According to the latest security report released by Trend Micro, a Taiwanese cybersecurity multinational company, Singapore has been a hotbed for malicious URLs in Southeast Asia during 2018, accounting for 68.1% of such attacks.
The study found that the city-state was the most vulnerable country in the region, with over 3 million malicious URLs hosted locally and over 15 million victims falling prey to these URLs.
Vietnam, Indonesia and Singapore were the three ASEAN countries with the highest numbers of email threats blocked by the cybersecurity firm at 46.2%, 21.3% and 10.9% respectively.
Last year, Trend Micro detected more than 55 million malware attacks in the region. Malaysia took top spot at 29.6%, followed by Singapore (19.8%) and Thailand (16.4%).
The 2018 Security Roundup Report also highlights a rising interest in machine learning and artificial intelligence technologies that enable enterprises to circumvent these threats.
Email attacks on the rise
Overall, Singapore ranked third in Southeast Asia for experiencing the most email threats last year, which included spam, preceded by Vietnam and Indonesia.
Attacks that take advantage on the need to respond to urgent requests from authorities are on the rise.
The number of business email compromise (BEC) attacks in 2018 increased by 28% globally. While these attacks are less frequent than phishing attacks, they are more sophisticated and take more careful planning for cybercriminals. On average, they yield approximately S$177,000 per attack.
In the report, Trend Micro emphasises that BEC scams are a pressing issue amongst Singapore-based companies. The nation ranked first in Southeast Asia for experiencing the most BEC attacks (consisting of CEO fraud) last year (27.3%), followed by Malaysia (26.1%) and Indonesia (25%).
Another strong indicator of how the threat landscape is shifting can be seen in the types of threats that decline.
Ransomware detection decreased by 91% globally compared to 2017, along with a 32% decrease in new ransomware families.
This reinforces the shift in attack tactics, as ransomware does not require extensive planning, technical skills or ingenuity due to the large number of resources available for malicious hackers in the cybercriminal underground.