Singapore strengthens its digital shield with a new defence hub
Singapore has established the Digital Defence Hub (DDH) within the Centre for Strategic Infocomm Technologies (CSIT) to tackle cyber threats targeting the nation’s critical infrastructure. The move signals a strategic shift toward a whole-of-government approach to cybersecurity, focusing on sophisticated cyber threat actors and advanced persistent threats (APTs).
What the Digital Defence Hub aims to do
The DDH will provide advanced cybersecurity services and capabilities across government agencies, countering APT groups that pose a serious risk to national security. APTs are highly skilled, well-resourced, and often state-linked, requiring coordinated, high-end defence and intelligence measures. The hub will engage in cyber threat research, malware analysis, threat hunting, and red teaming to pre-empt and respond to evolving threats.
Key capabilities and activities
Core activities include:
- Cyber threat research to identify emerging attacker tools and techniques.
- Malware analysis, supported by CSIT’s Automated Malware Analysis and Attribution System (ACUBE), which speeds up attribution and intervention.
- Threat hunting to proactively detect and neutralise ongoing or new cyber threats within networks.
- Red teaming to simulate real-world cyberattacks, testing resilience and response readiness.
Context: why now
According to Coordinating Minister for National Security K Shanmugam, suspected APT attacks on Singapore have risen more than fourfold from 2021 to 2024. The minister highlighted UNC3886 as an example of a threat actor capable of harming Singapore’s critical information infrastructure. The Russia-Ukraine conflict has also showcased how state-linked attackers can disrupt power grids and essential services. As more sectors digitise — from national digital ID Singpass to energy and healthcare networks — the potential attack surface expands, making robust digital defence a critical priority.
How the DDH will collaborate
The Digital Defence Hub will work closely with the Cyber Security Agency and other government bodies to monitor and investigate threats targeting Singapore’s government systems and critical infrastructure. Collaboration with industry partners will be essential, given the vast, interconnected nature of today’s cyber landscape. Beyond defensive measures, the DDH’s work includes offensive-style activities such as red teaming to uncover unknown vulnerabilities before attackers exploit them.
Looking ahead
Singapore’s multi-layered defence approach combines talent, technology, and partnerships. By accelerating malware analysis with ACUBE, advancing proactive threat hunting, and enabling rigorous red-team exercises, the DDH aims to reduce detection and response times while strengthening resilience across both public and critical sectors. As cyber threats evolve—with ransomware, scams, and AI-assisted attacks in play—the nation’s digital defence strategy emphasizes collaboration, speed, and continuous improvement.
Quotes and outlook
Minister Shanmugam underscored that digital forces are now a common frontier for national security. “Challenges are continuing to grow, and it’s very clear we all have to up our digital defence. It’s a critical priority,” he said, noting that every sector has gone digital and that a unified defence is essential for Singapore’s safety and prosperity.
