Singapore Hit by 21 Million Cyberattacks in 2024 as Ransomware Strikes Major Banks
In April 2024, Singapore faced a significant cybersecurity breach when a ransomware attack on a printing vendor exposed sensitive customer data from DBS and the Bank of China’s Singapore branch (BOC). The incident compromised 8,200 DBS customers and 3,000 BOC customers, with stolen data including names, addresses, and, in some cases, loan account numbers. Neither bank reported compromised login credentials.
The attack highlights Singapore’s growing vulnerability to ransomware, which led Asean in cyberattacks in 2024, with 21 million incidents targeting compromised servers. Ransomware, a type of malware that encrypts or locks data until a ransom is paid, has evolved into more sophisticated threats, including double-extortion (threatening data leaks) and triple-extortion (targeting customers or partners). Some variants, like wipers, destroy data even after payment.
Banks are particularly high-value targets due to their real-time operations and sensitive data. Experts warn that attacks can disrupt online banking, payment systems, and trigger prolonged recovery efforts, compliance audits, and regulatory scrutiny. AI-powered ransomware further complicates defenses by adapting during attacks.
Cybersecurity professionals emphasize that ransomware groups now prioritize data theft over encryption, leveraging stolen information for long-term extortion. Many attacks begin with weeks or months of reconnaissance, allowing hackers to bypass defenses before striking. While organizations deploy tools like Endpoint Detection and Response (EDR) and Identity Access Management (IAM), a layered security approach aligned with frameworks like NIST is critical. Smaller vendors, often lacking robust cybersecurity, remain a weak link in supply chain attacks.
Domino Printing Sciences cybersecurity rating report: https://www.rankiteo.com/company/domino-printing
DBS Bank cybersecurity rating report: https://www.rankiteo.com/company/dbs-bank
"id": "DOMDBS1770325487",
"linkid": "domino-printing, dbs-bank",
"type": "Ransomware",
"date": "4/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '8200',
'industry': 'Financial Services',
'location': 'Singapore',
'name': 'DBS',
'size': 'Large',
'type': 'Bank'},
{'customers_affected': '3000',
'industry': 'Financial Services',
'location': 'Singapore',
'name': 'Bank of China (Singapore branch)',
'size': 'Large',
'type': 'Bank'},
{'industry': 'Printing/Supply Chain',
'location': 'Singapore',
'name': 'Printing Vendor (unnamed)',
'type': 'Vendor'}],
'attack_vector': 'Third-party vendor (printing vendor)',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': '11200',
'personally_identifiable_information': 'Names, addresses, '
'loan account numbers',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Personally Identifiable '
'Information (PII), Financial '
'Data'},
'date_detected': '2024-04',
'date_publicly_disclosed': '2024-04',
'description': 'In April 2024, Singapore faced a significant cybersecurity '
'breach when a ransomware attack on a printing vendor exposed '
'sensitive customer data from DBS and the Bank of China’s '
'Singapore branch (BOC). The incident compromised 8,200 DBS '
'customers and 3,000 BOC customers, with stolen data including '
'names, addresses, and, in some cases, loan account numbers. '
'Neither bank reported compromised login credentials.',
'impact': {'brand_reputation_impact': 'High',
'data_compromised': 'Names, addresses, loan account numbers',
'identity_theft_risk': 'High',
'operational_impact': 'Disruption risk to online banking and '
'payment systems'},
'initial_access_broker': {'entry_point': 'Third-party vendor (printing '
'vendor)',
'high_value_targets': 'Banks (DBS, Bank of China)',
'reconnaissance_period': 'Weeks or months'},
'lessons_learned': 'Ransomware groups prioritize data theft over encryption '
'for long-term extortion. Supply chain vulnerabilities, '
'particularly with smaller vendors, pose significant '
'risks. A layered security approach aligned with '
'frameworks like NIST is critical.',
'motivation': 'Financial gain, data extortion',
'post_incident_analysis': {'root_causes': 'Supply chain vulnerability '
'(printing vendor), lack of robust '
'cybersecurity in third-party '
'vendors, reconnaissance by threat '
'actors'},
'ransomware': {'data_exfiltration': 'Yes'},
'recommendations': ['Implement a layered security approach (e.g., NIST '
'framework)',
'Enhance third-party vendor cybersecurity assessments',
'Deploy Endpoint Detection and Response (EDR) and '
'Identity Access Management (IAM) tools',
'Prepare for prolonged recovery efforts, compliance '
'audits, and regulatory scrutiny',
'Monitor for AI-powered ransomware and adaptive threats'],
'references': [{'source': 'Cyber Incident Report 2024'}],
'title': 'Ransomware Attack on Printing Vendor Exposes DBS and Bank of China '
'Customer Data',
'type': 'Ransomware'}