255 firms linked to Singapore’s critical infrastructure allegedly targeted in dark web leak

“It is a massive weakness,” said Mr Nicky Choo, vice president and general manager for Asia-Pacific at cybersecurity provider Mimecast.

“Every organisation that does business with every large organisation that’s part of the critical infrastructure is a target for attack. So, a lot of cyber attackers now go after the weakest link, which is the easier way in,” he added.

According to the CSA’s Singapore Cyber Landscape 2024/2025 report, ransomware cases rose by 21 per cent in 2024, with 159 incidents recorded.

Manufacturing and professional services were among the most affected, with the majority of the attacks in the professional services industry targeted at SMEs.

Mr Gaurav Keerthi, CEO of cybersecurity firm Strongkeep, said SME incidents may be more common than official numbers suggest.

“It’s a lot of voluntary declaration if there is an incident … But generally, we think there’s a massive under-reporting of cases in the SME space.”

He added that attackers are increasingly drawn to smaller firms.

“(They’re) easier to attack. It’s gotten more lucrative to get some money out of these smaller companies, and many of them have become more digital in the last few years.”

With over 350,000 SMEs operating in Singapore as of 2024, the sheer volume of smaller firms provides attackers with many potential entry points.

“Unfortunately, the smaller companies, despite being more heavily targeted, continue to be less protected than the rest of the economy,” Mr Keerthi said.