Exercise Cyber Star tests emergency response

Public agencies' National Cyber Incident Response Teams taking part in a cyber-attack simulation during Exercise Cyber Star at the Cyber Security Agency of Singapore's headquarters yesterday.
Public agencies' National Cyber Incident Response Teams taking part in a cyber-attack simulation during Exercise Cyber Star at the Cyber Security Agency of Singapore's headquarters yesterday.ST PHOTO: NG SOR LUAN

For the first time, more than 200 participants from all designated Critical Information Infrastructure (CII) sectors in Singapore have taken part in a cyber-security exercise.

Yesterday's Exercise Cyber Star, led by the Cyber Security Agency of Singapore (CSA), is a whole-of-government effort that tests Singapore's cyber-incident management and emergency response plans.

Deputy Prime Minister and Coordinating Minister for National Security Teo Chee Hean, who observed the exercise yesterday morning, said such a drill is a good opportunity for Singapore to level up its cyber-security capabilities and ensure the country is as ready as possible for potential attacks.

"In this field, things evolve very, very quickly. You may be ready today, but may suddenly come up against a zero-day attack which you are not even aware of. We must have a response capability if an attack does happen," he said.

All 11 designated CII sectors were involved - aviation, healthcare, land transport, maritime, media, security and emergency, and water, on top of the banking and finance, government, energy and infocomm sectors that took part in the inaugural exercise last year.

Both public agencies and private companies were involved in scenario sessions, workshops and discussions on how to react to a cyber attack on critical infrastructure.

The exercise also tested the technical capabilities of the National Cyber Incident Response Teams through simulated incidents. The scenarios covered different types of cyber attacks targeting essential services, including Web defacement, widespread data exfiltration malware infections, ransomware hits and distributed denial of service attacks.

Participants had to develop and test their incident management plans in response to the attacks.

CSA chief executive David Koh said: "These exercises are important in bringing all our critical sectors together to strengthen our incident response plans and enable better cross-sector coordination."

Speaking on the new Cyber Security Bill, which is now open for public consultation, Minister for Communications and Information Yaacob Ibrahim, who also observed the exercise, said it outlines the importance of ensuring the cyber-security requirements expected of those responsible for critical infrastructure here. "We have a good Bill to bring the cyber-security preparedness of Singapore ahead. But more importantly, I see the Bill as a way to empower ourselves and the CII sectors to be ready for any cyber attack."

A version of this article appeared in the print edition of The Straits Times on July 19, 2017, with the headline 'Exercise Cyber Star tests emergency response'. Print Edition | Subscribe