Largest Multi Agency Cyber Operation Launched Against APT Threats

Largest Multi Agency Cyber Operation Launched Against APT Threats 🚀

The Cyber Security Agency of Singapore (CSA) and the Infocomm Media Development Authority (IMDA) have announced a significant multi-agency cybersecurity operation, codenamed Operation CYBER GUARDIAN, aimed at protecting our telecommunications sector. On July 18, 2025, Coordinating Minister for National Security Mr. K Shanmugam revealed that the Advanced Persistent Threat (APT) actor UNC3886 was detected targeting our critical infrastructure.

Over the past months, investigations have shown that UNC3886 has executed a deliberate and well-planned campaign against Singapore’s telecommunications sector, affecting all four major operators: M1, SIMBA Telecom, Singtel, and StarHub.

Key Findings 🔍

• UNC3886 utilized advanced tools to infiltrate telco systems, including a zero-day exploit to bypass firewalls.
• They managed to exfiltrate some technical data, primarily network-related, to further their operational goals.
• Despite gaining unauthorized access, the attack did not result in significant damage or disruption of services.

Ongoing Efforts 🔒

The operation, which has been the largest coordinated cyber incident response in Singapore to date, involved over 100 cyber defenders from various agencies, including CSA, IMDA, and GovTech. Remediation measures have been implemented to close off access points used by UNC3886 and enhance monitoring capabilities.

Minister for Digital Development and Information, Josephine Teo, emphasized the critical role of infrastructure operators in safeguarding national security, urging continuous investment in system upgrades and capabilities.

For further details, you can read the full article here: Read full article