Singapore remains at risk from high-profile hackers

The Lion City could look into increasing secure server capacity as a preventive measure.

In spite of global recognition hailing its cybersecurity frameworks as one of the world’s most advanced, Singapore still fell victim to an unprecedented cyberattack last June, calling attention to the associated risks involved with the government’s dedicated Smart Nation drive.

A massive cyber attack at national health database SingHealth, where the personal information of 1.5 million individuals including Prime Minister Lee Hsien Loong were illegally accessed, has been widely touted as the country’s largest data breach in history.

Also read: Communications minister says SingHealth attack typical of state-linked groups

“[D]espite notable strength in comparison with regional peers, Singapore's status as a financial hub and attractive investment destination serves as a magnet for high-profile hackers,” BMI Research said in an earlier report.

Days after the SingHealth breach, the Securities Investors Association reported that data on 70,000 members were stolen in 2013. In February 2017, the defense ministry disclosed a major hacking incident involving the personal data theft of 850 employees which was said to have been done with the goal of obtaining strategic government information.

Although the government was lauded quickly for its swift action to contain the fallout after temporarily imposing internet surfing separation in SingHealth’s IT systems and resetting user and system accounts, damaging security concerns have already started to weigh in on business sectors that handle a wealth of customer information on a daily basis.

Also read: MAS warns stolen SingHealth data could be used in bank fraud

“Insurance companies, financial services, ride-hailing, bike-sharing are some examples, but almost every single industry which collects data are suspect,” Kenny Liew, telecommunications analyst at Fitch Solutions told Singapore Business Review.

The city state's banks are another highly vulnerable sector as lenders all but lack a target on their backs with state-built digital repository platform MyInfo which allows Singaporeans to automatically key in information for e-forms, remaining a key prey for malicious cyber identities.

In 2015-2016, Singapore banks also became the top targets of the Tinba v3 Trojan cybercriminals, accounting for over a third (36%) of attacks, according to BMI Research.

This is because such data that can explain movement and spending behaviour are highly valuable in shady dealings as they can be sold to companies or parties that can in turn monetise the insights and improve on their goods and services, suggested Liew.

Moving forward 
Despite topping Fitch Solutions' Crime and Security Risk Index with an overall score of 89.7, the Lion City trails slightly behind South Korea in the financial and cybercrime sub-category with a score of 85.8 versus 89.8 which could be linked to the lower number of secure servers per population.

The relatively lower number of servers could heighten cybersecurity risks especially as the volume of data in Singapore only grows by the day as the city state steps up the implementation of the government’s digital economy blueprint and is seeking to establish itself as a leading fintech hub.

“We believe that Singapore could look at increasing secure server capacity to cope with the growing amount of data being collected and stored,” added Liew.

The government could also look into separating parts of the IT infrastructure that are not heavily reliant on the internet to operate so that sensitive information could be benefit from another layer of protection against attacks, Joanne Wong, senior regional director for Asia Pacific & Japan at LogRhythm said in a statement. 

“Whilst this is not a be-all and end-all solution, it makes remote access into the network much harder for external parties and thus creates a defensive shield for these systems,” she added.

Deploying secured information gateways that scrutinise voluminous data passing through networks could also prevent restricted information from leaking out at the same time block unwanted data from passing through.

“Banks in Singapore and around the region frequently use secured information gateways as one of many deterrence measures,” Wong added. “This is generally a good practice and add an additional layer of security without compromising on the benefits of the internet.”

The Lion City's cybersecurity frameworks are amongst the world’s strongest with its critical information infrastructure remaining unaffected from the massive WannaCry ransomware hacking that rocked many governments and organisations around the world in May 2017, according to a report by the Cyber Security Agency of Singapore.

Strong legislation and institutions are similarly in place to maintain the city's cyber resilience including the Cybersecurity Bill 2017 as well as the National Cyber Security Agency which was set up in 2015. 

“Both these organisations aim to combat the rising levels of cybercrime in the country and across the region, greatly boosting Singapore's cybersecurity capabilities and increasing its attractiveness to businesses,” added Liew.

However, the increasing sophistication of cyber attacks which could hit at any point necessitates the relentless drive to improve cybersecurity frameworks, as robust as they already are.

“In addition to these deterrence measures, CIIs also need to operate on the possibility that a cyber breach can and will happen,” added Wong. “Good cyber hygiene practices, a clear and well-communicated cyber incident response plan, as well as staff training are just some of the ways to protect Singapore's critical infrastructure.”

In a show of resilience, the Singapore government has moved to resuming new Smart Nation projects after a slight pause brought about by the cyber attack. 

"We should not allow such incidents to hold us back in building a Smart Nation and digital Government. We need to persist in our efforts to harness the potential of the digital age, whilst building deeper expertise in cyber security so that we can do so confidently," according to a government statement.