Technology
Russia accounted for 88 per cent of cyberattacks targeting Singapore on Jun 12, says threat intelligence research team F5 Labs.
US President Donald Trump and North Korea’s leader Kim Jong Un shake hands following a signing ceremony during their historic US-North Korea summit. (Photo: AFP/Saul Loeb)
SINGAPORE: On the day history was made when United States President Donald Trump met with North Korean leader Kim Jong Un, host nation Singapore saw a surge in cyberattacks from Russia, according to a report by online threat analysts F5 Labs.
Russia accounted for 88 per cent of the attacks against Singapore on Jun 12 – the day both leaders met, F5 Labs and its data partner Loryka said in a Jun 14 blog post.
In addition, of all the attacks originating from Russia, 97 per cent of these targeted Singapore, the blog post said.
(Timeline: F5 Labs)
Going deeper into the data, F5 Labs said approximately 40,000 attacks were launched between 11pm (3pm UTC) on Jun 11 and 8pm (12pm UTC) on Jun 12.
It added that 92 per cent of the attacks collected were reconnaissance scans looking for vulnerable devices while the remaining 8 per cent were “exploits”, which take advantage of vulnerabilities.
The top attack destination port was the Session Initiation Protocol (SIP) port 5060, which is an Internet Protocol phone protocol.
“It is unusual to see port 5060 as a top attack destination port. Our assumption is that the attackers were trying to gain access to insecure phones or perhaps the VoIP server,” the study said.
It added: “Singapore was the top destination of the attacks by a large margin, receiving 4.5 times more attacks than the US or Canada. Singapore is not typically a top attack destination country; this anomaly coincides with President Trump’s meeting with Kim Jong Un.”
The study did point out that it was “unclear” what the attackers were after or whether they were successful, and F5 Labs said it will continue to analyse the data collected.
“We do not have evidence directly tying this attacking activity to nation-state-sponsored attacks,” the study added.
“However, it is common knowledge that the Russian government has many contractors within Russia doing their bidding, and that a successful attack on a target of interest would make its way through to the Kremlin.”
Channel NewsAsia has sent a query to the Cyber Security Agency of Singapore to corroborate F5 Labs’ findings.
