2 Mar 2026
Committee of Supply Debate 2026, Ministry of Digital Development and Information
On 9 February 2026, the government revealed that Singapore’s major telecommunications operators were targeted last year in a sophisticated cyber espionage campaign by the group UNC3886.
Such intrusions are a stark reminder that the digital battle space has expanded into a theatre of strategic sabotage. Advanced persistent threat actors pre-position malicious code to sit dormant for years, designed to be activated during a crisis to trigger power failures or disrupt transport and payment systems. For Singapore, this poses a direct threat to our national survival, as a coordinated disruption to civilian telecommunications, payment systems, and transport networks would directly cripple the SAF’s ability to mobilise and deploy troops at speed.
While the containment of UNC3886 demonstrates our technical proficiency, we must leverage this capacity to signal clear consequences. The government must work with international partners to communicate strategic red lines, explicitly stating that the pre-positioning of malicious code in our critical infrastructure is an unacceptable provocation.
We must leverage our attribution capabilities to call out such actors directly, while carefully weighing the diplomatic sensitivities of naming state-linked groups. We should move toward a posture of active deterrence through precise signalling and the threat of calibrated counter-measures. By doing so while remaining consistent with international law, we can avoid unintended escalation. Ultimately, we must effectively change the cost-benefit calculus of any potential aggressor.