SINGAPORE - Mandating that operators of critical systems, such as those that manage energy, water and transportation services, report suspected advanced attacks will provide the necessary framework for Singapore to defend itself, said Coordinating Minister for National Security K. Shanmugam on Aug 1.

Declining to name the country behind the recent advanced persistent threat (APT) attack on Singapore, he urged organisations to have the mentality that there are and will be breaches.

“Accept that, and be prepared to defend,” he said, speaking on the sidelines of a biennial cybersecurity exercise, called Exercise Cyber Star, organised by the Cyber Security Agency of Singapore.

“Tell us immediately the moment you suspect (something). We work with you to try and deal with it,” he added.

Mr Shanmugam’s comments came after the authorities revealed in July that Singapore’s critical information infrastructure (CII) came under attack from

UNC3886, a state-linked advanced persistent threat actor.

UNC3886 is one of several APT actors, whose activities have increased more than fourfold from 2021 to 2024, that target Singapore’s CII.

In light of increased threats, Singapore has also amended its Cybersecurity Act in 2024 to require CII operators to declare any cyber-security outage, and any attack on their premises or along their supply chain.

In particular, operators of critical systems must report suspected APT attacks to CSA, whose oversight will expand to include risks that come from suppliers and cloud services. The amendments are expected to kick in later in 2025.

Declining to name the country behind UNC3886, Mr Shanmugum said: “We release information that we assess is in the public interest...Naming a specific country is not in our int...