Singapore faces targeted threats: Beyond statistical exposure, Singapore is also facing targeted campaigns against its critical infrastructure. One such operation involves China-linked threat group UNC3886, recently observed exploiting vulnerabilities in Juniper (Junos OS) routers to infiltrate telecom and service provider networks.Gilad Maizles, threat researcher at SecurityScorecard, said, “The campaign appears to be operated through a China-nexus ORB network known as the GobRAT ORB.” Operational Relay Box (ORB) networks act as stealthy infrastructure layers, allowing attackers to relay malicious activity through a mesh of compromised systems, making the attacks persistent and evasive.”The targeting of critical infrastructure in Singapore is a clear example of how China-aligned threat actors are shifting toward ORB-based infrastructure to obscure attribution and enable sustained access across high-value regional targets,” Maizles explains. He also noted the parallels with Volt Typhoon, a similar espionage campaign aimed at US infrastructure, suggesting a coordinated shift toward pre-positioning tactics. To address these systemic risks, SecurityScorecard report recommends a shift from reactive assessments to proactive resilience metrics and workflows. These include mitigating fourth-party exposure through TPRM programs, integrating threat intelligence across ecosystems, mapping vendor risks and sketching supply chain incident response workflows, and implementing secure-by-design and hardening critical infrastructure through MFA and patch management.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4027819/singapores-cybersecurity-paradox-top-firms-rated-a-yet-all-breached.html
