Singtel was allegedly hacked earlier this year

What does this mean? Should you be concerned?

Singtel was allegedly hacked earlier this year
Photo Credit: Paul Mah. Old photo of Singtel booth - Singtel sold its Trustware stake in 2023.

Singtel was allegedly hacked earlier this year. What does this mean? Is there a reason to be concerned?

For this week's hashtag#UnfilteredFriday, we look at a Bloomberg report that Singtel was breached by Chinese state-sponsored hackers in June.

Should you be worried? Is it time to dump your Singtel shares or switch to another provider?

Look at the news source

When reading news, look at the publication. In this case, I'll note that Bloomberg is neither a cybersecurity nor tech publication.

Bloomberg has produced some riveting reports about tech firms in the past. However, it has also published reports that had tech experts scratching their heads.^

There is also the geopolitical consideration. I've observed that headlines of state-sponsored hackers reported by Bloomberg invariably involve:

  • Russian hackers.
  • Chinese hackers.
  • North Korean hackers.

See the trend?

^See comments.

So what happened here

According to Bloomberg, Singtel was breached by Chinese state-sponsored hackers as part of a broader campaign against telcos and other critical infrastructure operators.

Singtel said malware was detected in June. It was dealt with and reported to relevant authorities. Unsurprisingly, it cannot confirm if this is the same incident as the Bloomberg one - which relied on 2 anonymous sources.

In a joint statement on Tuesday, the CSA and IMDA said they understood from Singtel that no service was affected, and no data loss was reported from the incident.

That's about it.

State-sponsored attacks now the norm

I'll come right out and say it: Hacks and state-sponsored attacks are the norm now, not the exception.

As nations jostle for advantage over others, our increasing use of digital systems means cyberspace has evolved into another arena for contention.

One might not like them, but it would be naive to ignore this reality.

Cyber breaches: A matter of time

As attacks mount, it is only a matter of time before cyber breaches happen - it's pure probability. Indeed, cybersecurity experts I speak to increasingly hold this view.

They call it an "assumed breach" condition.

By assuming an eventual cyber breach, this means they plan for:

  • Proactive discovery of breaches.
  • Incident response procedures.
  • Mitigation strategies.
  • Drills and simulation.

So how bad was the breach?

  • Were services affected?
  • Was data stolen?

For now, it looks like Bloomberg doesn't know while Singtel says there was no data loss or services affected.

So, I'm not losing sleep over it.