Parliament Sitting on 26 July 2021

QUESTION FOR ORAL ANSWER


17. Mr Mohd Fahmi Bin Aliman: To ask the Minister for Communications and Information in light of the recent global cyberattack that forced Swedish Coop supermarkets to close, whether there have been any attempts to attack Singapore’s supply chain software in the past three years.

Answer:

Mr Speaker, Swedish Coop supermarkets were forced to close earlier this month due to what is know as a supply chain attack. The Coop used the the Kaseya Virtual System Administrator (VSA), which is a software management platform designed to help organisations manage their IT services remotely. 

2. Similar attacks have occurred in recent months, such as the SolarWinds breach reported in December 2020 and the attack on the Microsoft Exchange Server reported in January 2021. How are these supply chain attacks orchestrated? Essentially, they take advantage of unsuspecting companies’ introduction of new software into their systems, that turn out to contain malicious elements or  ransomware . 

3. Usually, neither the companies nor their vendors that supplied the software were even aware that the software had been compromised. The same software that afflicted tens of thousands of organisations and businesses can also find their way into IT systems in Singapore.  To date, we have not observed any adverse effects on our Critical Information Infrastructure (CII) and Government systems. The Singapore Computer Emergency Response Team (SingCERT) has also not received reports of any Singaporean businesses falling victim to these attacks. 

4. Nevertheless, the Government continues to adopt a cautious stance, and the Cyber Security Agency (CSA) monitors global developments very closely. Whenever potential threats arise, CSA will immediately direct our CII sectors to check for any potential compromise in their networks. SingCERT issues alerts and advisories to the public on actionable steps to take, should they be affected. Given the global and transnational nature of such cyber-attacks, CSA also works closely with regional CERTs and its international counterparts to track developments and share information. 

5. The attack through the Kaseya VSA is yet another example of how cyber-attacks have spilled over into the physical realm, with real-world consequences. Attackers are clearly learning and evolving their tactics to maximise their gains from a single attack. We must expect that cyber attacks will become increasingly commonplace and sophisticated. They can strike any of us or our organisations, and we must assume that our systems will be breached at some point. 

6. As was mentioned in the response to a query on the SolarWinds attack in Parliament earlier this year, CSA is strengthening its engagements with CII sectors, enterprises and organisations to shift towards a “zero-trust” cybersecurity posture. This comprises  two key principles: first, do not trust any activity on your networks without first verifying it and second, ensure constant monitoring and vigilance for suspicious activities. 

7. Organisations should also implement simple steps not only to prevent breaches, but to detect incidents early and recover quickly from them. These include keeping systems and software updated, backing up data regularly and keeping the backup offline, and practising incident response and business continuity plans to ensure that employees are well-prepared when breaches happen. 

8. The Government is taking steps to reinforce this mindset and raise the national cybersecurity posture against this new normal. CSA will launch the CII Supply Chain Programme later this year, in partnership with  the owners of such infrastructure and their vendors,  to ensure that stakeholders adhere to international best practices and standards for supply chain risk management. At the same time, CSA is developing the SG Cyber Safe Programme to provide businesses with actionable cybersecurity toolkits and resources to bolster their cyber defences.

9. Mr Speaker, I would like to stress that everyone must play their part. Businesses and organisations are responsible for their own cybersecurity, and must take action to strengthen their posture. Conduct an assessment of the risks, contemplate in advance how you will mitigate them, and ensure that you have business continuity plans after an attack. It is in our own interest to stay vigilant against cyber threats, even as we leverage the opportunities of an increasingly digital world.
Seniors can look forward to first-ever dialect sitcom in variety show, “Happy Together”《欢喜一家亲》, to be launched on 8 October 2021 Press Releases Public Comms 23 Sep 21
Keynote Address by MOS Tan Kiat How at Human Capital Singapore (HCS) Masterclass Series, on 16 Sep 2021 Speeches Infocomm Media 16 Sep 21
MCI’s response to PQ on proposal for grants given specifically for content creation to assist SMEs' transition to digital market and remain competitive and attractive to potential customers Parliament QAs Infocomm Media 14 Sep 21
Speech by Mrs Josephine Teo, Minister for Communications and Information, at Personal Data Protection Seminar on 14 September 2021 Speeches Personal Data 14 Sep 21
MCI’s response to PQ on investigation to identify if operators behind suspected infection of mobile devices in Singapore are operated by Israeli cyber arms firm NSO's Spyware Parliament QAs Cyber Security 13 Sep 21
MCI’s response to PQ on update on number of low-income households that have benefited from Home Access 3.0 Programme and plans to increase minimum broadband speed Parliament QAs Infocomm Media 13 Sep 21