Cyber threats to critical infrastructure systems still low in S'pore but maritime sector a target

With cyber threats to operational technology, the CSA announced that it had established the Operational Technology Cybersecurity Expert Panel. ST PHOTO: GAVIN FOO

SINGAPORE - The threat of a cyber attack on Singapore's critical infrastructure services remains low but the maritime sector has been in the cross hairs of hackers, members of an international panel appointed by the Cyber Security Agency of Singapore (CSA) said.

In an interview with The Straits Times last week, Mr Kazuo Yamaoka said hackers have in recent years used increasingly sophisticated tools to target operational technology systems which run critical infrastructure services, such as those in the energy, water and transport sectors.

The systems control everything from the electricity grid, traffic light controls, train-signalling systems and even sensors detecting the chemical content in drinking water.

There were cyber attacks on power companies in Ukraine in 2015 and 2016 that caused power outages, noted Mr Yamaoka, the senior solution architect at NTT Security Japan, Japanese telco NTT's information security arm.

In 2017, hackers attacked a petrochemical plant in Saudi Arabia, intending to cause an explosion that could kill people, and not just shut it down.

That attack failed because of a glitch.

More recently in February, a hacker tried and failed to poison the water supply in Florida in the US after accessing a water plant's controls.

"Considering the situation in other countries, we believe that operational technology cyber security threats in Singapore are relatively low at present," said Mr Yamaoka, who has expertise in utilities and operational technology and industrial automation systems in factories and plants.

"At present, the damage created by (such) cyber attacks... has not surfaced in Singapore. However it's important that businesses do not become complacent and should ensure they have an effective incident response or business continuity plan in place," he added.

With cyber threats to operational technology, especially industrial control systems, increasing in frequency and sophistication, the CSA announced on Monday (May 3) that it had established the Operational Technology Cybersecurity Expert Panel.

The panel will "strengthen local cyber security capabilities and competencies in the operational technology sector", added the agency.

Singapore's operational technology cyber security practitioners, operators, researchers and policymakers from the Government, critical information infrastructure (CII) sectors, academia and other operational technology industries will have direct access to the experts.

The 11 panel members come from both public and private sectors, locally and internationally. American Robert Lee is a member of the panel.

The chief executive of US industrial cyber security company Dragos said his firm had tracked a state-linked hacking group which has been targeting the Singapore and Japan maritime sector and port authorities.

"They're not to the point of causing physical impact and... trying to hurt people. But it's early reconnaissance and you can tell that they are trying to go after industrial systems," said Mr Lee, who serves on the US Department of Energy's Electricity Advisory Committee.

"But until we get more insight into those operational technology systems and networks, we won't know the full picture."

Better protection needed

Mr David Koh, the commissioner of Cyber security and CSA's chief executive, said while operational technology systems were traditionally separated from the Internet, increasing digitalisation has led to more IT and operational technology integration.

"Hence, it is crucial for operational technology systems to be better protected from cyber threats to prevent outages of critical services that could result in serious real-world consequences," said Mr Koh.

"To this end, we are glad to have notable operational technology experts join us in sharing their expertise to develop and strengthen localised capabilities in operational technology cyber security."

CSA said the experts will discuss issues ranging from governance policies and processes, evolving operational technology technologies, emerging trends, capability development, supply chain, threat intelligence information sharing and incident response.

They will also recommend best practices to address cyber security challenges and gaps in the sector.

During closed door one-to-one workshops, the experts will share with incident response teams from stakeholders their insights based on their own experience handling global cyber security incidents.

The panel complements CSA's operational technology cyber security masterplan announced in 2019 to protect Singapore from cyber attacks on critical sectors like transport and water supply.

The plan aims to grow the talent pool of cyber security professionals and facilitate the exchange of information between the public and private sectors.

Insights and recommendations from the panel will help shape initiatives under the plan, such as a code of practice and training programmes, said CSA.

The 11 panel members are:

- Mr Christophe Blassiau from France, an executive member of the WEF Cyber Resilience in Electricity and Oil and Gas Communities, and senior vice-president for cyber security and global chief information security officer at Schneider Electric;

- Mr Dale Peterson from the US, founder and programme chairman of S4 Events, and founder and chief executive officer of Digital Bond;

- Mr Eric Byres from the US, chief executive officer of aDolus Technology, and senior partner at ICS Secure;

- Mr Joel Thomas Langill from the US, a managing member of the Industrial Control System Cyber Security Institute, and founder of Scadahacker;

- Mr Kazuo Yamaoka from Japan, senior solution architect at NTT Security Japan;

- Ms Maggy Powell from the US, principal industry specialist at Amazon Web Services;

- Mr Marco Ayala from the US, a director and industrial control system cyber security and sector lead at 1898 & Co;

- Dr Ong Chen Hui from Singapore, the cluster director for the BizTech Group at the Infocomm Media Development Authority;

- Mr Robert Hannigan from Britain, the chairman of BlueVoyant;

- Mr Robert Lee from the US, chief executive officer and co-founder of Dragos; and

- Mr Zachary Tudor from the US, associate laboratory director at the Idaho National Laboratory's National and Homeland Security Science and Technology Directorate.

Correction note: The article was edited to reflect the correct name of Mr Marco Ayala.

Join ST's Telegram channel and get the latest breaking news delivered to you.