Govt beefs up Computer Misuse Act to thwart potentially crippling cyber attacks

Parliament on Monday passed a new law to empower the Government to pre-emptively thwart potentially crippling cyber attacks.

With the change, the Minister of Home Affairs can order a person or organisation to act against any cyber attack even before it has begun, with non-compliance with the direction made an offense that may result in a jail term of up to 10 years and a fine of $50,000, or both.

For instance, the minister may order telcos or banks to disclose how their computer networks are designed, or disclose reports of any attempted breach, on news that a new computer virus is used against another country's critical infrastructure. Previously, the minister could do so only when there was an imminent attack against Singapore.

The changes are part of the Government's efforts to make Singapore's critical information infrastructure "more robust and resilient" in light of the spread and sophistication of cyber attacks, said Minister in the Prime Minister's Office and Second Minister for Trade and Industry S. Iswaran.

The Act - which will be renamed the Computer Misuse and Cybersecurity Act - is in line with similar moves by other countries such as United States, Israel, Estonia, South Korea and Australia, he added.

Under the amended Act, essential services will also include land transport, aviation, shipping and health care.