Efforts to tighten security of government websites

Tender put out for contractors to deter attacks, keep sites accessible

Work is under way to tighten Singapore's defence against attacks that aim to disable government websites, following heightened threats in the past few months.

Officials have put out a bulk tender on behalf of government ministries, departments, statutory boards, organs of state and universities for security contractors.

It comes on the back of last November's attempts to bring down government websites, and the defacement of the Prime Minister's Office (PMO) and Istana webpages. In tender documents seen by The Straits Times, potential contractors are expected to keep government websites fully accessible and available to the public even when attacks are taking place.

This will be done by providing Distributed Denial of Service (DDoS) mitigation services.

DDoS attacks work by having thousands of infected computers accessing and overwhelming a targeted site, causing a huge spike in traffic.

DDoS mitigation is a set of techniques that differentiates genuine incoming traffic from that sent by hijacked, infected browsers, so that services to genuine users will not be denied.

Communications consultant Priscilla Wong, 36, said that some sites, like the Government's online purchasing portal GeBIZ, must be available at all times. "This is so businesses can submit their bids on time," she said.

Although the main aim is to disable online services, DDoS attacks may become more sinister when combined with malware infiltration into systems to steal personal information.

This is why housewife Sakura Siow, 40, is glad that more is being done to block DDoS intrusions. "More than keeping the websites up and running, the data of citizens must not be compromised," she said. "Otherwise, people will lose their trust."

Events project consultant Roy Nahar, 34, agreed. "These sites contain a lot of citizen data. There is no such thing as enough security."

On Nov 5 last year, many government websites - including those that process important transactions - encountered unusual spikes in traffic as hackers sought to bring them down through DDoS attacks. But the attempts here did not result in any identity thefts.

Meanwhile, the PMO and Istana webpage attacks were caused by hackers exploiting a vulnerability known as "cross-site scripting", created when the Google search bar was not properly installed.

This vulnerability and others are addressed in the tender, which has instructed contractors to provide Web application firewalls to block hackers from exploiting such vulnerabilities.

Security contractors are expected to work with the Government's Cyber-Watch Centre - set up in 2007 to monitor critical public-sector IT installations round the clock - to counter any threat. The centre is managed by locally based security services provider e-Cop. The tender will close next Monday.

itham@sph.com.sg