Security risks prompted Government to cut Internet access: Analysts

All 100,000 computers in use by the public service will be cut off from the Internet from May next year.
All 100,000 computers in use by the public service will be cut off from the Internet from May next year. PHOTO: BLOOMBERG

Some said it was a bold response to the threat of online intrusions. Others said it should have been more finely calibrated. Many of those affected directly said it will make life difficult for them.

News that all public servants in Singapore will be cut off from the Internet from May next year evoked a range of reactions on the trade-off between security and efficiency.

"Digital surveillance has prompted a rethink on how governments conduct communications," said Assistant Professor Michael Raska from the Institute of Defence and Strategic Studies at the S. Rajaratnam School of International Studies in Singapore.

Experts pointed to a number of recent incidents that underlined the dangers of government computers being infiltrated.

 

Hundreds of flights had to be grounded in Sweden last year, following a cyber attack on its air traffic control system. Hackers knocked a Ukraine power station offline, plunging vast areas into darkness. The Russian government itself looked at going back to typewriters after its computers were infected with spy programs.

Singapore is vulnerable, too. Security software firm Symantec's Internet Security Threats report last year pointed out that Singapore was the third most popular destination for spear-phishing, in which crooks send messages that appear to come from a trusted source to dupe victims into downloading an infected attachment or click on a fake link.

Associate Professor Basskaran Nair from the Lee Kuan Yew School of Public Policy, National University of Singapore, said: "After almost three decades of use, it is time to pause and rethink whether everyone needs to surf on their work computers."

He noted that the Internet poses security risks that were not a critical factor a decade ago. But he asked for a more nuanced approach in which exceptions could be made for officers whose work required the use of the Internet.

As things stand, all 100,000 computers in use by the public service will be cut off from the Internet from May next year.

Web surfing is allowed but only on employees' personal mobile devices. Non-sensitive e-mail can also be forwarded to personal accounts.

Mr David Koh, chief executive of the Cyber Security Agency of Singapore, said the Government has the responsibility to protect citizens' data.

"Internet-surfing separation will prevent attackers from using the Internet to plant malware... and exfiltrate information from government computers," said Mr Koh.

"This should not be seen as a move backwards as government employees will still have Internet connectivity," he added.

Still, there were some who felt that cutting off the Internet from the work computers of public servants was too extreme.

Chief technology officer Bryce Boland of security specialist FireEye Asia-Pacific said this is a practice seen only in the highest security areas, such as utilities and defence networks.

Security software firm Fortinet Asia-Pacific's vice-president, Mr George Chang, said today's identity and access control technologies, for instance, are able to limit the information one can receive based on job scope.

Some public servants also hoped that the Government will reconsider the move.

A policy analyst at a statutory board said that it will be "a hassle" to use a separate computer or his phone to read up on academic papers and news reports for his work.

At another statutory board, an operations officer said that using a separate Internet terminal will worsen his already "stretched work schedule".

• Additional reporting by Lester Hio

A version of this article appeared in the print edition of The Straits Times on June 09, 2016, with the headline 'Security risks prompted Govt to cut Net access: Analysts'. Print Edition | Subscribe