But we are also number one in security strategy
Forget about being a Smart nation or a startup country The city-state has made into the podium as one of the top ten attacking countries, based on data from (Threatmap). The website tracks malicious cyber-attacks across the globe and consistently ranked the top aggressors in cyber-attacks. One glance on the list of top ten attacking countries, one will find the great powers of the world pitting each other for glory and honors in the cyberspace.
However, a nation or rather a city-state stood out from the rest of big countries with likes of USA, Russia, UK, Germany and China. Surprise, surprise … the city-state is none other than Singapore. According to Threatmap, the island-nation is placed on the fourth position among the top attacking countries. Singapore has held the same position rather consistently over the past two weeks, which saw almost an average cyber-attacks of 14 million cases over the world daily.
The first place in the hit-list among the Singaporean hackers is reserved for USA and the city-state is likely to inflict its target with tons of malwares. By computation, Singapore’s favorite weapons of choice belongs to access to malicious resources at 61.7%, followed by bot communication at 30.3%, then malicious file transfer at 0.9% and others malwares at 7.1%. Meanwhile, the “numero uno” or first-place among the top attacking countries is conferred to Russia which infects other machines and global networks mostly with bot communications. Ironically, Russia is also placed consistently as the number one target by hackers all over the world.
read more
Singapore takes top spot in UN cyber security index
The Global Cybersecurity Index (GCI) 2017, released on Wednesday, noted that Singapore has "a long history of cyber security initiatives".
"It launched its first cyber security masterplan back in 2005. The Cyber Security Agency (CSA) of Singapore was created in 2015 as a dedicated entity to oversee cyber security and the country issued a comprehensive strategy in 2016," said the report by the UN International Telecommunication Union (ITU).
Singapore moved to pole position this year from sixth place in the first GCI, released two years ago. Others in the top 10 include Estonia and Malaysia. The GCI is a survey measuring the commitment of UN member states to cyber security.
read more
S'pore takes top spot in UN cyber security index
Singapore has been making cyber security a priority in recent years. In May, the Government announced that it is pumping as much as $528 million into cyber security spending, which includes a new Government Security Operation Centre to detect cyberthreats.
The moves come against the backdrop of a series of high-profile global cyber attacks over the past 2 months, such as the WannaCry ransomware attack in May & NotPetya last week.
The UN report also pointed out that while having a coordinated national cyber security strategy is essential, only half of its member states had such a plan. The survey covers all 193 ITU member states, including 59 which did not respond but were invited to validate responses based on research.
read more
Singapore the most secure Asian nation for data privacy, says survey
The city-state was less risky than its rival Hong Kong
Citizens of Singapore can rest easy that their data is safe & secure, as a survey found out that the city-state is the best Asian country for data privacy. According to a report by Artmotion, Singapore garnered a risk score of 1.9%, as a result of the island state’s independent privacy legislation and political stability.
Meanwhile, it was behind Switzerland, the safest nation for data storage, which received a risk score of 1.6%. The only other Asian nations which are considered secure include Hong Kong (5th), Taiwan (6th), & South Korea.
Singapore is also ahead of the United Kingdom & the United States of America which ranked 23rd and 38th respectively, the report noted.
read more
Ghost In The Shell: Asia unites in cyber defense
Closer to home, Indonesia and Australia have both initiated steps in cybersecurity measures and both initiatives are linked with the city-state of Singapore. For instance, the Singaporean government has invited Joko “Jokowi” Widodo, Indonesian president for the upcoming Singapore International Cyber Week 2017, held during 18-21 September 2017.
“Since we have established a national cyber agency, we will need more input. So I’m interested to attend the event in Singapore to talk about cyber security issues.” Jokowi told local media. Since June 2017, Indonesia has inaugurated its national cyber agency named Cyber Body and National Encryption Agency (BSSN) and the agency is scheduled for operation by September 2017.
Similarly, Singapore has also established agency specialized in mitigating cyber risks, called the Cyber Security Agency (CSA) of Singapore. The CSA has then signed an agreement with Australia’s Cyber Security Agency in cooperation for protection of critical information infrastructure. Under the agreement, both countries will hold “joint cybersecurity exercise” to test their capability in facing the common threat. In addition, the two countries have in mind to host a “cyber-risk reduction workshop” for all the countries in the Association of Southeast Asian Nations (ASEAN) by the end of 2017.
read more
National cybersecurity strategy aims to make Smart Nation safe: PM Lee
The new strategy outlines Singapore’s vision, goals & priorities in the online space
For the 1st time, Singapore has put forth a holistic national cybersecurity strategy that will underpin its Smart Nation aspirations & act as an enabler for its economy and society, while enhancing its standing as a trusted digital hub.
Unveiled by Prime Minister Lee Hsien Loong on Mon (Oct 10), the new strategy outlines Singapore’s vision, goals & priorities in the online space and has 4 pillars: Building a resilient infrastructure; creating a safer cyberspace; developing a vibrant cybersecurity ecosystem; and strengthening international partnerships.
"Singapore aspires to be a Smart Nation. But to be a Smart Nation, we must also be a safe, cyber nation," said Mr Lee. "We must get cybersecurity right, to capture the benefits of a more connected world."CSA chief David Koh added in a separate media briefing after the announcement that while there were existing national masterplans on cybersecurity, including the most recent one spanning 2013 to 2018, the latest strategy supercedes the existing one as it is wider encompassing. The previous masterplans were more operational and domestically focussed, but the new strategy's 4th pillar, which deals with international cooperation, is new and shows its wider remit, he explained.
read more
A Smart Nation must be built on a secure foundation
"Singapore aspires to be a Smart Nation. But to be a Smart Nation, we must also be a safe, cyber nation. We must get cybersecurity right, to capture the benefits of a more connected world," said PM Lee Hsien Loong as he unveiled Singapore’s first holistic national cybersecurity strategy. He outlined 4 key pillars:
- strengthening critical infrastructure
- working with businesses and individuals to create a safer cyberspace
- growing cybersecurity capabilities by creating jobs and developing talent, and
- forging stronger ties with international counterparts
The Government will also address gaps in standards and incident reporting protocols for service providers by strengthening Singapore’s cybersecurity governance and legislative frameworks.
read more
Major cyberattack inevitable, Cyber Security chief warned in 2015
While he may have been criticised for recent remarks on the Singhealth data security breach, Mr David Koh had in fact warned 3 years ago that a cyberattack was inevitable.
Mr Koh, the Chief Executive of the Cyber Security Agency of Singapore (CSA), said in an interview with Channel Newsasia in 2015 that the Internet was not designed for security. Thus, he said, the onus was on the Government and and its agencies to ensure that security breaches are detected early and dealt with quickly.
He added that it was also important for the people to be informed as soon as possible when such intrusions happened.
read more
Another Singapore agency discovers data theft affecting 70,000 members in the wake of Singhealth data breach
The Securities Investors Association (Singapore) has discovered a cybersecurity breach affecting about 70,000 members, in the wake of the massive Singhealth data hack that unfolded this month.
According to an email SIAS sent to its members, the personal particulars (such as names, NRIC numbers and telephone numbers) of about 70,000 members were illegally accessed and stolen.
Curiously, SIAS – which has been described as “Singapore’s leading voice for all minority shareholders” – has reported that the data breach happened five years ago, in 2013. It only recently discovered the hack and is now taking steps to rectify the situation.
read more
Singhealth Data Breach - No Action Needed ??
It takes more than 2 months - from 1 May to 4 July 18 before the cyber attacked on Singhealth was discovered. By then 1.5 million patients' non-medical data was breach. Because of the late discovery - a further 160,000 patients' medical record was stolen between 27 Jun to 4 Jul.
Think the hacker(s) must be having a field time, first steal personal data, since no one notice go for medical record too. Why does it takes more than 2 months before major attacked was notice? IT security system limping weak or Singhealth IT dept sleeping on the job?
Then all these diversion tactics as usual on MSM to take the public focus away from the important questions. Who attacked us? What they intend to do with our data? What is the govt doing to apprehend the hackers?
read more
How alarming that peace-loving Singapore is targeted by a hostile country – and citizens are kept in the dark
The United States’ White House and Pentagon, along with the European Union governments, have declared that state sponsored cyberattacks constitute an “act of war.” But the massive hacking of SingHealth – ostensibly by a foreign country – is described by authorities only as “the most serious breach of personal data.”
Prime Minister Lee Hsien Loong also said nothing alarming was stolen and no “dark state secret” was uncovered by the hackers. Perhaps they are trying not to cause undue concern to Singaporeans. But the gravity of it cannot be played down.
While others are calling such state cyberattacks an “act of war”, our authorities are calling it a “serious breach.”
read more
Did authorities respond fast enough to Singapore’s worst personal data breach?
Patients try out the self-help health kiosk at SingHealth Bedok Polyclinic. (foto: Eastern Health Alliance, now merged with SingHealth)
As the dust settles on the “most serious breach of personal data” in Singapore’s history - which compromised the records of 1.5 million SingHealth patients, including Prime Minister Lee Hsien Loong - questions have surfaced on whether the authorities responded in a timely enough manner once the threat of a cyberattack was detected.
Database administrators from the Integrated Health Information System (IHIS) detected unusual activity on SingHealth’s IT systems on Jul 4 & put a stop to the data breach activities. It was later that they found out data had been illegally copied and stolen beginning from Jun 27 – eight days before the cyberattack was detected.
From Jul 4 to Jul 9, the administrators continued to monitor the network traffic closely before ascertaining it was a cyberattack and alerted their superiors. On Jul 10, MOH, SingHealth & the Cybersecurity Agency of Singapore (CSA) were informed and forensic investigations carried out.
read more
Doctors raise concerns again over national e-records system after data breach at SingHealth
With some doctors already apprehensive about legislation that will make it compulsory for them to submit their patients’ data towards a national e-records system, the recent SingHealth cyber attack has sparked more unease among the medical fraternity.
They want greater reassurances — such as answers to what made SingHealth’s IT system vulnerable such that the data breach affected 1.5 million patients — & what concrete steps will be taken to avert an incident of similar magnitude in future.
Apologising for the cyber attack last Friday (Jul 20), Health Minister Gan Kim Yong said that the National Electronic Health Record (NEHR) project would “have to take a pause” for a while, so that the authorities can look into strengthening the cyber-security measures behind the system before moving on.
read more
MAS warns stolen SingHealth data could be used in bank fraud
Financial institutions are discouraged from relying on the stolen information for customer verification.
The Monetary Authority of Singapore has urged financial institutions to tighten customer verification processes in light of the recent cyberattack at government public health database SingHealth wherein the personal information of 1.5 million individuals including the Prime Minister were illegally accessed.
All financial institutions are discouraged from relying on the information stolen from the attack (name, NRIC number, address, gender, race and birth date) for verifying customer identities. Additional information like One-Time password, PIN, biometrics and last transaction date is needed before transactions can be performed on behalf of the customer, the de-facto central bank said in a statement.
read more
SingHealth data hacked a 'goldmine' for identity thieves: Expert
Fear, trust and a willingness to help others
In the wake of Singapore's worst data breach to date, members of the public need to be alert to scammers who may tap on these emotions to trick them into giving up even more personal information, warned cybersecurity experts.
The authorities revealed last Friday that hackers had accessed the personal information of some 1.5 million people who visited SingHealth's hospitals, specialist centres & polyclinics between May 1, 2015, and July 4 this year.
Experts that The New Paper spoke to said such incidents could lead to identity theft, fraud & social engineering attacks, which use human psychology to manipulate victims into revealing confidential information.
read more
4-member Committee of Inquiry convened to investigate SingHealth cyber attack
(Clockwise from top left) The committee will be headed by former chief district judge & current member of the Public Service Commission Richard Magnus. The other members are executive chairman of cyber security solutions firm Quann World, Mr Lee Fook Sun; group chief operating officer of healthcare technology firm Sheares Healthcare Management, Mr T.K. Udairam; & assistant secretary-general of the National Trades Union Congress, Ms Cham Hui Fong. FOTO: ST FILE, CHANGI GENERAL HOSPITAL, ST ELECTRONICS, NTUC.ORG.SG
The authorities convened a 4-member Committee of Inquiry (COI) on Tue (Jul 24) to examine SingHealth's cyber attack that led to the biggest data breach in Singapore.
The committee, headed by former chief district judge and current member of the Public Service Commission Richard Magnus, will also recommend ways to better safeguard public sector IT systems.
The other members of the COI are executive chairman of cyber security solutions firm Quann World, Mr Lee Fook Sun; group chief operating officer of healthcare technology firm Sheares Healthcare Management, Mr T.K. Udairam; & assistant secretary-general of the National Trades Union Congress, Ms Cham Hui Fong.
read more
Spate of Data Breaches In Singapore
10 Major Data Breaches In Singapore
Data Breaches Have Been On The Rise In Singapore. Singapore was ranked the safest country in the world based on a report by the World Justice Project in 2018. However, it seems that data breaches are threatening our online safety.
In 2019 alone, there were 3 major data leaks that affected millions of Singaporeans. Over the years, there have been other high profile cases that you may have forgotten.
We revisit a few breaches that threatened Singapore since the ‘internet age’:
- MOH, MOE accounts sold on the dark web in 2019
- Blood-donors personal information exposed in 2019
- HIV data leak in 2019
- SingHealth got hacked in 2018
- MINDEF got hacked in 2017
- WannaCry Ransomware 2017
- K Box Data Breach in 2014
- SingPass leaks in 2014
- Anonymous attacks in 2013
- Y2K bug in 1999
SingHealth system hit by 'massive' cyberattack
Hackers hoping for 'some dark state secret' in my medication records will be disappointed: PM Lee
Cyberattackers who repeatedly targeted data on Prime Minister Lee Hsien Loong’s outpatient medication will be disappointed for the information is “nothing alarming”, Mr Lee said in a Facebook post shortly after the Government announced on Friday (Jul 20) that Singapore had been hit with its most serious cyberattack yet.
“I don’t know what the attackers were hoping to find. Perhaps they were hunting for some dark state secret, or at least something to embarrass me. If so, they would have been disappointed. My medication data is not something I would ordinarily tell people about, but there is nothing alarming in it,” Mr Lee wrote on Facebook.
Sophisticated cyberattackers broke into public healthcare cluster SingHealth's IT systems to steal the medical data of 1.5 million patients including Mr Lee, & the unusual activity was detected by the Health Ministry’s IT arm on Jul 4.
read more
related:
Spate of Data Breaches In Singapore
HIV status of 14,200 people leaked online
MOH: IT error causes about 7,700 S'poreans to receive wrong CHAS subsidies
Our nation-building Press
Smart Nation Vision For Singapore
A new platform, data sensors, trials at JLD and industry collaboration will help Singapore realise its smart nation vision
Singapore is en route to becoming the world’s first smart nation with the introduction of several new initiatives, including a new platform that encompasses the necessary infrastructure and technical architecture to support a smart nation ecosystem.
Unveiled at the opening of the Infocomm Media Business Exchange (imbX) event, these new building blocks are aimed at bringing together policies, people, and technologies in a concerted fashion that will help the country realise its smart nation ambition.
Singapore has made good progress establishing the backbone infrastructure to support big data and analytics, Internet of Things (IoT), and other transformational ICM technologies outlined in its Intelligent Nation Masterplan (iN2015), said Dr Yaacob Ibrahim, Minister for Communications and Information, during his opening address at imbX.
read more
Smart Nation Vision For Singapore
A new platform, data sensors, trials at JLD and industry collaboration will help Singapore realise its smart nation vision
Singapore is en route to becoming the world’s first smart nation with the introduction of several new initiatives, including a new platform that encompasses the necessary infrastructure and technical architecture to support a smart nation ecosystem.
Unveiled at the opening of the Infocomm Media Business Exchange (imbX) event, these new building blocks are aimed at bringing together policies, people, and technologies in a concerted fashion that will help the country realise its smart nation ambition.
Singapore has made good progress establishing the backbone infrastructure to support big data and analytics, Internet of Things (IoT), and other transformational ICM technologies outlined in its Intelligent Nation Masterplan (iN2015), said Dr Yaacob Ibrahim, Minister for Communications and Information, during his opening address at imbX.
read more
The world’s most-surveilled cities
Cities in China are under the heaviest CCTV surveillance in the world, according to a new analysis by Comparitech. However, some residents living in cities across the US, UK, UAE, Australia, and India will also find themselves surrounded by a large number of watchful eyes, as our look at the number of public CCTV cameras in 120 cities worldwide found.
Closed-circuit television (CCTV) cameras serve many purposes, ranging from crime prevention to traffic monitoring to observing industrial operations in environments not suitable for humans. The digital age has boosted the prevalence of CCTV surveillance. Cameras are getting better and cheaper, while live video streams can be remotely accessed, stored on the internet, and passed around. The adoption of face recognition technology makes it possible for both public and private entities to instantly check the identity of anyone who passes by a CCTV camera.
Depending on whom you ask, the increased prevalence and capabilities of CCTV surveillance could make society safer and more efficient, could trample on our rights to privacy and freedom of movement, or both. No matter which side you argue, the fact is that live video surveillance is ramping up worldwide.
Singapore – 86,000 cameras for 5,638,676 people = 15.25 cameras per 1,000 people
Closed-circuit television (CCTV) cameras serve many purposes, ranging from crime prevention to traffic monitoring to observing industrial operations in environments not suitable for humans. The digital age has boosted the prevalence of CCTV surveillance. Cameras are getting better and cheaper, while live video streams can be remotely accessed, stored on the internet, and passed around. The adoption of face recognition technology makes it possible for both public and private entities to instantly check the identity of anyone who passes by a CCTV camera.
Depending on whom you ask, the increased prevalence and capabilities of CCTV surveillance could make society safer and more efficient, could trample on our rights to privacy and freedom of movement, or both. No matter which side you argue, the fact is that live video surveillance is ramping up worldwide.