{
	"id": "92af649b-19b1-4b43-a553-ca20c76ec352",
	"created_at": "2026-04-09T02:24:05.10702Z",
	"updated_at": "2026-04-10T03:36:01.442198Z",
	"deleted_at": null,
	"sha1_hash": "5cdf2229c797a0c23de6b96df3bda91c4d126308",
	"title": "Singapore corporations making progress in preventing cyberattacks - DataBreaches.Net",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 44086,
	"plain_text": "Singapore corporations making progress in preventing\r\ncyberattacks - DataBreaches.Net\r\nPublished: 2022-09-13 · Archived: 2026-04-09 02:02:15 UTC\r\nIt was a back-handed compliment of sorts: experienced hackers telling DataBreaches that it had gotten noticeably\r\nharder for them to successfully attack big corporations in Singapore.\r\n“The most difficult country to attack now, are Singapore companies,” they told DataBreaches in a chat.\r\n“A lot has changed since 3 years ago. It is hard to even pinpoint a Singapore server with vulnerabilities these\r\ndays.  Just a few years ago, everything was still pretty much unsecured. Now, hackers ae lucky to even find a\r\nSingapore server with vulnerabilities….  we can’t pick up things for months.”\r\nGiven how active DESORDEN Group has been in ASEAN countries, for them to make that comment about\r\nSingapore is really interesting.\r\nThat does not mean that they have been totally unsuccessful, however. They still managed to recently attack a\r\nmajor multi-national shipping and logistics firm headquartered in Singapore — the Ben Line Agencies —\r\nalthough it was their first Singapore hit in about a year.  DataBreaches sent email inquiries to Ben Line Agencies’\r\nSingapore office and country manager about the attack, but received no replies, even though DESORDEN\r\nindicated that it was evident Ben Line was aware of the breach.\r\nDESORDEN noted that the difficulties they experience in successfully hitting a Singapore target as quickly as\r\nthey used to be able to do might be due to the fact that they are always looking for bigger companies.\r\n“Either way,” their spokesperson told DataBreaches, “it is too time consuming to look at Singapore now.” And\r\nthat is a bit of good news for big businesses in Singapore.\r\nWhile DESORDEN may find its pool of big targets in Singapore being more difficult to attack, the current media\r\nfrenzy over Indonesian hacks and data leaks has created new business opportunities for them, it seems.\r\nDESORDEN says they have been receiving a number of inquiries from people seeking to hire the hackers-for-hire\r\ngroup to hack Indonesian companies, and they have recently taken on more people to help.\r\nHas Singapore Improved Its Cybersecurity Significantly?\r\nCurious about why large Singapore organizations had become more challenging for DESORDEN to successfully\r\nattack, DataBreaches tried to find any data that might shed some light on the topic. While Singapore’s Personal\r\nData Protection Commission (PDPC) authority publishes enforcement actions, undertakings, and guidance papers\r\nit issues, DataBreaches could not find any direct reports on how many data security breaches or leaks the regulator\r\nhad received for 2020, 2021, and 2022 to date.\r\nTo try to obtain more information, DataBreaches sent inquiries to both the PDPC and Singapore’s Cyber Security\r\nAgency (CSA). The former has not replied as yet, but the latter pointed me to a report on the cybersecurity\r\nhttps://www.databreaches.net/singapore-corporations-making-progress-in-preventing-cyberattacks/\r\nPage 1 of 2\n\nlandscape in 2021. According to that paper, 137 cases of ransomware were reported to SingCERT in 2021, which\r\nrepresented a 54% increase from 89 cases in 2020. Figures have not been released for 2022.\r\nThe report also noted that multiple entities had been hit between March and August 2021 by ALTDOS, a situation\r\nthat led CSA, the PDPC, and the Singapore Police to issue a joint advisory on ALTDOS. Shortly thereafter, three\r\nof ALTDOS’s servers were seized, although no government publicly claimed responsibility for the seizure. Of\r\nnote, ALTDOS subsequently announced one more hack — of a Malaysian firm — and then disappeared as\r\nALTDOS.\r\nDid the advisory or any other measures Singapore took last year have a positive impact on business’s\r\ncybersecurity measures?  A CSA spokesperson responded to DataBreaches’ inquiry that “it is good to hear that\r\nthey are finding it increasingly difficult to attack big companies in Singapore. This means that our local companies\r\nare getting more aware of the importance of cybersecurity and the need to practise good cyber hygiene.”\r\nLast year, PDPC took enforcement action with monetary penalties against two of ALTDOS’s victim companies: \r\nAudio House and vHive. And in addition to the regulatory actions, the vHive e-commerce site was down for\r\nmonths following the attack. Were those incidents “wake up” calls for Singapore businesses, or were there some\r\nother variables that were more influential?  DataBreaches does not know at this point, but it would be great to\r\nfigure out what made a difference and bottle it for other countries.\r\nSource: https://www.databreaches.net/singapore-corporations-making-progress-in-preventing-cyberattacks/\r\nhttps://www.databreaches.net/singapore-corporations-making-progress-in-preventing-cyberattacks/\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MISPGALAXY",
		"Malpedia"
	],
	"references": [
		"https://www.databreaches.net/singapore-corporations-making-progress-in-preventing-cyberattacks/"
	],
	"report_names": [
		"singapore-corporations-making-progress-in-preventing-cyberattacks"
	],
	"threat_actors": [
		{
			"id": "e5ccc758-f2a5-417b-ba5c-70edf39bc048",
			"created_at": "2022-10-25T16:07:24.481513Z",
			"updated_at": "2026-04-10T02:00:05.005021Z",
			"deleted_at": null,
			"main_name": "Desorden",
			"aliases": [],
			"source_name": "ETDA:Desorden",
			"tools": [],
			"source_id": "ETDA",
			"reports": null
		},
		{
			"id": "3a69a32c-82d0-431b-b5ab-34a070bf8d94",
			"created_at": "2023-11-08T02:00:07.154393Z",
			"updated_at": "2026-04-10T02:00:03.428568Z",
			"deleted_at": null,
			"main_name": "Desorden Group",
			"aliases": [],
			"source_name": "MISPGALAXY:Desorden Group",
			"tools": [],
			"source_id": "MISPGALAXY",
			"reports": null
		},
		{
			"id": "348b092b-f28a-41d0-a7f2-4c399f2f973f",
			"created_at": "2024-06-25T02:00:05.046536Z",
			"updated_at": "2026-04-10T02:00:03.664032Z",
			"deleted_at": null,
			"main_name": "ALTDOS",
			"aliases": [],
			"source_name": "MISPGALAXY:ALTDOS",
			"tools": [],
			"source_id": "MISPGALAXY",
			"reports": null
		},
		{
			"id": "b4f79ca0-e94b-4abe-a61e-ea3d2a2458ad",
			"created_at": "2022-10-25T16:07:24.444096Z",
			"updated_at": "2026-04-10T02:00:04.994412Z",
			"deleted_at": null,
			"main_name": "ALTDOS",
			"aliases": [
				"0mid16B",
				"ALTDOS",
				"Desorden",
				"GHOSTR"
			],
			"source_name": "ETDA:ALTDOS",
			"tools": [
				"Agentemis",
				"Cobalt Strike",
				"CobaltStrike",
				"cobeacon"
			],
			"source_id": "ETDA",
			"reports": null
		}
	],
	"ts_created_at": 1775701445,
	"ts_updated_at": 1775792161,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/5cdf2229c797a0c23de6b96df3bda91c4d126308.pdf",
		"text": "https://archive.orkl.eu/5cdf2229c797a0c23de6b96df3bda91c4d126308.txt",
		"img": "https://archive.orkl.eu/5cdf2229c797a0c23de6b96df3bda91c4d126308.jpg"
	}
}