With cyber attacks becoming more sophisticated, the Ministry of Defence (Mindef) has established a new unit to equip the Government’s network defenders with stronger capabilities, while tightening their coordination.
The new Digital Defence Hub, which comes under Mindef’s Centre for Strategic Infocomm Technologies (CSIT), has also been tasked with driving cyber security collaboration, both within the Government and with the private sector.
Coordinating Minister for National Security K. Shanmugam announced the new unit on Oct 17 at TechCon, an annual closed-door technical conference hosted by CSIT.
Speaking at the conference, he said the new unit will focus on developing and deploying capabilities to support a wide range of public agencies and missions important to national security, such as to counter advanced persistent threats (APTs).
APTs are well-resourced attackers, usually state-linked, who lurk in networks to steal sensitive information or disrupt essential services.
In July, Mr Shanmugam had said authorities were dealing with an ongoing attack on Singapore’s critical information infrastructure by UNC3886, an APT group. While the authorities did not disclose UNC3886’s sponsors, experts have linked the group to China.
In his conference speech, Mr Shanmugam said suspected APT attacks on Singapore has more than quadrupled between 2021 and 2024. Other forms of digital threats that can severely disrupt societies, such as ransomware attacks and digital scams, are also evolving quickly, he noted.
“The challenges are growing. As a highly connected and digital society, stepping up our digital defence, is a clear priority,” said Mr Shanmugam, who is also Home Affairs Minister.
Dr Adrian Tang, who is group director of the Digital Defence Hub, said the new unit aims to “better counter high impact digital threats, especially particularly advanced persistent threats against our government systems and critical infrastructure”.
The new unit will focus CSIT’s deep expertise in various technical areas like cyber threat research, malware analysis and red-teaming into better capabilities for public agencies to defend, investigate and respond against high-impact cyber threats, he added.
Red-teaming refers to ethical hackers simulating cyber attacks to improve an organisation’s ability to detect and nullify real attacks.
Set up in 2003, CSIT is the lead digital technology agency in Mindef that builds digital tools to meet the Republic’s national security needs.
These tools include ACUBE, a malware analysis platform that automates and streamlines the study of malicious software, which helps security researchers draw rapid insights into malware behaviour for more effective incident response and threat hunting.
Another is NEMOS, a threat detection system that uses CSIT’s expertise for the proactive hunting of cyber threats across networks.
CSIT chief executive Darren Teo said that as a small country with an outsized digital footprint, Singapore needs to develop technologies and capabilities to safeguard its digital space, to ensure critical digital services can continue to run reliably even while under attack.
“Through the DDH, CSIT will provide a platform to collaborate in building capabilities and sharing intelligence and insights to better safeguard our digital space,” he said.
Mr Shanmugam told conference attendees that collaboration between government agencies and industry partners have helped all parties to form a more complete picture of the threat landscape and threat actors, which has helped the Government to investigate activities by UNC3886.
Said Mr Shanmugam “We have to work together because the attackers, the bad guys, are increasingly very sophisticated, and they are able to conceal the activities.
“And we need, as it were, many different brains, many different torches to shine the light and uncover the activities and make it much more difficult for the attackers.”
Note: This article was written by Samuel Devaraj and first appeared in The Straits Times on 17 October 2025.
Source: The Straits Times
