This was followed by the 2023 healthcare service outage as a result of a Denial-of-Service (DoS) attack.
Against this backdrop, a 2023 survey from the Singapore Cybersecurity Agency (CSA) reported that 84% of organisations had encountered a ransomware attack. Of these, 99% said they suffered negative effects on their operations, such as business disruptions, data loss, and reputational damage.
The threat is growing. Contemporary reports suggest that the rise of “Ransomware-as-a-Service” (RaaS) models is a particular risk to Singapore. Singapore has one of the highest internet penetration rates in the world, at 99%. This means that Singaporean businesses are unusually exposed to online threats.
This seriousness has been reflected in the partnership between Singapore and the United Kingdom. They are co-chairs of the Counter Ransomware Initiative (CRI). This is an international effort to ‘publicly denounce ransomware and strongly discourage paying ransomware demands’.
But ransomware is not the only threat in town. In a recent keynote address, David Koh, chief executive of the CSA, reflected that few users appreciate the security risks of the cloud. They also lack the expertise to implement the complex security controls needed to safeguard virtual networks and data.
Consequently, the Singaporean government has developed a range of programmes. These are designed to improve the cyber readiness of enterprises. They also include standards to assess cyber hygiene.
Following these initiatives, the CSA recently announced a public consultation exercise around technical guidelines to secure artificial intelligence (AI) systems. It has also called for industry involvement.
AI: The double-edged sword
Artificial intelligence is both a cause and cure for cybersecurity woes. Attackers can leverage AI to automate attacks, craft more convincing phishing emails, and bypass security measures.
But AI can be a powerful defensive measure. AI-driven solutions can analyse vast amounts of data to identify patterns and anomalies indicative of an attack. Machine learning algorithms can be used to detect and block malicious activity.
Such automated threat detection and analysis makes AI a superb tool to complement existing security measures, but not to replace them. Of course, AI must be placed alongside increased cybersecurity awareness and a complete data security strategy.
But even with such caveats, it is clear that AI is set to play a key part in Singapore’s cybersecurity. The CSA has already begun collaborating with industry partners and the broader cybersecurity community. It has agreements with Google, Microsoft, and NTT to formalise the exchange of threat intelligence to improve AI-driven countermeasures to threats.
This builds on the Singaporean development of an AI governance testing framework that evaluates AI deployment against objective technical trials and process checks.
Gatewatcher GAIA
One way of injecting generative AI into the defensive cybersecurity landscape is through new investment in solutions such as network detection and response (NDR). As a leader in this field, Gatewatcher has developed GAIA, a generative AI assistant designed to accelerate the detection, qualification, and analysis of cybersecurity incidents within SOC teams.
Generative AI improves these teams’ defensive posture by making it easier to implement security policies. Greater accuracy of security alerts enhances response, and faster decision-making and actions improve remediation.
NDR systems leverage AI to bolster cybersecurity by better anomaly detection, automated threat analysis, and incident response. Beyond this, AI can continuously scan the network for hidden threats, freeing up security analysts to focus on strategic tasks. Because Singapore’s cybersecurity landscape is evolving rapidly, enterprises must stay vigilant and adapt defences. This will make the power of AI a vital issue.
As the AI-driven evolution of ransomware threats and NDR solutions shows, the existing cybersecurity battle has intensified. By investing in key technologies, Singapore can now maintain its position as a thriving – and secure – digital hub.
Leader in the detection of cyber threats, Gatewatcher has been protecting the critical networks of worldwide large companies and public institutions since 2015. Our Network Detection and Response (NDR) and Cyber Threats Intelligence (CTI) solutions, quickly detect and respond to any cyber-attacks. Thanks to AI converging with dynamic analysis techniques, Gatewatcher delivers a real-time 360-degree view of threats, covering both cloud and on-premise infrastructures.