Singapore’s Mounting Cyber Threats

Security agencies will find it increasingly challenging to deal with the threat of terrorism, as terrorists can now easily access sophisticated capabilities through the internet or dark web, said Senior Minister of State for Defence and Foreign Affairs Mohamad Maliki Osman.

In the face of such non-traditional security challenges, regional militaries have to step up cooperation and adapt to the new security environment, he added in a speech recently at the S Rajaratnam School of International Studies’ 19th Asia-Pacific Programme for Senior Military Officers (APPSMO).

Below is an excerpt from his speech.

The world has experienced an eventful year of turbulence and security challenges. Allow me to share some perspectives on our increasingly complex security environment.

Ongoing conflicts continue to simmer and threaten regional peace and security.

All of us are deeply concerned by the series of deliberate and provocative actions by North Korea, including the two nuclear tests in January and September last year, as well as what appears to be a ballistic missile just last week.

While Singapore is not a major player on the Korean Peninsula, we watch developments there keenly as any disruption to peace and stability on the Peninsula could destabilise the whole region.

Any miscalculation could have devastating consequences and upset the existing rules-based international order that has allowed peace and security to flourish in the Asia-Pacific for the last few decades. We hope the major players on the Korean Peninsula can find a way to resume dialogue and prevent the situation from deteriorating.

Over the past one year, we have also seen a proliferation of non-traditional security threats, such as cyber and terrorist attacks.

On cyber-security, I’m sure all of you present are aware of the recent Wannacry and Petya attacks which crippled the critical infrastructure of some states and shut down numerous businesses around the world.

The damage from such attacks would be incalculable for many countries, especially as we become more and more reliant on computer networks and the internet.

Terrorism is also increasingly becoming a key threat to our region.

While we are seeing a defeat of ISIS militarily in Iraq and Syria, we are also witnessing a re-emergence of terrorism in the Asia-Pacific.

ISIS has intentions to establish a caliphate in our region too. It has been estimated that more than 1,400 Southeast Asian citizens have travelled to Iraq and Syria to support ISIS, and a large proportion of this number could return after the defeat of ISIS in the Middle East.

There have been an increasing number of attacks claimed by ISIS in Southeast Asia in recent years, such as a grenade attack in Malaysia in June last year and the Jakarta bombing in May this year.

The ongoing siege in Marawi is a reflection of the increasing likelihood of the violent extremism spreading from the Middle East to the Asia-Pacific.

In addition, regional terror groups are well-funded, using charities and non-profit groups as a cover to support terrorism. The ease with which terrorists can conduct small-scale attacks with everyday materials, such as pipe bombs, is also a significant concern.

For example, in Marawi, unlike previous incidents with Abu Sayyaf that were typically kidnappings for ransom, the current Abu Sayyaf is well-armed, well-organised and well-funded by ISIS.

It is supported by funding from illegal drug trafficking networks and a very complex and sophisticated chain of command that runs from Syria, through the Philippines, to Indonesia and elsewhere in the region.

As of early June, the death toll was about 100 including terrorists, government troops and civilians. While the actual fighting is limited to Marawi for now, the trafficking and funding ties, as well as the spillover of terrorist insurgencies, to other parts of Southeast Asia and beyond is a significant source of concern.

The barrier for such terrorist elements to access sophisticated capabilities ranging from cyber to biological and chemical weapons is also lower as they are easily available through the internet or dark web.

This will have a concomitant impact on the security and stability of our region. Militaries and Homeland Security forces will also find themselves increasingly hard-pressed to deal with such adversaries as they gain almost “near-peer” capabilities.

The modus operandi of terrorists is also constantly evolving. ISIS has been very effective in its use of social media thus far.

For example, ISIS has adapted its propaganda material into various languages to cater to the different populations in our region. We are also witnessing increasing sophistication in ISIS’ use of the internet.

Recently, ISIS started creating its own social media platforms to avoid security crackdowns on their communications, as companies like Facebook and Twitter start clamping down on ISIS’ accounts.

An equally great concern for us in this regard is the challenge of fighting self-radicalisation of individuals as they are exposed to radical ideologies via the Internet. Linked to this is how we should strengthen the resilience of our people in the face and aftermath of such terrorist attacks.

Role of Armed Forces Today

In the face of such non-traditional security challenges, how relevant are the armed forces, which have traditionally been structured for full-on conventional warfare.

As conventional conflicts become increasingly unlikely, how prepared are our Armed Forces to address the new challenges in today’s security environment?

The fight against terrorists has moved beyond the frontlines in Iraq, Syria and Afghanistan and come closer to home.

As seen from the Paris attacks, these terrorist attackers are striking in cities, where the terrain is significantly more complex and challenging – urban, high rise, and densely populated areas where militaries are unable to bring the full range of their capabilities to bear.

At the same time, homeland forces may find themselves overwhelmed should these attackers be equipped with military grade capabilities. Militaries will need to find ways to adapt to the new security environment.

The Singapore Armed Forces is therefore building a SAF Training Institute City (SAFTI City), to train our battalions to fight across both conventional and urban terrains successively.

The SAF also recognises that counter-terrorism is a Whole-of-Government endeavour which requires seamless interagency coordination, underpinned by an effective legal framework.

Unfortunately, the threat of terrorism is no longer simply confined to kinetic attacks.

With the availability of cyber tools leaked from the US National Security Agency, terrorists now possess advanced cyber weapons that can take out critical infrastructure and retrieve sensitive military information even as they perpetrate their attacks with devastating impact.

In this regard, it is also important for a country’s cyber infrastructure and defence to be adequately prepared. The Ministry of Defence is in the midst of establishing the Defence Cyber Organisation, which will have about 2,600 soldiers when it is fully stood up.

Regional Cooperation

To counter the cross-border nature of these emerging threats and maintain the existing rules-based international order, Singapore is fortunate to enjoy strong support and cooperation from our friends and partners around the world.

In particular for our region, we have multilateral platforms like the Asean Defence Ministers Meeting (ADMM) and ADMM-Plus to build confidence and interoperability.

Besides addressing non-conventional threats, the ADMM and ADMM-Plus are also valuable platforms in our regional security architecture to build trust and confidence among regional militaries.

As Singapore assumes the ADMM Chairmanship in 2018, we hope to promulgate common guidelines across the maritime and air domains as confidence-building mechanisms for our militaries to reduce tensions and the risk of miscalculations in the region. This is particularly pertinent as the maritime and air traffic in the Asia-Pacific increases with the rising development and prosperity of countries in the region.

In this regard, we hope to expand the Code for Unplanned Encounters at Sea, or CUES in short, to all ADMM-Plus countries. We also hope to establish a set of guidelines for air encounters between military aircraft, akin to the US-China Memorandum of Understanding on the Rules of Behaviour for Safety of Air-to-Air Encounters.

These confidence building mechanisms would be practiced during upcoming ADMM-Plus Exercises, such the maritime security exercise that Singapore will co-organise with the Republic of Korea.

In addition, CUES would also be practiced during the ASEAN-China Maritime Exercise that Singapore will facilitate in our capacity as the ASEAN-China Dialogue Relations Coordinator.

As we grapple with the threat of terrorism, regional countries will have to come together to shoulder this collective responsibility.

Closer cooperation with each other is critical especially as terror attacks could be planned or even launched from one country to damage another.

Last year, Singapore convicted four Bangladeshi nationals who plotted to finance terror attacks in their own home country. We also saw an ISIS-linked group plotting to launch a rocket attack on Singapore from the island of Batam.

Singapore and Indonesia worked closely together to foil the attack and arrest the group.

As Malaysian Defence Minister Hishammuddin Hussein rightly said, such joint initiatives and cooperation will show ISIS that they are not just facing individual countries but a united Southeast Asia.

Intelligence sharing is also essential in countering the threat of terrorism.

Given the transnational nature of terrorist threats, no one country has the bandwidth to identify all the threats out there. The only way we can address this is if countries pool our resources together and share intelligence.

During my visit to Indonesia in June this year, the Indonesian Defence Minister General Ryamizard Ryacudu suggested to develop a regional framework for intelligence sharing, joint training and exercises on counter-terrorism.

Hisham and I think that this is a good and timely idea given the increasing terrorist threat, exemplified by the Marawi situation in the Philippines.

Beyond the Asia-Pacific region, we also recognise the global nature of threats like terrorism and cyber-attacks. In this regard, we welcome all our partners to also share their experiences and ideas through professional exchanges and exercises between militaries.

Of course, aside from the military exercises that we conduct, dialogue is also important. Particularly in times when we may not always agree on the way forward, we can leverage platforms like the Shangri-La Dialogue and APPSMO. These are useful in developing shared perspectives on security threats and finding constructive solutions.

Today Online:

You Might Also Read:

Singapore Defense Ministry Under Remote Attack:

Australian Government Networks Hacked:

« Australian Spy Data Helps Business Cyber Threats
The US Power Generation System Is Under Siege »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Wallix

Wallix

Wallix is a software company offering privileged access management solutions for enterprises, public organizations and cloud service providers

Prevalent

Prevalent

Prevalent takes the pain out of third-party risk management. Companies use our services to eliminate the security and compliance exposures that come from working with vendors and suppliers.

Managed Security Solutions (MSS)

Managed Security Solutions (MSS)

MSS deliver consultancy services and managed security services for IT departments who may lack the time, resources, or expertise themselves.

Source Defense

Source Defense

Source Defense provides websites with the first ever prevention technology for attacks of third-party origin.

Oneconsult

Oneconsult

Oneconsult provides cyber security services focusing on penetration tests / ethical hacking, ISO 27001 security audits and incident response & IT forensics.

Windscribe

Windscribe

Windscribe is a Virtual Private Network services provider offering secure encrypted access to the internet.

Uhuru Corp

Uhuru Corp

Uhuru offers a wide variety of IoT products and solutions including enebular® IoT Orchestration Service.

Fraugster

Fraugster

Fraugster provides the most precise anti-fraud solution for e-commerce businesses.

PSYND

PSYND

PSYND is a Swiss consultancy company based in Geneva specialized in CyberSecurity and Identity & Access Management.

DMARC360

DMARC360

DMARC360 analyzes your email traffic patterns and sources, rapidly deploys email authentication protocols and monitors your email domains with automated recommendations and incident response.

Ethyca

Ethyca

Ethyca builds automated data privacy infrastructure and tools for developers and privacy teams to easily build products that comply with GDPR, CCPA Privacy Regulations.

Capital Network Solutions

Capital Network Solutions

Capital Network Solutions are a highly accredited managed IT services and consultancy provider, specialising in cyber security, infrastructure and communications.

Kirk ISS

Kirk ISS

Kirk ISS are the leading provider of IT services in the Cayman Islands. We offer best-in class hardware, software, communications and cloud computing, all backed by professional services support.

NexGen Cyber

NexGen Cyber

NexGen Cyber helps customers in commercial SMB markets with IT security, security integration, service management, outsourced service transition, and transformative security solutions.

Redcoat AI

Redcoat AI

Redcoat AI provide a comprehensive security platform that continuously evolves with the threats and opportunities presented by AI.

Scalarr

Scalarr

Scalarr is an innovative, next-generation cyber security firm focused on automation and AI to detect and prevent threats in mobile and Edge/IoT infrastructures.