In this new normal, governments lose cyber battles and people lose trust

In this new normal, governments lose cyber battles and people lose trust

The Edge Singapore
20/08/18, 11:50 pm

SINGAPORE (Aug 20): By now, there is no question whether cyberattacks are a global scourge. And Singapore has not been immune: Both private companies and public-sector organisations here have been attacked.

Nevertheless, it was still a rude shock when SingHealth, the largest healthcare organisation here, said on July 20 that 1.5 million patients’ data — including that of Prime Minister Lee Hsien Loong and several other ministers — had been accessed by attackers with “sophisticated” means. More worryingly, authorities have indicated that the attackers are not merely individuals working out of a basement, but rather organised parties linked to, or backed by, states. Singapore authorities have declined to name the perpetrators.

Separately, cybersecurity firm FireEye has said hackers, likely to be Chinese, have targeted Cambodian electoral agencies ahead of elections last month, and may be targeting companies and state agencies in Malaysia and other Southeast Asian countries.

Singapore, which tries to maintain cordial relations with all in the name of trade and business, may need to continue to be discreet. However, the murky cyberworld is a new dimension where rules, even if they exist, are not necessarily followed.

Attacks by alleged state actors, using methods similar to those experienced by public agencies here, have been documented elsewhere. In 2015, the US Office of Data Management was hit. The following year, Japan’s Defence Ministry and Self-Defense Forces’ internal communications network was hacked. Australia’s F-35 fighter and P8 surveillance aircraft data was stolen by Chinese hackers. “All sorts of countries are getting involved,” says Tony Uren, visiting fellow at the Australian Strategic Policy Institute (ASPI).

“In fact, every country likely has a cyber agency in some form or another, which has support from the government. These state actors have an official ‘Licence to Hack’, which means that they have ‘support’ from a government to disrupt or compromise target governments, organisations or individuals to gain access to valuable data or intelligence,” says Shahnawaz Backer, a security specialist covering Asia-Pacific, China and Japan at cybersecurity firm F5 Networks. “However, most countries will deny that such activities are being carried out — [it’s] very much similar to spying.”

The World Economic Forum has named cyberattacks and cyberwarfare as the top cause of disruption in the coming five years, ahead of natural disasters and extreme weather. “In the worst-case scenario, attackers could trigger a breakdown in the systems that keep societies functioning,” said WEF’s Global Risks Report 2018.

Why are there more cyberattacks? What is the motivation? ASPI’s Uren believes one reason is that nation states see cyberattacks as a cheap and effective way to access information, versus traditional means of recruiting human agents, for instance. Another motivation is to influence events, Uren says, such as Russia’s alleged meddling in the 2016 US presidential election.

SingHealth’s attackers have similar motivations as those who target US entities: They aim to advance their own business and strategic interests, says Chong Ja Ian of the National University of Singapore.

Since Sept 11, 2001, threats to security have increasingly become non-conventional, far different from the battles between the armies of two or more states. Similarly, cyberthreats have to be seen as the “new normal” today, says Graham Ong-Webb of Nanyang Technological University.

“It is something we have to mitigate and reduce the impact of whenever it happens,” says Ong-Webb, who is a research fellow at NTU’s S. Rajaratnam School of International Studies. “The SingHealth breach is not going to be the last incident, but this is not a reflection of poor cybersecurity in Singapore, although we need to make a significant improvement.”

Chong also points out that one of the key reasons why such attacks are carried out is to disrupt trust between different segments of society — the compact between people and their government, for example. “The degree to which there is less transparency, this can more easily encourage speculation and conspiracy theories to come about,” he says.

At the crux is building “trust” among people. The delay in disclosing the attack on SingHealth has not helped in fostering confidence. Chong urges the authorities to at least explain to citizens why they are unable to present more information, including who the potential perpetrators might be at this point. International ties are not built and maintained by just government officials, but ordinary people doing business or making friends, too.

This article first appeared in issue of The Edge Singapore (Issue 844, week of Aug 20)

Looking beyond quarterly fluctuations in ST Engineering’s growth story

SINGAPORE (Nov 17): ST Engineering’s latest third-quarter results have shown improvements in profitability in three of its four key business units of aerospace, electronics, land systems and marine. In addition to the main four, there is an “others” unit, which lumps together shared services, new ventures and other related activities. It reported a loss of $7.3 million. ST Engineering’s latest third-quarter results have shown improvements in profitability in almost all its business units. The marine unit, on the other hand, suffered a 35% y-o-y drop in earnings to $12.8 millio....

iFAST founder Lim confident China business will be exciting

SINGAPORE (Nov 16): Lim Chung Chun, chairman and CEO of iFAST Corp, believes long-term diversification is the best strategy to grow its assets under administration (AUA). Indeed, the company’s AUA has grown 18.7% y-o-y to hit a new record high of $8.5 billion as at Sept 30. Although the expansion of its unit trust platform into a wealth management solution distributing stocks, bonds, exchange-traded funds (ETFs) and insurance has been pretty successful, its geographical expansion into the mainland Chinese market for his B2B wealth management solutions hasn’t quite hit its marks yet. ....

How IoT in agriculture could present new opportunities for investors

SINGAPORE (Nov 16): Earlier this year, Avarga, formerly known as UPP Holdings, said it was acquiring a 23.08% stake in local start-up Archisen for up to $1.5 million in three separate tranches. Ian Tong, Avarga’s executive director, is on ­Archisen’s board. Tong is also the executive director of The Edge Media Group, which publishes The Edge Singapore. While indoor farming is not new, high-tech IoT-enabled farm Archisen is drawing on technical expertise from its partners to improve tis production within a controlled environment, shielded from the vagaries of weather that have t....
BMW charges up an 'electrified future'

Christopher Wehner, managing director of BMW Group Asia, explains how electric cars such as the BMW