Singapore’s telcos team up to counter major cyberattack

By James Pearce

Feb 9, 2026

Singtel, M1, Simba Telecom and StarHub were all targeted by UNC3886 in July last year
Operation Cyber Guardian measures prevented access or loss of data
Cyber Guardian was Singapore’s largest ever coordinated cyber operation

Singapore’s four infrastructure-based mobile operators – Singtel, M1, Simba Telecom, and StarHub – were all targeted as part of a major and coordinated cyberattack last year that was thwarted by the island state’s security agencies.

The Cyber Security Agency (CSA) and the Infocomm Media Development Authority (IMDA) revealed that a hacking group, an advanced persistent threat (APT) actor referred to as UNC3886 that attacked critical Singaporean infrastructure in July 2025, was stopped as part of joint efforts by security services in a move codenamed Operation Cyber Guardian.

UNC3886 used sophisticated tactics to gain access to telecom networks, including a zero-day exploit to bypass firewalls and root-kit tools to maintain access without being seen. Singapore’s telecom operators detected the attempts and, although the hackers – suspected of being based in China – gained access to “a few critical systems”, no sensitive data was seen or exfiltrated.

The attackers “did not get far enough to have been able to disrupt services,” stated the country’s minister for digital development and information, Josephine Teo, who is also the minister in charge of the Smart Nation Initiative and the CSA. Teo unveiled details of the operation during a speech at the Operation Cyber Guardian Engagement Event for Cyber Defenders.

The CSA, IMDA and other relevant agencies have been working with the telcos to implement remediation measures, while closing off UNC3886’s access points. It is the country’s largest ever coordinated cyber defence operation, involving more than 100 defenders from six government agencies.

However, Teo did issue a warning that more tools could be deployed in efforts to disrupt services in Singapore. “The knock-on effects of their campaign could also have included other essential services, like banking and finance, transport and medical services. The fact that they could perhaps find a way to create so much damage without detection makes it a really worrying concern.”

- James Pearce, Editor, TelecomTV

Email Newsletters

Sign up to receive TelecomTV's top news and videos, plus exclusive subscriber-only content direct to your inbox.

Subscribe

Security

Security

Singapore’s telcos team up to counter major cyberattack

By James Pearce

Related Topics

More Like This

Security

KT claims major advance in QKD

Access Evolution

CSA Catapult joins JOINER Network to convert research into sovereign capability

The AI-Native Telco

What’s up with… ElevenLabs, Telenor, Telus

Access Evolution

Spirent partners with ESA to spearhead PNT Resilience initiative for critical national infrastructure

The AI-Native Telco

SK Telecom announces full year 2025 results

Email Newsletters

Latest Videos

The Future of RAN

Intel’s and Wind River’s roles in Vodafone’s European Open RAN rollout

Unthinkable

How would you describe the “Unthinkable” in-person events?

The Great Telco Debate

The Great Telco Debate 2025 highlights

The Digital Sovereignty Forum

Digital Sovereignty Forum 2025 highlights and insights