Growing cyber threat makes de-linking govt IT systems 'necessary'

Rise in number of targeted cyber attacks on government networks, says Yaacob

Rising threats against government computer networks have made it necessary to hive off Web surfing from public servants' work computers, Minister for Communications and Information Yaacob Ibrahim said yesterday.

Dr Yaacob also told Parliament that there have been more targeted cyber attacks on government networks since a security breach of the Foreign Affairs Ministry's IT system, about which he had informed Parliament last year.

"While these attacks were successfully contained, we can expect more to follow," he said.

"The attackers are more sophisticated. New tools are being developed from the dark side. And it's also very difficult for us to keep ahead," said Dr Yaacob, who is minister-in-charge of cyber security.

Mr Alex Yam (Marsiling-Yew Tee GRC) and Mr Zaqy Mohamad (Chua Chu Kang GRC) asked whether "more elegant solutions" were considered, adding that they worry the productivity and effectiveness of public servants would be affected.

Dr Yaacob said other solutions were considered but did not elaborate.

CONSTANT MENACE

While these attacks were successfully contained, we can expect more to follow. The attackers are more sophisticated. New tools are being developed from the dark side. And it's also very difficult for us to keep ahead.

DR YAACOB IBRAHIM, Minister for Communications and Information, who is also minister-in-charge of cyber security, on cyber attacks on government networks.

He also said the Trade and Industry Ministry and Foreign Affairs Ministry had done the de-linking a few years ago while the Defence Ministry had implemented even more stringent requirements.

"These organisations have not become less effective as a result," he added.

An attacker can still enter the network via another agency which continues to allow Internet surfing when connected to the government network, he said.

However, the nature of some work means such de-linking might not be possible, he noted.

"We will leave this to the agencies to work together with IDA (Infocomm Development Authority) to determine exactly how they are going to proceed," he added.

The Ministry of Communications and Information said in a statement last night that IDA is working closely with agencies to put in place solutions to enable such de-linking to be implemented by May next year.

The new measure is aimed at plugging potential leaks from work e-mail and shared documents amid heightened security threats, and will affect about 100,000 public servants.

Those who need to use the Internet for work can do so at terminals specifically provided for it. Public servants can also use their personal mobile devices to access the Internet and forward non-classified e-mail from their work computers to their personal accounts.

Teachers, however, are not affected by the impending change as they are plugged into a separate internal network.

Until the new rule takes effect, workshops that include senior management and the IT unit will be held in each ministry to "find the best way forward", said Dr Yaacob.

But, he added, the Government will continue to explore options and "see whether we will review our strategies down the road".

Meanwhile, Dr Yaacob said the new measure is necessary and the right thing to do.

"The Government has a duty to do all it can to protect the data it possesses, especially since such data often contains personal information of citizens," he said, noting that existing anti-virus technology could stop only 20 to 30 per cent of malware.

A version of this article appeared in the print edition of The Straits Times on July 12, 2016, with the headline 'Growing cyber threat makes de-linking govt IT systems 'necessary''. Print Edition | Subscribe