Despite Singapore being rated the most advanced digital economy in Asia and after establishing itself as a leading hub for innovation, the country continues to grapple with cyber security threats that have shattered its state-of-the-art digital infrastructure and its status as a ‘smart nation.’
SingHealth’s hacking led to the unauthorised access and copying of non-medical personal data of 1.5 million people including their national identification number, address, and date of birth. The breach also included the unlawful access of medical data from 160,000 out-patients. A few months after, the HIV data leak allegedly orchestrated by Mikhy Brochez surfaced. And while the Brochez mayhem continues to burn Singapore newspaper pages, the story on fraudulent credit card transactions amounting to over $96,000 became public.
All these developments impair Singapore’s thrust to becoming a center of technological advancement and Asia’s forerunner in combating cyber security-related threats.
David (Koh) vs. Goliath (cyber attacks)
David Koh, CEO of Singapore’s Cyber Security Agency, clearly emphasised that the government cannot deal with the cyber security needs of the nation on its own.
“Cybersecurity is a team sport… private sector organisations need to do their part and take proactive steps to protect their systems,” he said, adding that the private sector (as well as individuals) needs to complement the government’s efforts by reaching out and helping a wider group of end users.
Koh underscored the fact that Singapore as a commercial hub with high inter-connectivity, continues to be a prime target for cyber attacks. Going forward, cyber threats will only intensify and “we will have to keep improving our cyber security efforts to stay ahead of malicious actors.”
While the government is taking the lead in protecting Singapore’s cyberspace, it cannot do the job alone. “Combating cyber threats requires collective action by individuals, organisations and communities. We need everyone to play their part in keeping our cyberspace safe,” Koh added.
“We need to invest in strong cyber defences, not just with new technology, but to also attract the right talent. The launching of the Cybersecurity Professional Scheme of Service and the scholarship schemes are some of the recent initiatives toward this end.
“While we do all these, the weakest link remains the human factor. The government also has in place employee awareness initiatives to ensure that public officers are kept abreast of cyber threats and the cyber security measures to take.”
Elaborating on the human factor being the weakest link, Koh observed that this explains why phishing has been such a popular and successful tool for hackers as users continue to click on random links and attachments.
“Findings from our surveys have shown that while the public are generally aware of cyber security threats, they do not take the necessary precautions. This could be due to complacency stemming from Singapore’s reputation as a safe country. Education is the key.”
CSA, together with its partners, have been working to raise cyber security awareness and adoption of cyber security measures by individuals and businesses. “This is done through campaigns and events such as conferences as well as the dissemination of timely alerts and advisories through CSA’s SingCERT.
“Our attackers are well-resourced and highly skilled; we cannot win if we don’t level up,” he added.
The fight against cyber security threats
This is not a pursuit that can be achieved by one man or by one government. An alliance between governments, businesses, the academe and individuals from numerous fronts is imperative to its accomplishment.
It is vital to put up not just strong defences for today’s cyber-threats, but also to broaden the infrastructure, capabilities, mindsets and friendships that will enable everyone, as an international community, deal with the cyber threats of tomorrow.