Singapore to share classified threat intelligence with critical sectors to beef up national security
‘Our geopolitical situation, our digital connectivity, make us attractive targets,’ says Coordinating Minister for National Security K Shanmugam
[SINGAPORE] Owners of selected critical infrastructure in Singapore could get extra help in hunting down cyberthreats and stress-testing their systems.
For the first time, the government will also be sharing its classified threat intelligence with organisations in critical sectors, including energy, telecommunications and finance, to prevent cyberattacks that could jeopardise national security.
Coordinating Minister for National Security K Shanmugam announced this at the opening of the Singapore International Cyber Week on Tuesday (Oct 21), saying that the government will need to move beyond the traditional regulatory relationship with critical infrastructure owners who are up against some of the most sophisticated state-backed cyberthreat actors.
He said that this “significant shift” in approach was necessary to level the playing field “between defenders and attackers and turn the tide against the threat actors”.
But there was also a need for the organisations to build up resilience and be ready to operate in a degraded mode, as Singapore is up against sophisticated threat actors and some may succeed in their attacks.
That is why it is crucial to strengthen cooperation between key government and technology partners, to share intelligence, block attacks and shut down networks used by cyberthreat actors, he said.
BT in your inbox
Start and end each day with the latest news stories and analyses delivered straight to your inbox.
Singapore will also continue to build up the rules-based international cyber order to strengthen international collaboration, he said, noting that cyberattacks can come from anywhere in the world and can be routed through any number of intermediate nodes.
The moves to strengthen Singapore’s cyberdefences comes after the authorities uncovered attacks by UNC3886 against critical infrastructure here.
Shanmugam said Singapore has been under regular attacks.
“Our geopolitical situation, our digital connectivity, make us attractive targets,” he said.
Regulations alone not enough
The minister was outlining Singapore’s approach to dealing with cyberattacks in his opening speech at the conference held at the Marina Bay Sands Expo and Convention Centre.
Under Singapore’s Cybersecurity Act, critical infrastructure operators are held to higher cybersecurity standards and obligations, such as reporting any cybersecurity outages and attacks on their systems or supply chains, as long as these incidents affect their services.
But Shanmugam said regulations alone were not going to be enough. Amid a rise in state-sponsored malicious cyberattacks and cybercrime, there is a need to ensure that critical infrastructure owners are prepared to deal with increased threats, he said.
Besides securing critical infrastructure through the new partnership with infrastructure owners, the government will also adopt a zero-tolerance approach towards cyberattackers.
It will take action against them whether they are attacking targets here or using Singapore as a launch pad to attack other countries, he said.
He added that Singapore has identified foreign actors attempting to influence its domestic politics, both in the physical world and on the Internet.
He cited the example of the recent general election, in which a self-styled preacher had put up social media posts encouraging people to vote along racial and religious lines.
The issue was discussed in Parliament last week when Shanmugam delivered a ministerial statement.
At the same time, a network of six foreign nationals was also busted for targeting foreign governments from here, the minister said.
They had hacked into various overseas websites to steal the personal information of a significant number of people, which they subsequently sold for profit.
Shanmugam said the police and Internal Security Department had uncovered the network, and four of the foreign nationals have been charged with possessing hacking tools and malware on their devices.
“Naturally, questions arise as to why they are doing this and whether they are doing this on behalf of who else,” he added.
Tackling harmful content and conduits
In addition to targeting the cyberattackers, the government will take action against platforms that carry harmful content or are used by these bad actors as conduits, he said.
For example, in October 2024, 10 websites set up by foreign actors were blocked. They were masquerading as Singapore websites and had the potential to be used to mount hostile information campaigns, said Shanmugam.
Another pillar of Singapore’s approach is to build trust between countries and to continue to strengthen the rules-based international order, extending this to cyberspace to the extent possible, he said.
To this end, Singapore recently concluded its chairmanship of the second UN Open-Ended Working Group on the security of information and communications technology, where there was a consensus on what constitutes responsible state behaviour, he said.
He added that countries have made some headway in codifying this into rules and norms.
Singapore has also partnered with the UN Office of Disarmament Affairs to run the UN-Singapore Cyber Programme, which has trained close to 140 cybersecurity officials from 97 UN member states over the past three years.
This programme will be renewed and extended for another three years, Shanmugam said.
Izumi Nakamitsu, United Nations Under-Secretary-General of Disarmament Affairs, said the training programme will be updated to incorporate new elements such as the impact of artificial intelligence and quantum technologies.
While different countries may have different views on offence and defence, some foundation of cooperation is necessary for a safe and secure cyberspace, he said.
With trust, countries can exchange information and support each other in times of crisis. Without it, countries will be hesitant to share intelligence, leaving all exposed and weakening the collective defence efforts, he added.
“Moreover, if some countries choose to weaponise technologies, others will naturally raise their fences. There will be a cyber arms race, a vicious cycle which benefits no one. We are, in fact, already in that situation,” he warned.
“We are all going to be worse off if cyberspace denigrates into the law of the jungle where might equals right, and we will then see many of the benefits of digitalisation being reversed.” THE STRAITS TIMES
Copyright SPH Media. All rights reserved.
