The attack, a kind of Advanced Persistent Threat (APT), poses a serious danger to the city-state, Coordinating Minister for National Security K. Shanmugam said in a speech late Friday.

An APT refers to a cyberattack where an intruder establishes and maintains unauthorised access to a target, remaining undetected for a sustained period of time.

"I can say that it is serious and it is ongoing. And it has been identified to be UNC3886," he said.

Shanmugam, who is also home affairs minister, did not elaborate on the group's sponsors or the origin of the attack.

But Google-owned cybersecurity firm Mandiant described UNC3886 as a "highly adept China-nexus cyber espionage group".

APT actors typically steal sensitive information and disrupt essential services, such as healthcare, telecoms, water, transport and power, minister Shanmugam said.

"If it succeeds, it can conduct espionage and it can cause major disruption to Singapore and Singaporeans," he added.

A successful breach of Singapore's power system, for example, could wreak havoc with the electricity supply, with knock-on effects on essential services, such as healthcare and transport.

"There are also economic implications. Our banks, airports and industries would not be able to operate. Our economy can be substantially affected," he said.

Between 2021 and 2024, suspected APTs against Singapore increased more than fourfold.

A cyber breach on a public healthcare cluster in 2018 accessed the medication records of about 160,000 patients, including then-prime minister Lee Hsien Loong.

On Saturday, China's embassy in Singapore expressed "strong dissatisfaction" with media reports linking UNC3886 to China.

In a statement, the embassy said it "firmly opposes any unwarranted smearing of China" and that "in fact, China is one of the main victims of cyberattacks".

The statement added: "China firmly opposes and cracks down on all forms of cyberattacks in accordance with the law. China does not encourage, support, or condone hacking activities."

The attack on Singapore's critical infrastructure "highlights the extraordinary challenges posed by APT actors," said Satnam Narang, senior staff research engineer at US-based cybersecurity firm Tenable.

"Combating such stealthy opponents is becoming increasingly demanding as the scale and complexity of IT infrastructure that organisations and nations must defend continues to grow," he said.

bur-mba/lb

GOOGLE