New govt cyber-security tool being developed to protect Singaporeans' phones from hackers

More people and businesses have gone digital, especially amid the Covid-19 pandemic, which also exposes them to more cyber threats. ST PHOTO: KELVIN CHNG

SINGAPORE - A new mobile tool for Singaporeans to secure their smartphones from cyber-security threats is being developed by the Government and industry partners.

This comes amid growing cases of cyber criminals targeting mobile devices as people are becoming more reliant on these gadgets, said the Cyber Security Agency of Singapore (CSA).

The tool is one of the initiatives outlined in Singapore's new cyber-security strategy that was announced on Tuesday (Oct 5) by Senior Minister and Coordinating Minister for National Security Teo Chee Hean.

He was speaking at the opening ceremony of the Singapore International Cyber Week at the Marina Bay Sands integrated resort.

The new strategy updates and builds on the first one launched in 2016 by Prime Minister Lee Hsien Loong, as the cyber landscape has changed significantly over the last five years.

For instance, more people and businesses have gone digital, especially amid the Covid-19 pandemic, which also exposes them to more cyber threats, said SM Teo.

"This strategy articulates Singapore's approach to safeguarding our wider cyberspace in an increasingly complex environment," he added.

Details of the new cyber-security mobile tool will be available only later, but CSA said that the product will uphold people's personal privacy.

The security tool is an example highlighted by the agency in the nation's latest cyber-security strategy on how the Government is enabling businesses to protect themselves against cyber threats.

"The Government will support enterprises by making cyber-security resources available - from free self-help tools to cost-effective solutions provided in partnership with the cyber-security industry," said CSA.

These efforts come under a prong of the cyber-security strategy to enable a safe cyberspace.

Under this, CSA seeks to offer cyber security to the masses. It said: "The Government will protect our national Internet infrastructure such that enterprises and individuals in Singapore are protected from most online threats ever reaching them."

CSA said the Government will also aim to make the use of cyber-security solutions easy and convenient too. To achieve this, it will work with the industry to develop innovative "plug and play" cyber-security solutions for users.

The latest cyber-security strategy comes after cyber threats here have risen, with some serious incidents in the past few years.

For instance, the number of "zombie" devices linked to the Internet and infected with malware that allows hackers to control them and launch cyber attacks tripled in number here last year amid the Covid-19 pandemic.

There were 6,600 such devices observed on a daily basis in 2020, up from 2,300 in 2019.

In 2018, Singapore had its worst data breach case when 1.5 million SingHealth patients' data, including PM Lee's, was stolen.

In the light of these developments, building infrastructure that is resilient against cyber threats is another thrust of the new strategy.

For this, the Government will review regulations to see if they can be used to safeguard entities and systems beyond critical information infrastructure (CII) that may not deliver essential services but provide important services that support the country's digital economy and way of life.

This is because of the "increasingly widespread and interconnected use of digital technology in all domains", said SM Teo.

This is a shift from the 2016 strategy, which placed an emphasis on strengthening the cyber defences of CII, including telecommunication networks and public transport systems.

Beyond regulations, CSA said, the new strategy will also seek to "nudge enterprises and organisations to invest in cyber security to thrive in a digital world".

Details of what non-CII sectors could be covered are not available for now.

But some initiatives that support these aims, as well as help create a safer cyber environment, were announced earlier in March during the debate on the Ministry of Communications and Information's budget.

For example, the Government will launch an SG Cyber Safe Programme to help Singapore enterprises improve their cyber-security awareness and know-how.

Under the programme, cyber-security toolkits will be made available to enterprises, including the businesses' leaders, technical teams and employees.

For leaders, the resources are aimed at giving them a deeper understanding of cyber-security issues and threats.

It is envisioned that this will help them put in place cyber-security measures such as training employees in this area.

Tools are also expected to be released through the programme to allow enterprises to make a self-assessment of their cyber-security abilities.

Dr Shashi Jayakumar, head of the Centre of Excellence for National Security at the S. Rajaratnam School of International Studies, said that Singapore's new cyber-security strategy is more sophisticated than the 2016 one.

"The 2021 strategy shows a serious maturing of vision when it comes to cyber," said Dr Jayakumar. "What we have now takes a much more proactive stance in addressing threats and broadens the scope of protection."

"Zombie" devices linked to the Internet and infected with malware that allows hackers to control them and launch cyber attacks tripled in number here last year. PHOTO: ST FILE

He added that the new strategy also highlights that tackling cyber security is not the job of just one agency but different arms of the Government, the private sector and the public working together.

This idea of cooperation also extends internationally, such as Singapore getting more involved in its work with regional and global counterparts in setting the cyber-security rules and norms that countries may mutually observe in time to come.

Said SM Teo: "Singapore supports the creation of such a multilateral order in cyberspace. Countries need to work together to develop new governance principles, frameworks and standards for the digital commons to preserve trust and confidence."

Dr Jayakumar also suggested that the Government might, in time to come, have to address in future plans the issue of integrating cyber security with other security issues in the digital realm.

He pointed out that while cyber security and resilience to disinformation campaigns might seem to be different issues and might have different agencies overseeing them, malicious actors trying to undermine Singapore would not observe these distinctions.

"The best hostile actors will combine disinformation techniques with cyber attacks to weaken the compact of trust between a particular leadership and the people," he said.

Join ST's Telegram channel and get the latest breaking news delivered to you.