Singapore’s 11 critical sectors tested for first time in national cybersecurity exercise
Tests follow new laws to step up defences again increasingly sophisticated cyber attacks
By Tan Weizhen
A national cybersecurity exercise held that puts Singapore’s cyber incident management and emergency response plans to the test was expanded to cover all 11 critical information infrastructure (CII) sectors for the first time.
Those participating for the first time are the water, land transport, healthcare, aviation, media, security and emergency, and maritime sectors. Both public and private entities were involved, such as Land Transport Authority, national water agency PUB, Monetary Authority of Singapore, and Singapore Airlines, among others.
Held at the Cyber Security Agency (CSA), the annual exercise, now into its second year, covered scenarios of different types of cyber attacks targeting essential services, such as ransomware attacks, distributed denial of service (DDoS) attacks, and malware infections.
Observed by Deputy Prime Minister Teo Chee Hean, more than 200 participants from the 11 CII sectors took part in the exercise.
To beef up the country’s defences against increasingly sophisticated cyber attacks, new laws were proposed last week that, among other things, require CII owners of 11 key sectors to report any cyber security incidents, and to share information with the authorities when ordered.
As part of the exercise, participants developed and tested their incident management plans to these scenarios.
In one of the simulations, national cyber incident response teams from Ministry of Home Affairs, Ministry of Defence, CSA, Government Technology Agency of Singpaore, defended their systems against mock cyber attacks, including via ransomware, similar to the recent WannaCry attack.
Mr David Koh, chief executive of CSA, said: “These exercises are important in bringing all our critical sectors together to strengthen our incident response plans and enable better cross sector coordination.
“With greater interconnectivity, and proliferation of cyber threats, the ability of our critical sectors to respond promptly to attacks is vital.”