Particle.news
Download on the App Store
8 ARTICLES
·
5d ago

Singapore Names China-Linked UNC3886 as Ongoing Threat to Critical Infrastructure

Specialist cyber teams alongside defence units have been deployed to investigate network intrusions targeting essential services.

Figurines with computers and smartphones are seen in front of the word "hacker" in this illustration taken, February 19, 2024. REUTERS/Dado Ruvic/Illustration/File Photo
Image
Image
Image

Overview

  • Coordinating Minister K. Shanmugam publicly identified UNC3886 on July 18 as the advanced persistent threat group attacking Singapore’s critical information networks.
  • The Cyber Security Agency has led investigations since the intrusion was first detected and is sharing threat intelligence with energy, healthcare, transport and finance sectors.
  • Selected units from the Singapore Armed Forces and Ministry of Defence have joined the CSA in a coordinated whole-of-government response to contain the campaign.
  • Cybersecurity firm Mandiant and industry analysts link UNC3886 to China and warn that it uses zero-day exploits, custom malware and native tools to evade detection and maintain persistence.
  • Singapore has seen a more than four-fold increase in suspected state-linked APT attacks from 2021 to 2024, reflecting its status as a global digital hub and heightening risks to national security.