Singapore’s four telecom operators were targeted by a cyber espionage group last year, though the attacks did not disrupt services or compromise customer data, the country’s Cyber Security Agency of Singapore said on Monday.
The affected companies include Singtel, StarHub, M1 and Simba Telecom. According to the agency, the attackers were able to gain access to certain parts of telecom systems but were contained before causing operational disruption.
The agency said no personal customer data was accessed. However, the attackers managed to exfiltrate a limited amount of technical information, primarily related to network infrastructure.
“They also managed to exfiltrate a small amount of technical data, believed to be largely network-related and intended to advance the threat actors’ operational objectives,” the Cyber Security Agency said in a statement.
Cybersecurity firm Mandiant, owned by Google, has previously identified the group behind the attacks as UNC3886, describing it as a China-linked cyber espionage group. Mandiant has said the group has a history of targeting defence, technology and telecommunications organisations across the United States and Asia.
China has repeatedly denied allegations of state-linked cyber espionage, saying it opposes all forms of cyberattacks and is itself a victim of such activity. The Chinese Embassy in Singapore did not immediately respond to a request for comment.
Monday’s disclosure marks the first time Singapore’s government has publicly identified the type of critical infrastructure targeted by UNC3886. In July last year, authorities said they were responding to cyberattacks against high-value strategic assets but did not name the affected sectors.
In a joint statement, the four telecom companies said cyber threats are an ongoing risk for operators globally, ranging from distributed denial-of-service attacks and malware to phishing and advanced persistent threats.
“All telcos face cyber threats, including more sophisticated and persistent attacks,” the companies said. “We adopt defence-in-depth mechanisms to safeguard our networks and carry out prompt remediation when issues are detected.”
They added that they work closely with government agencies and industry experts to strengthen cybersecurity controls and improve the resilience of Singapore’s telecommunications infrastructure.
The incident underscores the growing focus on protecting critical national infrastructure from state-linked cyber espionage, as governments across the region step up coordination with private-sector operators to counter increasingly sophisticated threats.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
