First it was the “sophisticated” attacks on NTU and NUS.
Immediately after, the WannaCry ransomware surfaced.
Systems infected with the ransomware were locked, with perpetuators demanding ransom. The attack has affected over 100 countries, crippling critical services such as the hospitals in the UK. CNN even called the WannaCry attacks as “one of the broadest and most damaging attacks in history”.
Thankfully, the ransomware has not hit Singapore’s critical services, e.g. hospitals, transport. (If not you also wannacry). Singtel and Starhub, has set up helplines to advise customers on dealing with ‘WannaCry’.
The hackers in the NUS and NUS cyber attacks have targeted the universities to steal ‘government, research data’, according to local media (ST, TODAY, CNA, TNP). CSA also said that this attack was an advanced persistent threat (APT), and it was not the work of “casual” hackers.
For APTs, the hacker typically uses sophisticated methods to get access and lurk in the computer networks to capture data overtime and the data can be extracted to be further exploited.
Mr David Koh (Chief Executive of CSA), even ominously said, “We know who did it, and we know what they were after. But I cannot reveal this for operational security reasons.”
This brings to mind the state-sponsored attacks, which have attempted to sabotage the US and French presidential elections.
This new, unprecedented wave of cyber attacks are a good reminder that everyone is at risk of being affected. Because of our digital connectivity, cyber attacks have grown in volume, complexity, extent and impact. This calls to mind the importance of cyber security.
While CSA has been given the task of “overseeing cyber security strategy, operations, education, outreach, and ecosystem development”, this is a herculean task that needs everyone to play their part.
Companies in the private sector should work with CSA to offer information and data that they have on risks/ threats in the horizon.
Members of the public should also learn how to protect themselves against such cyber attacks. In PAP Minister Yaacob’ Ibrahim’s words, “we can and should also do our part to be vigilant, and practice good cyber hygiene”.
The Singapore public service was mocked by some quarters for the implementation of internet surfing. But now, public servants across the island must be thanking their lucky stars for the Internet Separation now.
And the general public should, too. It’s good foresight.