Singapore is the most vulnerable to cyber attacks in Southeast Asia: Report

Singapore might be nearing its ambition to become Southeast Asia’s Silicon Valley, however, its vulnerability to risks posed by “critical infrastructure failure” might hamper that aspiration.

In Southeast Asia, tech is king. With increased mobile penetration and an exponentially growing number of users, technology is starting to–even on a global scale–take control of and advance traditional systems. These developments are changing the way we live and software we use, and our access to one another–sometimes for the better, sometimes for the worst.

Singapore, often referred to as the technological hub of Southeast Asia, is nearing the reputability of the much-famed Silicon Valley, in the United States. With more and more money being invested in Southeast Asia’s startup scene, Singapore and rivalling cities are fast becoming major players in the world of technological advancement and development.

Along with its growing reputation, however, there is one major drawback to the Lion City’s success; it is vulnerable to risks posed by “critical infrastructure failure” in the Southeast Asian region. These risks often come in the form of cybersecurity breaches, stated Ayesha Khanna, a board member of the Info-communications Media Development Authority (IMDA) and CEO of ADDO AI.

Suffering cyber-style

In recent times, Singapore and its inhabitants have been the victim of a number of the previously mentioned cybersecurity breaches. In fact, Singaporeans were subject to the worst-ever cyberattack, when hackers infiltrated the database of SingHealth, Singapore’s largest group of healthcare institutions. The infiltrators stole the data of 1.5 million patients. In January 2019, the Singaporean Ministry of Health also found the exposure of Singapore’s HIV registry, leaking the confidential details of 5,400 members of the public, as well as 8,800 foreigners.

This week, Group-IB announced that it had discovered login details of Singaporean government and education employees. Alongside the details, in excess of 19,000 Singaporean bank cards’ details have also been found on the dark web, since 2017.

According to data provided by cybersecurity firm Trend Micro, Singapore currently holds some records among the Southeast Asian nations–and not for good reason. The country is a hotbed for malicious URL hosting, with over 68% of attacks originating from within the Lion City, and an estimated 27% of business emails compromisation incidents throughout Southeast Asia take place in Singapore.

What’s the Cause?

Singapore is the major tech hub of Southeast Asia. It has prominent startups and plenty of tech giants headquartered within its borders. With that level of tech and success automatically comes plenty of cyber defence systems; however, without sufficient ‘peopleware’, the best software and hardware is essentially redundant.

The apparent cause, in some scenarios, is the Singaporean mindset when it comes to cybersecurity. Erman Tan, president of the Singapore Human Resources Institute (SHRI), used the following analogy to emphasise the challenges that companies face when it comes to human awareness in Singapore.

People will think: ‘Why do we have fire drills when we never encounter fires?’ It’s the same for cybersecurity. People will always feel it will never happen to them, or it will never happen to their company.

The above quote suggests that breaches could, in theory, be put down to employee apathy. A Committee of Inquiry (COI) investigated the potential human-error factor of cyber attacks in Singapore and found that employees were ignoring the warning signs of a potential breach. The committee also attributed some of the blame to vulnerabilities within the systems themselves; as is often the case–loopholes tend to be a common occurrence in software.

Committee of Inquiry Findings

There were five key findings during the COI’s inquisition into Singapore’s weakness in the face of cyber attacks:

  • Certain IHiS staff holding key roles in IT security incident response and reporting failed to take appropriate, effective, or timely action, resulting in missed opportunities to prevent the stealing and exfiltrating of data in the attack.
  • IHiS staff did not have adequate levels of cybersecurity awareness, training, and resources to appreciate the security implications of their findings and to respond effectively to the attack.
  • There were a number of vulnerabilities, weaknesses, and misconfigurations in the SingHealth network and SCM system that contributed to the attacker’s success in obtaining and exfiltrating the data, many of which could have been remedied before the attack.
  • The attacker was a skilled and sophisticated actor bearing the characteristics of an Advanced Persistent Threat group.
  • While our cyber defences will never be impregnable, and it may be difficult to prevent an Advanced Persistent Threat from breaching the perimeter of the network, the success of the attacker in obtaining and exfiltrating the data was not inevitable.

Recovery

Khanna, while speaking to The Edge Singapore, stated that the Republic of Singapore must adopt “a regional approach to protect ourselves and to help each other.” She went on to say:

The best thing that any country can do is to share knowledge. To share expertise, best practices and framework successes with other cities, and–this is where diplomacy comes in–to persuade, encourage, and advocate for the better good of the region for everyone to take on [these best practices].

In fact, Ensign InfoSecurity announced this month that they would be opening The Cyber Analytics centre, a new joint venture for excellence to protect critical infrastructure in the region against sophisticated cyber attacks.

To better the status quo, Singaporeans working within tech-savvy institutions and businesses need to be educated sufficiently regarding the threats of cyber attacks, while firms themselves need to work alongside gold-standard security firms to improve their software and attempt to cover any loopholes. As Nilesh Jain, vice-president of Southeast Asia and India at Trend Micro, says:

Enterprises need to strengthen their cyber defences at every touch point, namely, on the endpoint, in the cloud, and at the network layer.

Cybersecurity in Southeast Asia is weaker than the Western world, and leading technology firms and experts are looking to equip both businesses and governmental bodies with better defence systems in an attempt to rebut any future infiltrations. Working together with Western and Asian nations will assist Southeast Asia and Singapore in their fight to protect their public and systems from further cyber attacks, leading to a healthier tech environment and a sense of harmony within the Lion City.

 

This piece first appeared in TechCollective.