AI emerges as “double-edged sword” in Singapore’s cyber landscape

Cyber threats in Singapore surged across multiple fronts in 2024, reflecting global trends of more sophisticated and damaging attacks, according to the Cyber Security Agency of Singapore’s (CSA) Singapore Cyber Landscape 2024/2025 report released on Sept. 3.

The report highlighted that phishing, ransomware, and infrastructure infections all rose sharply, while artificial intelligence (AI) emerged as both a powerful tool for defenders and a weapon increasingly used by attackers.

Phishing cases climbed by 49% to more than 6,100 reported incidents. The CSA noted that 12% of phishing emails contained AI-generated content, with financial services, government agencies, and e-commerce platforms being the most frequently spoofed.

Ransomware attacks rose by 21%, with multinational manufacturers and listed firms among the hardest hit. Small and medium-sized enterprises in consulting, legal, and accounting were also disproportionately targeted, with attackers often encrypting data to maximize operational disruption.

Singapore saw a 67% rise in infected systems, reaching about 117,300. Advanced persistent threats (APTs) quadrupled since 2021, with groups such as UNC3886 targeting critical infrastructure. Social engineering also grew more prominent, with vishing and help-desk impersonation increasingly common.

Supply chain risks were underscored by the global fallout from the CrowdStrike outage in 2024, which caused an estimated US$5.4 billion in financial losses and nearly 40,000 flight disruptions. Singapore also ranked seventh worldwide for distributed denial-of-service (DDoS) attacks in late 2024 and was the third-largest source of such traffic.

The CSA described AI as a “double-edged sword.” While threat actors used it to generate phishing content and develop malicious code, AI also strengthened defensive capabilities. Other vulnerabilities identified included cloud service outages, poorly secured Internet of Things (IoT) devices, and emerging hypervisor attacks.

The report warned of the convergence of cyber, physical, and digital domains, citing submarine cables as a potential point of fragility, as Singapore remains connected to 26 undersea lines.

In response, Singapore advanced its Cybersecurity Strategy 2021 with new initiatives in 2024. These included amendments to the Cybersecurity Act, the launch of the OT Cybersecurity Masterplan to protect industrial systems, and new codes of practice for cloud security. CSA also issued AI security guidelines, expanded public awareness programmes, and promoted the use of Software Bills of Materials to reduce supply chain risks.

The report underscored intensifying threats in the cybersecurity space. The CSA emphasized that regulation, resilience, and talent development are essential to staying ahead in an unpredictable environment shaped by rapid technological change.

What are your thoughts on the latest findings? Share your insights in the comments below.