When the first wave of the Covid-19 pandemic struck, expectations were high that the storm would blow over quickly in a matter of weeks, and things would soon return to “normal”.
Instead, with a prolonged crisis becoming a distinct possibility, stay-at-home guidelines turned into default modes of working, schooling and socialising, setting off a massive digitalisation wave.
There was a scramble for organisations to implement remote work capabilities, employees to set up digital home offices, schools to launch on-line virtual classes.
Online population exploded, and opportunistic cyber adversaries did not hesitate.
They were quick to capitalise on the digital web that was expanding at an unprecedented rate. They drowned the online traffic in Covid-19 phishing emails, built legitimate looking Covid-19 news sites on top of malicious domains, deployed scanners to search for new vulnerabilities to exploit.
While questions remain as to how the Covid-19 situation will unfold globally, one thing is clear.
From America to Europe to Asia-Pacific, as we migrate from the physical world to the virtual, the transnational nature of cyber attacks does not change. Neither do the non-discriminatory tactics. While the health care sector suffered disproportionately high numbers of cyber attacks, other critical infrastructure sectors were also incessantly targeted.
Cooperation and Partnerships
Held on 5th October – 9th October 2020, the 5th Singapore International Cyber Week (SICW2020) – hosted by the Cyber Security Agency of Singapore (CSA) through a combination of inter-linked physical and virtual meetings – was timely for government and industry to reflect on the cyber security landscape amidst these developments.
“As more people go online, crime and threats have also gone virtual. Cybersecurity will be critical as we become more digital, “ said Mr Heng Swee Keat (Singapore’s Deputy Prime Minister, Coordinating Minister for Economic Policies and Minister for Finance) at the opening ceremony.
Touching on SICW2020’s theme “Cooperation in a Post-COVID Future”, he said: ”the best way to do so is to learn from one another and tap on each other’s strengths, so that we can build back better from this global crisis.”
Highlighting Singapore’s contribution to the two platforms convened by the United Nations in 2019 (the UN Group of Governmental Experts and the first-ever Open-Ended Working Group) to discuss the development of norms to operate in cyberspace, and how international law applies to cyberspace, he said: “international cooperation is possible because we have a rules-based multilateral order“.
International cooperation was also visibly underscored by the events during SICW2020 – the 5th ASEAN Ministerial Conference on Cybersecurity with representatives from the member countries*; the 2nd edition of Women in Cyber co-organised by CSA, the High Commission of Canada and the Embassy of Kingdom of Netherlands; and the Ministerial Roundtable Opening Session with Ministers, Cybersecurity Coordinators/Heads of Cybersecurity Agencies, and top industry players across the world**.
But “as the digital arena expands, we must redouble our efforts to strengthen our resilience to cyber threats,” Mr Heng Swee Keat cautioned.
The fraught circumstances of the pandemic which put businesses through extremes underscore resiliency in sustaining operations.
When it comes to cyber space, end-to-end detection and prevention of cyber attacks that are either sophisticatedly crafted for bespoke systems or deployed non-discriminatory at high volumes are clearly not possible.
Resiliency, preparedness for disruption – including scenarios, impacts, responses, recovery plans – are more important than before.
Putting resilience centre stage of cyber security conversations underlies the theme of GovWare Focus 2020 at SICW2020: “Partnerships for Resilience and Advancement.”
With the increased attacks on health care, more focus than before is shifting to the resiliency of critical infrastructures, and in particular Operational technology (OT).
Partnerships and Resiliency in Operational Technology
OT, the technological bedrock that powers traffic lights, manufacturing plants, electricity grids – and health care diagnostics equipment and more – is tightly woven into the digital fabric of our daily lives.
Automation and digitalisation push mean that OT are increasingly linked to enterprise IT, which become entry points for attackers to conduct lateral movements onto OT systems and execute their disruptive plans.
From Stuxnet to the recent attack on the Israeli water plant, this worrying trend impacting safety, reliability, productivity to OT shows no signs of abating.
Keys to building OT resiliency are partnerships and exchange of information.
Initiatives are already underway.
One is the OT-ISAC (Operational Technology Information Sharing and Analysis Centre) which was established under Pillar 2 of Singapore’s OT Cybersecurity Masterplan that was launched by Mr Teo Chee Hean (Senior Minister and Coordinating Minister for National Security) at SICW2019.
Sharing of information and intelligence “will increase cyber resilience by leveraging on the collaborative effort of the community”, said Mr John Lee (Managing Director, Global Resilience Federation Asia Pacific – GRF – that manages OT-ISAC) said during his Govware Focus 2020 talk (“Leveraging Information Sharing for Cyber Defence of Critical Assets”).
An OT Cybersecurity Expert Panel (OTCEP) to be established was also announced during SICW2020.
“To augment our OT Cybersecurity Masterplan that was launched last year, I am pleased to announce that the Cyber Security Agency of Singapore (CSA) will establish an OT Cybersecurity Expert Panel (OTCEP), ” said Mr S Iswaran (Minister for Communications and Information and Minister-in-charge of Cybersecurity) at the opening ceremony of ASEAN Ministerial Conference on Cybersecurity 2020.
The panel of internationally renowned practitioners will meet in the first half of 2021, to discuss key global OT technologies and emerging trends, recommend best practices, and share insights in handling global cybersecurity incidents.
Aside from partnerships and information sharing, clear responsibilities are also key to resiliency. Pierre-Alain Graf (Senior Vice President for Global Security with Hitachi-ABB Power Grids and also a Co-Chair of the Systems of Cyber Resilience: Electricity community as part of the World Economic Forum) presented a draft “industry-wide collaboration model” outlining roles in the electricity eco-system across the value chain during his talk “Cyber Resilience in the Electricity Eco-System.”
In an “ecosystem wide collaboration and resilience plan”, he stressed the need for clear “roles between product supplier, asset owner and system integrators and predefined responsibilities from a principles perspective.”
Mr Graf highlighted the lengthy conversations across stakeholders (both electricity utilities and energy technology companies) to arrive at the model, underscoring the complexity of the ecosystem and the importance of this model.
“It is no longer enough for an electricity organization to secure its own “house”. Leaders must realize that their organizations are part of a larger “neighbourhood” where cooperation on cyber resilience is essential between the members of that neighbourhood, ranging from oversight bodies to suppliers, customers and employees,” according to the World Economic Forum’s “Cyber Resilience in the Electricity Ecosystem: Principles and Guidance for Boards” report that he referred to.
Beyond clear roles and responsibilities, joining forces across company borders is an important remedy against fast-evolving cyber threats in the energy sector.
Internet of Things
Another challenge exacerbated by the Covid-19 triggered digitalisation wave is the increased cyber attack surface introduced by the proliferation of devices as we work from home.
This challenge is foreseen to be more important as we implement the next generation technology of 5G.
The “Internet of Everything” represents a vulnerable conduit that expands our attack surface, and can impact our broader cyber landscape,” said Dr Janil Puthucheary (Senior Minister of State, Ministry of Communications and Information, and SMS-in-Charge of Cybersecurity), during his Opening Keynote Address at the International IoT Security Roundtable during SICW2020.
“The vast majority of IoT devices – baby monitors, home routers, even our fridges and cars – are optimised for functionality and cost, rather than security,” he said, which “is not just a technical problem” but is also about “building trust and partnerships”.
Last year’s “IoT Security Landscape Report” published in collaboration with The Netherlands to drive internationally recognised IoT standards and protocols was one such example.
Another was the affirmation between Singapore and UK on both countries’ mutual commitment towards the adoption of best practices to secure IoT devices.
This year’s IoT Security Roundtable, with speakers representing private and public sectors from various countries, continues Singapore’s role in the global community, in forging partnerships with like-minded stakeholders.
Other key initiatives
Mr Heng Swee Keat(Singapore’s Deputy Prime Minister, Coordinating Minister for Economic Policies and Minister for Finance) also announced the launch of the Safer Cyberspace Masterplan by the Cyber Security Agency of Singapore.
Within the blueprint, is the voluntary “Cybersecurity Labelling Scheme” (CLS), which takes reference from the European Standard EN 303 645 ‘Cyber Security for Consumer Internet of Things: Baseline Requirements’ in assigning cybersecurity rating levels to registered smart devices.
Initially introduced for Wi-Fi routers and smart home hubs, the rating (four levels representing the extent to which the product has been tested and assessed) is intended to help consumers easily assess the level of security offered and make informed purchasing decision.
Other initiatives introduced in the blueprint include a 5G Security Programme, an Artificial Intelligence-enabled Cyber Fusion Platform for threat detection and analysis, the Exercise-in-a-Box Singapore tool that CSA will be launching in partnership with the United Kingdom’s National Cyber Security Centre to aid enterprise leaders in addressing cyber risks.
Cybersecurity is a Team Sport
The attendance of 6,000 participants from over 60 countries at SICW2020 is a ringing endorsement for global partnerships to address a global challenge.
“The fact that we have been able to go ahead with this year’s SICW, and we have been able to do so with the participation of more countries and more participants is a clear signal” of the participants’ resiliency and commitment towards safe and secure digital commons, said Mr S Iswaran (Minister for Communications and Information and Minister-in-charge of Cybersecurity) in his concluding remarks at the joint press conference with UN Under-secretary-general Izumi Nakamitsu.
The importance for commitment from partners is echoed by Mr David Koh (Commissioner of Cybersecurity and Chief Executive, Cyber Security Agency of Singapore).
“Cybersecurity is a team sport. It’s like playing on football team” and “it is crucial that the team shares a common objective, with each player contributing in his own way,” he said.
While the government is “uniquely placed to play certain roles to protect cyberspace”, he said it cannot do so “without the commitment from our five groups of partners – our international partners, the cybersecurity sector, the ICT industry, enterprises and all users.”