How vulnerable are our Critical Information Infrastructures (CII)? Have any of our CII networks been compromised or experienced attacks?

As a hyper-connected business hub, Singapore is vulnerable to cyber-attacks which are increasing in scale and sophistication. While we were fortunate to have escaped relatively unscathed so far, we have seen our share of cyber-attacks. One example is the breach of MINDEF’s I-net system in February 2017 where the personal data of 850 national servicemen were leaked. In May 2017, Advanced Persistent Threat (APT) actors targeted two of our top universities.

Although none of our Critical Information Infrastructure (CII) has been disrupted, the global WannaCry and Petya malware attacks, which also surfaced in Singapore, are reminders of our vulnerability. We can expect more attempts to breach our cyber defences.

To enhance our defences against increasingly sophisticated cyber-attacks, the Cyber Security Agency of Singapore (CSA) works closely with Sector Leads to ensure that CII owners have capabilities and measures to detect, respond to and recover from cyber threats and cyber-attacks. CSA has been advocating that organisations should take cybersecurity into consideration when designing systems and networks to develop robust systems with defences against attacks, and not add them later as an afterthought.