DSTA, MINDEF and the SAF can now tackle unusual cyber threats proactively, thanks to a new detection scheme developed in-house. Cyber threats are advancing in sophistication. Successful attacks may either proliferate rapidly, causing substantial disruption to operations, or remain hidden for a long time before they are discovered. DSTA has developed a slew of measures to strengthen its defence against such cyber-attacks.


Advanced cyber-attacks are designed to evade detection by the best-of-breed commercial off-the-shelf security products. To overcome this limitation, DSTA developed new means to detect and neutralise malicious contents in a number of document types. These new detection schemes were integrated seamlessly into the existing infrastructure so that operations and user experience are not affected. The team also developed technological solutions to perform automated malware analysis for multiple environments.

To detect potential and new threats, the team performed automated correlation of information and infrastructure logs from both internal and external sources. This allows detection measures to be enhanced and preventive actions to be taken where needed. With automation engineered into the infrastructure for detection and analysis, the team can channel its resources to develop solutions to detect evolving advanced attacks and respond to unusual threats.

The innovations and technologies developed by the team have provided a sustainable means to keep up with the rate of malware evolution while allowing the efficient deployment of resources to focus on key areas. These customised solutions enabled DSTA, MINDEF and the SAF to detect and respond rapidly to cyber threats.