Lessons Learnt from the Cyber Attacks

Lessons Learnt from the Cyber Attacks
In the last quarter of 2013, a number of websites, including the government’s, were hacked into. MAVIS TEO finds out how these cyber assaults have changed the game for the Singapore government.

In May 2011, Challenge highlighted the 12 trends that will affect you; one of which was the need for heightened cyber defence in the face of rising cyberwar and hacktivism.

Today, recent high-profile sabotages on government websites around the world – including Singapore’s – have proven that greater emphasis needs to be placed on cyber security and national security agencies simply cannot afford any let-up in their vigilance.

Last September, a hacker, going by the moniker, “The Messiah”, and claiming to be part of the international hacker collective known as Anonymous, unleashed the first of a series of cyber attacks (see timeline for details).

On October 31, a video, allegedly made by Anonymous, threatened to unleash cyber attacks against the Singapore government for restricting Internet freedom with its new Internet licensing framework, which was announced in mid-2013.

A day later, a local newspaper’s blog site was defaced, with “The Messiah” claiming responsibility. The next afternoon, on November 2, 19 government websites were inaccessible, bearing messages that they were under maintenance

That this happened in the day, instead of late at night when maintenance is typically carried out, led to public speculation that the websites had been hacked, and that the “shut down” messages were a face-saving measure.

But the Infocomm Development Authority of Singapore (IDA), whose websites were also affected, categorically denied that the sites had been brought down by hackers. Instead, IDA said technical problems had occurred during the maintenance, which had been brought forward because of the Anonymous threat. When Challenge met with the IDA team in January, this position was reiterated.

Complete mobilisation

Ms Jacqueline Poh, IDA’s Managing Director, and Mr John Yong, Director of Infocomm Security and Assurance, who led the government’s efforts to protect its digital assets, told Challenge that those few weeks in November were an “intense period” for them.

Ms Poh said the government took the threats very seriously, and had put in concerted efforts to prevent anyone from derailing the nation’s digital infrastructure.

The IDA headquarters at Pasir Panjang quickly became the joint operations command centre where agency representatives gathered to analyse, review, update and coordinate the effort to protect all public e-services. Security analysts worked round the clock (though a shift system later kicked in) to monitor the situation and to produce reports to keep everyone informed. On November 5 (Guy Fawkes Day), they detected an unusually high volume of Web traffic – indicative of a distributed denial of service (DDOS) attack – revealed Mr Low.

The Internet has a positive function of keeping people informed but users must remember that as long as a device has an operating system and is online, it can be hacked into.

Elsewhere, IT staff based at “over 90 government agencies were on heightened alert and instructed to step up on the level of cyber security and to accelerate the application of software patches,” he added. Patches are security updates designed to fix vulnerabilities in Internet security systems.

It was a win some, lose some situation for the government agencies. On November 20, 13 Ministry of Education school websites were defaced while data belonging to the Singapore Art Museum was illegally published and uploaded to an overseas server. This data contained the personal information of some 4,000 people.

The threat is real

Cyber attacks are a common global phenomenon, said Mr Yong. In October, his security analysts had already detected unusual activity on the global Internet traffic that signified attempts to infiltrate local websites. Singapore was not the only country to be targeted at that time. Websites belonging to the Philippine and Australian governments were also attacked by hackers.

While some websites were hacked to make political statements, others were targeted for their financial value. A recent example was the theft of client data belonging to Standard Chartered Bank. The data in question was stolen not from the bank, but from its service provider that it had engaged to print its bank statements.

“Asia is increasingly being targeted,” said Ms Poh, noting that more people in the region are gaining Internet access as the countries become more affluent and technologically advanced.

“The Internet has a positive function of keeping people informed but users must remember that as long as a device has an operating system and is online, it can be hacked into,” she added.

Lessons learnt

By December, the IDA team was able to breathe a little easier. But ever since the spate of cyber assaults on government websites, it is no longer business as usual at the IDA.

“Things have changed fundamentally,” said Ms Poh.

Though the work schedule at the IDA had returned to some normalcy by January, security measures have continued to intensify. More checks are conducted and websites are tested more frequently. Mr Yong shared that authorised penetration tests are conducted by “white hats” – professional hackers hired to test the security of government websites.

“We’re fortunate to have the means to improve our cyber security,” he said, referring to the National Cyber Security Masterplan 2018 launched last July. In addition to the Masterplan, a S$130 million National Cybersecurity Research & Development Programme has been set up by the National Research Foundation to support cyber security research programmes.

Mr Yong also took the opportunity to talk about the need to increase the number of cyber security professionals in Singapore as the current headcount is only 1200, while the forecast requirement by 2018 is 3000.

“Please spread the word for us,” he said on a lighter note, adding that security analysts are well paid for their expertise.

In the meantime, whenever possible, the public is kept informed of scheduled maintenance through alerts published in various online channels. The agency was quick to add that there were limitations to how much could be shared, bearing in mind operational and security sensitivities.

While the need for tighter cyber security measures has become a given, Ms Poh cautioned that it was impossible for anyone to be completely hack-proof.

“We will certainly do our best to detect, prevent, respond and recover as swiftly as possible. We hope that all Internet users will do their part by practising good cyber security habits, both as private and corporate users. This will not only safeguard your personal data, but also help to improve the overall security of our national ICT [information and communications technology] environment,” she said.

Timeline of Events

October 17 
PAP Community Foundation’s website hacked  

October 28 
Ang Mo Kio Town Council’s website hacked

October 31  
Video of “The Messiah” goes viral online

November 1 
The Straits Times’ blog defaced 

November 3 
Seletar Airport website defaced

November 6 
Singapore’s Prime Minister Lee Hsien Loong warns that the hacker(s) will be dealt with severely

November 7 
Prime Minister’s Office (PMO) and Istana websites compromised

November 12  
James Raj Arokiasamy (allegedly “The Messiah”) charged in court for hacking into Ang Mo Kio Town Council’s website

November 20 
Websites of 13 schools hacked and the release of data from Singapore Art Museum’s website

November 29  
A businessman and a student charged for hacking into Istana website

December 6 
Two brothers charged for hacking PMO website and other online accounts

    Mar 7, 2014
    Mavis Teo
  • link facebook
  • link twitter
  • link whatsapp
  • link email