Singapore’s Cabinet has alleged cyberattacks by a “China-linked” threat actor, and in a rarity, also named the attacker.
The city-state’s Minister of Defense, Chan Chun Sing, is one three Cabinet ministers to have spoken about the attack on Singapore’s critical infrastructure on Saturday, claims denied by the Chinese Embassy, which termed them as “groundless smears and accusations”.
“Units in the Singapore Armed Forces (SAF) and Ministry of Defense (MINDEF) have been responding to the ongoing cyberattack by an alleged China-linked threat actor on Singapore’s critical infrastructure covering global trade,” Sing was quoted as saying by Channel News Asia.
Also Read: ‘India’s cybersecurity needs fully homegrown tech’
“The Select SAF and MINDEF units will work with the Cyber Security Agency of Singapore (CSA) in a whole-of-government effort to manage the incident,” the minister added.
Meanwhile, Google-owned cybersecurity firm, Mandiant, described ‘UNC3886’ as a “China-nexus espionage group” that has targeted prominent strategic organisations on a global scale, reported the news organisation, Channel News Asia.
On being asked why the Singapore government had decided to name the attackers, the country’s Coordinating Minister for National Security and Home Affairs Minister, K Shanmugam, who had first revealed on Friday that Singapore was actively dealing with the “highly sophisticated” UNC3886 group, said that Singaporeans ought to know where the attack was coming from, and that attackers have been named in the past.
“The number of incidents we disclose are far smaller than the actual number of attacks,” he said, and added, “This time round, our assessment was that we can disclose those details.”
When asked about UNC3886’s alleged links to China and possible retaliation for naming them, Shanmugam declined to attest to the hackers’ origins to any specific country, saying this was “speculative.”
“Who they are linked to and how they operate is not something I want to go into,” he said, adding that what mattered was that they posed a serious danger to Singapore and could undermine national security.
Meanwhile, the country’s Minister for Digital Development and Information, Josephine Teo, said in a Facebook post that Singaporeans should be aware about the ongoing cyberspace threats the country faces, and that there was “never a perfect time” to disclose such incidents, especially in the face of the possibility of the threat actors succeeding in taking down any of their critical systems, such as water, power, or telco networks.
“The knock-on effects could be devastating,” Minister Teo said.
“We always have to strike a fine balance between maintaining operational security and raising public awareness, especially while live operations are ongoing,” she added.
The Chinese embassy in Singapore noted that local media outlets had cited “so-called information from a certain country's cybersecurity company” and categorically denied claims that UNC3886 was linked to China.
“The Chinese government expresses strong dissatisfaction over the claim and opposes any groundless smears and accusations,” the embassy statement read.
“The embassy would like to reiterate that China is firmly against and cracks down (on) all forms of cyberattacks in accordance with law. China does not encourage, support or condone hacking activities,” it added.
“Keeping cyberspace safe is a global challenge and China stands ready to work with Singapore and the rest of the world to jointly protect cybersecurity,” the statement added.
Singapore is a growing global business hub of six million people with almost all multinational corporations and many predominantly Chinese-origin entrepreneurs. It has strong, age-old business ties with China that go back centuries.
Also Read: X outage: Musk blames massive cyberattack