Singapore Authorities Warn Businesses of Bitcoin Ransomware Threat

Key Takeaways:

Heightened Awareness: Singaporean authorities alert businesses to the increasing threat of Bitcoin ransomware attacks. This serves as a wake-up call for organisations to prioritise cybersecurity measures.

Collaborative Response: The warning comes from various agencies, including the Cyber Security Agency of Singapore, the Singapore Police Force, and the Personal Data Protection Commission, which have received complaints from victims. This highlights the need for collaboration among government agencies and businesses to combat cyber threats effectively.

Prevention Measures: To mitigate the risk of Bitcoin ransomware attacks, businesses are advised to implement proactive strategies such as regular software updates, strong password policies, employee training, data backup and recovery plans, network segmentation, and incident response plans. These measures are crucial for safeguarding against potential attacks and minimising their impact.

Singaporean authorities have warned businesses sternly about the growing threat of Bitcoin (BTC) ransomware.

Understanding the Bitcoin Ransomware Menace

As digital currencies gain prominence, cybercriminals increasingly resort to ransomware attacks to extort money from unsuspecting victims. These attacks involve encrypting the victim’s files and demanding payment, usually in BTC, for their release. With Singapore being a global financial hub and a tech-savvy nation, the risk of such attacks cannot be underestimated.

On June 8 2024, Singaporean authorities issued a joint advisory alerting local businesses about the rising threat of Akira ransomware that stole $42 million from over 250 organisations across North America, Europe and Australia within a year, now actively targeting businesses in Singapore. The warning follows reports from various agencies, such as the Cyber Security Agency of Singapore, the Singapore Police Force, and the Personal Data Protection Commission, who have recently been informed of multiple complaints from individuals and organisations affected by the cyber assault. 

Rising Incidents and Vulnerabilities

Recent incidents highlight the rising prevalence of BTC ransomware attacks targeting businesses across several sectors in Singapore. Cybercriminals often exploit vulnerabilities in outdated software, weak passwords, or unsuspecting employees through phishing emails to access a company’s network. Once inside, they deploy ransomware, encrypt critical files, and demand payment in BTC for decryption keys, crippling operations and causing significant financial losses.

Earlier inquiries by the United States Federal Bureau of Investigation (FBI) revealed that Akira ransomware has been focusing its attacks on businesses and critical infrastructure establishments. Kaspersky, a cybersecurity company, recently discovered North Korean hackers were directing their attacks towards South Korean crypto businesses using Durian malware. Kaspersky noted, “Durian boasts comprehensive backdoor functionality, enabling the execution of delivered commands, additional file downloads, and exfiltration of files.”

Mitigating the Threat

In response to this growing threat, Singaporean authorities urge businesses to bolster their cybersecurity measures and adopt proactive strategies to minimise the risk of BTC ransomware attacks. Here are some key recommendations:

  1. Regular Software Updates and Patch Management: Keeping all software and systems up-to-date with the latest security patches is crucial in thwarting potential ransomware attacks. Cybercriminals often exploit vulnerabilities in outdated software to gain unauthorised access to networks.
  2. Strong Password Policies: Implementing strong password policies, including regular password changes and complex passwords, can significantly reduce the risk of unauthorised access to systems and networks. Employees should also be trained on password security and phishing awareness.
  3. Employee Training and Awareness: Educating employees about the dangers of phishing emails and other social engineering tactics is essential in preventing ransomware attacks. Employees should be trained to recognise suspicious emails, links, and attachments and immediately report any unusual activity to the IT department.
  4. Data Backup and Recovery: Regularly backing up critical data and maintaining offline backups can help mitigate the impact of ransomware attacks. In the event of an attack, businesses can restore their systems and files from backups without paying the ransom.
  5. Network Segmentation and Access Controls: Implementing network segmentation and access controls can limit the spread of ransomware within a network and prevent unauthorised access to sensitive data. Restricting user privileges based on job roles and responsibilities can also help minimise the impact of ransomware attacks.
  6. Incident Response Plan: Developing and testing an incident response plan is essential for effectively responding to ransomware attacks. This plan should outline the steps during an attack, including isolating infected systems, contacting law enforcement, and communicating with stakeholders.

The Singaporean authorities have advised businesses that have been compromised to refrain from paying ransom to the attackers. Members affiliated with Akira demand crypto payments, notably in BTC, in exchange for relinquishing control of compromised computer systems and internal data. Despite this, Singaporean authorities have advised businesses against complying with these demands for payment.

They said, “If your organisation’s systems have been compromised with ransomware, we do not recommend paying the ransom and advise you to report the incident immediately to the authorities. Paying the ransom does not guarantee that the data will be decrypted or that threat actors will not publish your data.” Moreover, malicious actors might try to launch subsequent attacks in anticipation of securing a higher ransom.

The FBI discovered that Akira never contacts victims but expects them to initiate communication. Specific suggested strategies for mitigating threats include establishing a recovery strategy and utilising multifactor authentication, filtering network traffic, deactivating unused ports and hyperlinks, and implementing system-wide encryption. 



Fhumulani Lukoto Cryptocurrency Journalist

Fhumulani Lukoto holds a Bachelors Degree in Journalism enabling her to become the writer she is today. Her passion for cryptocurrency and bitcoin started in 2021 when she began producing content in the space. A naturally inquisitive person, she dove head first into all things crypto to gain the huge wealth of knowledge she has today. Based out of Gauteng, South Africa, Fhumulani is a core member of the content team at Coin Insider.

View all posts by Fhumulani Lukoto >

Related Articles

India Preparing for a CBDC-Driven Economy: Central Bank Governor’s Vision

Outgoing Reserve Bank of India Governor Shaktikanta Das believes that the digital rupee has the potential to transform India's economy.

El Salvador Plans Bitcoin Policy Changes to Secure $1.3B IMF Loan

El Salvador reportedly anticipates an agreement with the IMF for a $1.3 billion loan, contingent on amendments to its Bitcoin Law.

Floki & Mastercard Launch 13 Crypto Debit Cards In Europe

Floki is among increasing crypto companies launching regional payment cards, enabling users to spend cryptocurrencies.

BitOasis Secures Full Crypto Licence in Dubai: A Milestone for CoinDCX

BitOasis has secured a full VASP licence, finalising its VARA licensing process and enabling it to provide crypto trading services.

See All