A report by Check Point Software finds that ransomware accounts for 58% of cyber incidents in Singapore.
Check Point Software Technologies has released its Singapore Cyber Threat Landscape 2025 report, which highlights a rise in cyber activity involving ransomware and nation-state espionage.
According to findings from the Check Point Exposure Management Research team, more than 130 incidents were recorded in 2025, with ransomware accounting for 58% of cases. The report identifies several groups, including Qilin and Lynx, as being responsible for a surge in ransomware activity.
These actors frequently use double-extortion tactics, involving both the exfiltration and encryption of sensitive data. In one recorded instance, a local chemical manufacturer reportedly lost 165 GB of data to Qilin. Hacktivist groups such as HIME666 and NullSec Philippines were also associated with information system disruptions.
The government sector was a primary target for distributed denial-of-service (DDoS) attacks, accounting for 44% of victims, many of which used the “gov.sg” domain. Business services accounted for 30% of DDoS targets. Overall, business services and retail remained the most targeted sectors, at 32% and 15% respectively. While retail was the second most targeted industry, it accounted for 42% of all recorded data breach incidents during the period.
Rebecca Law, Country Manager, Singapore, at Check Point Software, said: “The 2025 landscape shows that attackers are successfully bypassing traditional controls through impersonation and social engineering. As we move into 2026, organisations must assume that trust, not just systems, will be exploited.”
Looking ahead to 2026, the report forecasts that AI-generated materials and deepfake-enabled scams will become more common.
Stay updated on crypto and AI by following our socials
