Cybercrime: Singapore is a target
Cybercrime attacks are becoming increasingly rampant, especially in Singapore and Asia Pacific as a whole. This is largely due to the widespread use of digital banking – Singapore reputedly the highest in Asia – and the fact that many major multinationals have Asian headquarters in Singapore.
Violence, housebreaking and other related crimes in Singapore dropped to a 20-year low in 2015, but online commercial crimes skyrocketed 95% to 3,759 cases, up from 1,929 cases. Additionally, a total of 33,608 cases were recorded last year, up from 32,315 cases in 2014, and this is despite many cybercrimes going unreported.
According to Check Point, one of the biggest cyber-security firms globally, there has been a tenfold increase in Locky ransomware attacks, just one type of ransomware, on companies in Asia Pacific in just three months. This number jumped from 160 attacks in April to a whopping 1667 attacks in July 2016.
Lawmakers have tabled a new cybersecurity law for Singapore’s Parliament in 2017. The proposed bill comes from the Minister for Communications and Information, Yaacob Ibrahim, and will primarily aim to ensure that critical information infrastructure is secured, and incidents are accurately reported by operators.
The bill comes as part of a rising need to tackle more sophisticated attacks from faster and bolder aggressors.
Speaking on the subject of direct cyber attacks on Singapore, Yaacob said, “It is inevitable that Singapore’s critical information infrastructure will become targets. The interconnectivity in our networks also means that the effects of cyber attacks can be contagious.”
The Minister claims the new bill will work in tandem with the Computer Misuse and Cybersecurity Act. That Act, which was revised in 2007, allows for simpler investigation and prosecution of those behind cybercrime.
The new standalone cybercrime Act should help improve compliance and basic standards requirements, and bring Singapore more in line with Germany and the US, which have both passed recent legislation for critical infrastructure operators.
Yaacob has stated that similar legislation (to that of Germany and the US) for Singapore would empower the relevant authorities to better manage cyber security, and obviously the enactment of such a bill would propel Singapore forward in its mission to become a Smart Nation.
Earlier this year, Singapore’s Cyber Security Agency carried out its first practice exercise drill to coincide with the opening of its Cyber Forensics Laboratory.
The drill involved staging a major cybersecurity incident including a security breach, data leak, and malware infection, all of which could potentially bring down multiple systems. More than 100 companies and a number of government agencies took part.
Banking and finance were represented by key Singapore institutions ranging from the Monetary Authority of Singapore to DBS Bank.
Telecoms is another sector especially vulnerable to cyber attack, and last month Singtel, Singapore’s biggest telecoms operator, announced they would be partnering with the Singapore Institute of Technology to train the brightest new talent in cybersecurity. This follows in the wake of Singtel’s acquisition in late 2015 of Trustwave, a provider of managed security.
Clearly the widespread adoption of significantly enhanced cybersecurity measures is on the cards in Singapore.
Earlier this year it was announced civil servants would no longer be able to access the internet from their work computers as of May 2017, owing to the current lack of cybersecurity in government offices.
The controversial decision is now backed by Prime Minister Lee Hsien Loong, as well as the head of the Smart Nation initiative, Vivian Balakrishnan.
However, despite such drastic steps, the Singapore Government is keen to stress it has not fallen behind in its efforts to thwart cyber attacks. Rather, according to Yaacob, this is the first step in securing “the necessary foundation for a successful digital economy."
Given the recent massive data breach from the Office of Personal Management in the US, which resulted in the theft of social security numbers, mobile phones, and other data from an estimated 22 million people, perhaps the Singapore approach at this stage makes quite a lot of sense. Cybercrime is definitely a clear and present danger.