Parliament Sitting on 13 September 2022

QUESTION FOR WRITTEN ANSWER

17. Ms Hany Soh: To ask the Minister for Communications and Information in view of the recent flaw in iOS devices requiring emergency software updates to prevent hackers to seize control of the devices (a) whether the Ministry is aware of reports where Singaporeans’ personal data has been compromised due to this flaw; and (b) what is being done through the Singapore Digital Office (SDO) to increase awareness amongst Singaporeans, especially the seniors who are less tech savvy, on the importance of installing software updates on their electronic devices especially their handphones.

Answer:

1. The Member is referring to Apple’s announcement on 17 Aug 2022, regarding two security vulnerabilities in iPhones, iPads and Macs, which if left unaddressed could allow attackers to take control of any affected Apple device. These were zero-day vulnerabilities, meaning that they were unknown to the vendors when discovered. 

2. Apple advised that it was possible that these vulnerabilities may have already been actively exploited by threat actors, and had since released emergency security updates for users to install. The Cyber Security Agency of Singapore (CSA) has issued advisories to users in Singapore to immediately patch their products to the latest iOS versions. 

3. To-date, the Singapore Computer Emergency Response Team (SingCERT) and the Personal Data Protection Commission (PDPC) have not received notifications of cybersecurity incidents or compromises of personal data associated with these security vulnerabilities. The agencies will continue to monitor the situation and will investigate any reported breaches accordingly.

4. These measures cannot replace good cyber hygiene practices by each of us. Such practices include using strong passwords, being wary of phishing links, and using anti-virus software. It is also important to install software updates on electronic devices promptly, manually or by enabling automatic software updates. 

5. For groups that might be less tech savvy, such as our seniors, the Government has introduced several targeted programmes. CSA launched the SG Cyber Safe Seniors Programme in 2021, to raise awareness and drive adoption of cyber hygiene practices amongst seniors. More than 45,000 seniors have been engaged through pop-up events, webinars and programmes at SG Digital Community Hubs. In addition, as part of SG Digital Office (SDO)’s Seniors Go Digital programme, seniors are taught about cybersecurity risks and tips on how to keep themselves safe online. This includes advising them on the cyber hygiene practices I mentioned earlier.

6. We can all play our part to improve cybersecurity by being vigilant, practicing good cyber hygiene and encouraging our family and friends to do the same. This would go a long way in addressing evolving cyber threats, including the emergence of zero-day vulnerabilities such as those recently found in Apple’s products. The Government will continue to engage and support groups who need help, to empower them to stay safe and secure online.

Speech by Senior Minister of State, Dr Janil Puthucheary at the techUK Digital Ethics Summit 2022 on 7 Dec 2022 Speeches Cyber Security, Digital Readiness, Government Technology, Others 07 Dec 22
Speech delivered by Mr Tan Kiat How, Senior Minister of State, Ministry of Communications and Information, at Asia TV Forum & Market | ScreenSingapore (7 Dec 2022) Speeches Infocomm Media 07 Dec 22
Speech by Mrs Josephine Teo, Minister of Communications and Information, at the Global Technology Summit on 1 December 2022 Speeches Personal Data, Others, Cyber Security 01 Dec 22
MCI Response to PQ on Collection of NRIC and Personally Identifiable Information by Security Officers at Commercial and Private Residential Facilities Parliament QAs Personal Data, Others 30 Nov 22
MCI Response to PQ on Assessment of Risk and Impact of Quantum Computing Technology and Efforts to Ensure Encrypted Digital Records and Communications Networks Remain Secure Parliament QAs Digital Readiness, Others, Government Technology 29 Nov 22
MCI Response to PQ on Measures in Place to Safeguard Privacy and Data of Users against Illegal Tracking by Tech Companies Parliament QAs Personal Data 28 Nov 22