Parliament Sitting on 4 July 2022

QUESTION FOR WRITTEN ANSWER

99. Mr Sharael Taha: To ask the Minister for Communications and Information in view of malware tools such as Pipedream or Incontroller which can seize control of critical infrastructure (a) what is the threat that such malware poses to Singapore’s critical infrastructure; (b) what steps have been taken to protect Singapore from such threats; and (c) how can the Government help companies in Singapore to be aware of such threats and take the necessary precaution.

Answer: 

1. The Cyber Security Agency (CSA) monitors threats to Singapore’s cyberspace closely, especially those that threaten Critical Information Infrastructure (CII) that support essential services.

2. The strain of malware discovered in April, referred to as Pipedream or Incontroller, is designed to target equipment found in industrial control systems, which are core to the proper functioning and control of operational systems and processes. This malware enables the attacker to manipulate and disrupt industrial processes, allowing them to remotely collect information from these systems, shut down operations, sabotage industrial processes, and potentially cause physical harm and destruction.

3. When reports of this malware surfaced in April, CSA issued an advisory to our CII sector leads and owners to take precautions against this threat and make timely incident reports. To date, we have not found any evidence of Pipedream being used against our CII. Beyond CIIs, SingCERT also publishes public advisories on protecting industrial control systems, most recently in March, to advise enterprises on how they may bolster their cybersecurity measures against threats that target these systems.

4. It is important that CII owners and other enterprises remain vigilant against cyber threats and adopt the necessary cybersecurity practices to safeguard the systems and networks. CII owners are required by the Cybersecurity Act to put in place measures to meet cybersecurity standards set by CSA. For enterprises, CSA launched the SG Cyber Safe Programme in 2021 to encourage and help companies strengthen their cybersecurity posture.

5. This includes a cybersecurity certification programme for enterprises – comprising the Cyber Essentials and Cyber Trust marks – to recognise enterprises that have implemented good cybersecurity practices. CSA also developed cybersecurity toolkits for companies of various profiles to guide enterprise leaders and their employees on cybersecurity best practices. I encourage companies to apply for these cyber marks and take advantage of the resources and toolkits available on CSA’s website.

7. Mr Speaker, cyber threats are constantly evolving. Pipedream will not be the last strain of malware to threaten us. I urge everyone to stay vigilant, take cybersecurity seriously and practice good cyber hygiene.

 

MCI Response to PQ on Assessment of Risk and Impact of Quantum Computing Technology and Efforts to Ensure Encrypted Digital Records and Communications Networks Remain Secure Parliament QAs Digital Readiness, Others, Government Technology 29 Nov 22
MCI Response to PQ on Measures in Place to Safeguard Privacy and Data of Users against Illegal Tracking by Tech Companies Parliament QAs Personal Data 28 Nov 22
MCI Response to PQ on Mitigation Strategy to Deal with Cellular Phone Jams at Large-scale Crowd Events Parliament QAs Public Comms, Digital Readiness 28 Nov 22
MCI Response to PQ on Measures to Improve Service Quality of Poor Performing Telcos Parliament QAs Others, Digital Readiness 28 Nov 22
MCI Response to PQ on Publishing Unedited Submissions from Individuals and Industry Players in Public Consultations on Proposed Legislation Parliament QAs Others, Public Comms, Personal Data 28 Nov 22
Opening Remarks by PS Joseph Leong for the 3rd Singapore-China (Shenzhen) Smart City Initiative Joint Implementation Committee Meeting on 25 November 2022 Speeches Infocomm Media, Others 25 Nov 22
Eight MOUs signed at the Third Singapore-China (Shenzhen) Smart City Initiative Joint Implementation Committee Meeting Press Releases Infocomm Media, Others 25 Nov 22
Speech by Mrs Josephine Teo, Minister for Communications and Information, at the AiSP South-East Asia Cybersecurity Consortium Forum on 23 November 2022 Speeches Cyber Security 23 Nov 22
Speech by Mrs Josephine Teo, Minister for Communications and Information, at the 5th DataGovAi Webinar eSummit & eAwards on 22 Nov 2022 Speeches Cyber Security, Others 22 Nov 22
Singapore and the Republic of Korea sign the Korea-Singapore Digital Partnership Agreement Press Releases Cyber Security, Others, Digital Defence 21 Nov 22
Speech by Mr Tan Kiat How, Senior Minister of State, Ministry of Communications and Information, at the Launch of Meta’s ‘Art Reimagined Singapore’ on 17 Nov 2022 Speeches Infocomm Media, Others 17 Nov 22
Speech by Mr Tan Kiat How, Senior Minister of State, Ministry of Communications and Information, at the AISP SVRP Award Ceremony on 16 Nov 2022 Speeches Cyber Security 16 Nov 22
Speech by Dr Janil Puthucheary, Senior Minister of State, Ministry of Communications and Information at YouTube Creators for Impact on 15 November 2022 Speeches Infocomm Media, Digital Readiness 15 Nov 22
Speech by Mr Tan Kiat How, Senior Minister of State, Ministry of Communications and Information, at REACH Panel Appreciation Event, on 12 Nov 2022 Speeches Others 12 Nov 22
Speech by Mrs Josephine Teo, Minister for Communications and Information, at REACH Panel Appreciation Event, on 12 Nov 2022 Speeches Others 12 Nov 22
Opening Speech by Mrs Josephine Teo, Minister for Communications and Information, at The Cybersecurity Awards 2022, on 11 Nov 2022 Speeches Cyber Security 12 Nov 22
Closing Speech by Mrs Josephine Teo, Minister for Communications and Information at the Second Reading of the Online Safety (Miscellaneous Amendments) Bill on 9 November 2022 Speeches Infocomm Media, Digital Readiness 09 Nov 22
MCI Response to PQ on Education for Businesses on Protection of Customers Data and Punishment against Hacking Parliament QAs Cyber Security 09 Nov 22
Speech by Mrs Josephine Teo, Minister for Communications and Information at the Second Reading of the Online Safety (Miscellaneous Amendments) Bill, on 8 November 2022 Speeches Infocomm Media, Digital Readiness 08 Nov 22
MCI Response to PQ on Investigation into Impact on Singaporeans from Global WhatsApp Outage Parliament QAs Infocomm Media 08 Nov 22
MCI Response to PQ on Oversight of Practice where Foreign Countries Purchase Advertising or Produce Content for Local Consumption in Mainstream and Alternative Media Parliament QAs Infocomm Media 08 Nov 22
MCI Response to PQ on Effects of Recent Data Breach at Eight Shangri-La Hotels in Asia Parliament QAs Cyber Security 07 Nov 22
MCI Response to PQ on Safeguarding Submarine Data Cables against Sabotage and Major Disruptions Parliament QAs Others 07 Nov 22
Keynote Address by Mrs Josephine Teo, Minister for Communications and Information, at Digital for Life Year-End Event, on 4 Nov 2022 Speeches Infocomm Media, Digital Readiness 04 Nov 22