Check Point® Software Technologies Ltd. Has released its Singapore Cyber Threat Landscape 2025 report from the Check Point Exposure Management Research team.
The findings reveal a sharp escalation in sophisticated cyber activity, characterised by high attack volumes, aggressive ransomware tactics, and a significant rise in nation-state espionage targeting critical infrastructure.
In 2025, over 130 major incidents were recorded, with the impact spanning both public and private sectors. The report identifies ransomware as the most prevalent threat, accounting for 58% of all recorded cyber incidents, with a notable surge in the targeting of government ministries and authorities.
Key Findings for Singapore:
- Ransomware & Hacktivism: Over 60 cases of ransomware were recorded in 2025. Sophisticated groups like Qilin and Lynx led the surge, employing double-extortion tactics to exfiltrate and encrypt sensitive data.
In one high-profile incident, a local chemical manufacturer allegedly lost 165 GB of sensitive data to Qilin. In parallel, information system disruptions were largely attributed to hacktivist collectives, including HIME666 and NullSec Philippines. - Targeting the Government: Government sites were the primary targets for disruption; 44% of DDoS victims were within the government sector, with a majority of targets using the ‘gov.sg’ domain. Business services followed at 30%.
- Sectors at Risk: Business services (32%) and retail (15%) remain the most targeted sectors, reflecting Singapore’s role as a global financial and data hub. While retail was the second most targeted sector overall (17%), it was the most vulnerable to data breaches, accounting for 42% of all breach incidents in 2025.
- The Rise of AI-Driven Deception: AI-generated materials and deepfake-enabled scams are expected to move into the mainstream in 2026. These represent a high-impact threat to Singapore’s financial stability by exploiting human trust rather than technical vulnerabilities.
“Singapore’s status as a global digital hub makes it a primary target for both financially motivated criminals and strategic nation-state actors,” said Rebecca Law, Country Manager, Singapore, at Check Point Software. “The 2025 landscape shows that attackers are successfully bypassing traditional controls through impersonation and social engineering.
“As we move into 2026, organisations must assume that trust, not just systems, will be exploited. Resilience will depend on moving toward a proactive, prevention-first and ‘safe-by-design’ remediation approach.”
Outlook for 2026
Singapore is expected to face a continued escalation of high-impact threats driven by the convergence of nation-state activity and AI-enabled scams. Check Point advises organisations to remain vigilant for early indications of DDoS incidents and to focus on service continuity. Effective preparedness will require tested incident response playbooks, clear escalation paths, and heightened employee awareness.
Organisations that focus solely on traditional prevention will struggle; those that demonstrate resilience, verification, and coordinated response will be best positioned to withstand Singapore’s evolving threat landscape.
