Is hyper-connectivity a boon for criminals?

Zubaidah Jalil -

Singapore’s Ministry of Defence faced a considerable scare in February 2017. A breach had been detected in its computer systems, indicating that the personal information of 850 national servicemen had been stolen, including their names, identification numbers, telephone numbers and dates of birth.

The ministry called the attack “targeted and carefully planned,” and floated the possibility that the real motivation behind it was to gain access to official military secrets.

Later investigations revealed that the breach had occurred weeks before detection, with Second Minister for Defence Ong Ye Kung saying that it was “consistent with a covert attack, with means used to mask the perpetrator’s actions and intent.”

Singapore’s vulnerability as a cyber target was later thrust under closer scrutiny when a report published by Israeli firm Checkpoint Security in September 2017 showed that it had emerged as the world’s number one location for launching cyber attacks.

But cybersecurity experts were careful to point out that a cyberattack recorded as coming from Singapore may in fact have originated elsewhere, thanks to its position as a vital artery for Internet traffic flows.

“It is highly possible that attackers leverage this connectivity and route attacks through Singapore using our local IP addresses to cover their tracks,” says David Koh, chief executive of Singapore’s CyberSecurity Agency (CSA). Another uneasy side effect of Singapore’s hyper-connectivity is the vulnerability that comes with the proliferation of Internet-connected devices like IP cameras, Wi-Fi routers, and smart appliances — a phenomenon termed the Internet of Things (IoT).

“People are usually early adopters here, so it comes with a lot of IoT devices,” says Aaron Eilat, general manager of cyber technology research and design firm Custodio Technologies.

An attacker need only use software to automatically scan the Internet for devices that can be easily hacked into. Once a network of infected devices, called a botnet, is amassed, they behave like digital footsoldiers, carrying out the attackers’ bidding.

Singapore’s Smart Nation initiative, which will see developments like tech-enabled homes, smart lamp posts and autonomous vehicles, means that the country’s IoT engagement will only continue to deepen.

At this juncture, a more pertinent question is perhaps not why the military breach occurred, but why such attacks don’t happen more frequently.

Koh calls it “sheer chance” that the nation escaped largely unscathed in the wake of global attacks like the WannaCry ransomware attack, in a 2017 interview with Channel News Asia.

The attack allowed hackers to seize complete control of an organisation’s computers, threatening to destroy data unless payments in cryptocurrency were made.

But the attack was relatively primitive, targeting vulnerabilities in older versions of Windows operating systems, which were not widely used in Singapore.

In addition, unlike European targets, Singapore was not the intended aim.

“If it was, the result might have been different,” he says, pointing to how hospitals in Britain were forced to turn away non-critical patients as a result of MRI scanners, theatre equipment and blood-storage refrigerators being affected.

Estimates placed the total destruction wrought by Wannacry at anywhere between hundreds of millions of dollars to several billion dollars, extending across some 200,000 computers in 150 countries.

The Singapore government has amplified efforts to buttress its digital defences, passing a Cybersecurity Bill in February that legally compels organisations serving critical areas — like energy, aviation and healthcare — to secure their infrastructure and report any suspicious incidents to the CSA.

— dpa