SINGAPORE: The government has confirmed a “serious” cyberattack targeting critical infrastructure, with authorities attributing the breach to a sophisticated China-linked hacking group. Coordinating Minister for National Security K. Shanmugam revealed the ongoing threat during a late Friday address, identifying the perpetrators as UNC3886—a cyber espionage unit previously flagged by Google-owned cybersecurity firm Mandiant.
“Even as we speak, UNC3886 is attacking our critical infrastructure right now,“ Shanmugam stated, emphasizing the severity of the advanced persistent threat (APT). The group’s operations risk compromising national security by disrupting essential services, including power grids, healthcare networks, and transportation systems.
The minister highlighted the potential cascading effects of a successful breach, noting, “Our banks, airports, and industries would not be able to operate. Our economy can be substantially affected.” Between 2021 and 2024, suspected APT incidents in Singapore surged over fourfold, underscoring escalating cyber warfare risks.
A 2018 cyber intrusion into a public healthcare cluster, which exposed medication records of 160,000 patients—including former Prime Minister Lee Hsien Loong—was cited as a precedent. Satnam Narang of Tenable warned that defending against such stealthy, well-resourced adversaries is “increasingly demanding” as digital infrastructure expands.
The Cyber Security Agency (CSA) is actively countering the threat, though Shanmugam withheld details on mitigation strategies. Industry analysts stress that UNC3886’s tactics align with long-term espionage campaigns, often targeting governmental and industrial data. - AFP
