Singapore’s Cyber Security Agency (CSA) and the Infocomm Media Development Authority (IMDA) have revealed the large-scale, multi-agency cybersecurity operation to counter a significant attack against the country’s telecommunications sector last year.

Codenamed Operation Cyber Guardian, the operation was first launched after threat actors were detected attacking critical infrastructure in July 2025. It has now been confirmed that a criminal group conducted a deliberate and coordinated campaign against all four of Singapore’s major telecom operators – M1, Simba Telecom, StarHub and Singtel.

UNC3886 used sophisticated tactics to gain access to telecom networks, including the use of a zero-day exploit to bypass firewalls and root-kit tools to maintain access without being seen. Detected by the affected operators, the investigation subsequently turned into Singapore’s largest cyber incident to date.

Despite all being impacted, authorities have said no sensitive data was seen or exfiltrated.

“In one instance, the attackers were able to gain access to a few critical systems, but did not get far enough to have been able to disrupt services,” said minister for digital development and information Josephine Teo, as reported by Yahoo! News.

Remediation measures have since been put in place to close access points and expand monitoring across affected networks. However, Teo warned that these attacks should not be taken lightly, as they could “deploy more tools to disrupt telecoms and internet services”.

“They could deploy more tools to disrupt telecoms and internet services. Everything that requires a phone or internet connection would then be affected,” she added. “The knock-on effects of their campaign could also have included other essential services like banking and finance, transport and medical services.

“Successful cyberattacks can also affect trust and confidence in Singapore as a whole, and our economic security.”

The attacks would have taken place as telecom companies worldwide were battling significant cyberattacks. Companies like Colt Technology Services, Orange and Bouygues Telecom all faced damaging incidents last year – with some even accessing personal customer data.

In 2025, Singapore secured $14.2 billion in investments in 2025, according to the Economic Development Board (EDB) and is expected to create 15,700 jobs across the country over the next five years in research and development, manufacturing and innovation.

Related stories

10 cyber incidents that shook the world in 2025: Cloudflare, Colt, Salesforce

Chinese cyberattacks on Taiwan’s critical networks hit 2.6m a day in 2025, report finds

Unpacking the UK’s new Cyber Action Plan and what it means for security