Manufacturing is Singapore’s most targeted industry by cyberattacks in 2023

Photo by Lewis Kang'ethe Ngugi

Ensign InfoSecurity has identified Manufacturing as the most targeted industry by cyber threats in 2023.  This key insight was among many others in Ensign’s fifth edition of its Cyber Threat Landscape Report (CTL) 2024 launched today, which draws on Ensign’s proprietary and cyber threat intelligence sources.

Manufacturing contributes over 20% to Singapore’s GDP, and companies in this sector  are targeted for three possible reasons:

  1. They possess an abundance of valuable data ranging from contracts, supplier details, trade secrets, industrial designs, and personal information
  2. They operate continuously running machinery where a disruption could have safety or business operational impact, and
  3. The cyber hygiene in this sector is lower than in other more tightly regulated industries. Our report also examines the recent regulatory disclosure requirements by SGX and other jurisdictions to shed light on the corporate incidents being reported here.

The report also noted that Ransom was the primary objective of more than 50% of all observed cyberattacks in Singapore (52.9%), where attackers attempted to extort the victim for money after the incident. This reflects a global worsening of the ransomware threat for corporates. In a deep-dive analysis, the report explored how these attackers operate, and how they “double” extort their victims as a new tactic.

Encouragingly, Ensign has observed a heightened awareness of potential cyber threats across the six territories in 2023. The average “dwell time”, which measures how long the attacker stays inside their victim’s networks before discovery, fell sharply across industries (the maximum dwell time fell from 1095 days to 49 days), suggesting that defenders are getting better and detecting even stealthy cyber attackers.

Finally, the report also included insights into how hacktivism (cyberattacks conducted by individuals or groups in support of a cause or ideology) has become a serious and worrying threat for organisations; how recent supply chain attacks, especially on network devices, are getting more rampant; and the threats and risks posed by Artificial Intelligence in the cyber and information domains. The report concluded with suggestions for defenders, on how they can prepare their organisations for such threats.

“The cyber threat landscape is unfortunately worsening, with ransomware evolving to become the most pressing concern at the management and leadership level of companies and even nations,” shared Gaurav Keerthi, Head of Advisory & Emerging Business, Ensign InfoSecurity. “Singapore is a very attractive target for these attackers, given our dense network of digital infrastructure and our highly digitalised companies and citizens.

“Understanding our threats, how they think and operate, is critical to determining how we can defend ourselves. We hope that Ensign’s Cyber Threat Landscape Report – especially the suggestions for defenders – can help raise the baseline for all companies, to keep cybercriminals at bay.”