JTC beefs up defences of IT systems

JTC Corporation was awarded a $2 million deal to telco StarHub to set up and operate a system to protect JTC's computers and networks from advanced persistent threats (APTs).
JTC Corporation was awarded a $2 million deal to telco StarHub to set up and operate a system to protect JTC's computers and networks from advanced persistent threats (APTs).PHOTO: REUTERS

It awards $2m contract to StarHub to protect against hacking

National industrial estate developer JTC Corporation is shoring up its defences against state-sponsored cyber attacks.

The Straits Times learnt that it has awarded a $2 million deal to telco StarHub to set up and operate a system to protect JTC's computers and networks from advanced persistent threats (APTs).

APTs are stealthy and continuous computer hacking processes to gain intelligence or steal information. As these attacks require considerable resources, they are typically sponsored by foreign governments.

In tender documents seen by The Straits Times, JTC requires its contractor to support and protect at least 1,600 computers, laptops and devices such as thumb drives, and more than 950 servers round the clock.

Besides being the agency which oversees public industrial land and properties, JTC is also the lead government agency responsible for the development of industrial infrastructure.

This includes business and specialised parks such as Changi Business Park, one-north and Seletar Aerospace Park.

When contacted, a JTC spokesman said: "The tender is part of JTC's commitment to continuously enhance our security infrastructure and incident response readiness."

She added that there were no previous attacks involving JTC.

The tender comes after the April discovery of two high-profile APT attacks on the National University of Singapore and the Nanyang Technological University, aimed at stealing government and research data.

 

LUCRATIVE TARGET

As a regional business hub with one of the highest broadband penetration and speeds in the world, Singapore is a lucrative target for political and economic espionage.

MR LEE SHIH YEN, StarHub's vice-president of cyber security.

An unnamed government agency also suffered an APT malware infection late last year, Cyber Security Agency of Singapore (CSA) said in its inaugural annual report last month.

CSA also said that the computer systems in several of the 11 critical sectors here - including energy, banking, government, healthcare and transport - were hit by ransomware last year.

In its tender specifications, JTC also spelt out the need for its contractor to demonstrate the ability to detect and block a list of common malware that attack vulnerable Windows systems, including the latest DNSMessenger malware.

First discovered in February this year, DNSMessenger infects Microsoft Word files but does not leave any traces. The malware escapes detection by using Domain Name System, an Internet addressing feature, to snoop on infected computers.

StarHub edged out nine other contenders, including Singtel-owned NCS and Certis Cisco's subsidiary Quann, to win the tender last week.

Mr Lee Shih Yen, StarHub's vice-president of cyber security, said: "As a regional business hub with one of the highest broadband penetration and speeds in the world, Singapore is a lucrative target for political and economic espionage."

A version of this article appeared in the print edition of The Straits Times on October 05, 2017, with the headline 'JTC beefs up defences of IT systems'. Print Edition | Subscribe