[Defending the Lion City] SAF computers tio hacked...joins the THG.

Pic: The Reservist FB Page  Funny but True. 

Recently the SAF revealed that one of its Internet-connected computer systems – the ‘I-Net’ – had been hacked, and from media reports, it was not just a ‘casual’ hack but a determined and well-planned attack.

No doubt this news raises a lot of concerns.

And this incident, along with the numerous attacks that have taken place internationally, just reinforces the validity of the Govt’s extreme strategy of physically separating sensitive networks from the Internet.

Being in the IT industry, I know how much of a pain-in-the-butt it is to be juggling between two separate systems. It is even more so when you have to shuffle data to and fro between a disconnected system and the Internet.

It is such an inefficient and frustrating process which can almost make you want to pull your hair out and just burn down the servers.

BUT, it only takes one incident like the SAF hack to make you realize that such extreme measures are just simply necessary – especially if you are handling sensitive and confidential data like what the SAF has.

Pic: CNA The value of physically-disconnected systems

While the loss of sensitive personal data is serious and regrettable, thankfully the SAF hack seems to be limited only to the I-Net system at present.

If you are a NSman, you would probably be familiar with the (painfully slow) I-Net computers which are primarily used for accessing the Internet and doing really mundane administrative work – which would explain why the only information that has been stolen has been limited to the personal data.

In any case, the SAF is not ignorant of the need for a robust cyber security capability. In as early as 2013, the SAF had already announced that it was setting up a new "cyber army" whose function would be to deal with cyber threats. 

The term “Keyboard Warrior” will now have a whole new meaning as far as the SAF is concerned. Geeks rejoice.

And in addition, in 2015 Singapore established the Cyber Security Agency of Singapore (CSA) to “provide dedicated and centralised oversight of national cyber security functions” and to “work with sector leads to protect Singapore’s critical services.” There was even a launch of a national cyber security strategy in Oct 2016 by PM Lee.

"Singapore aspires to be a smart nation. But to be one, we must also be a safe nation. 

The potential of ICT and digital technologies depends on how much we can trust the Internet and cyberspace: we must get cyber security right, to capture the benefits of a more connected world." 

PM Lee Hsien Loong
At the inaugural Singapore International Cyber Week and the 25th GovernmentWare Conference, Oct 2016

Clearly, while much has been done to strengthen and harden Singapore’s cyber defenses, there is much work that still remains to be done. 

As Singapore transforms and positions itself for the digital age, having strong cyber defense capabilities will become as strategic and necessary as our armed forces.

Read more here:

• Channel NewsAsia - FAQ: How MINDEF's Internet system could have been breached and by whom (1 Mar 2017)

• Channel NewsAsia - MINDEF Internet system breached; datastolen from national servicemen, employees (28 Feb 2017)

• Straits Times - Singapore cyber security strategy launched,half of public agencies separate Web surfing from work computers (10 Oct 2016)

• GovInsider - Inside Singapore’s Cyber Security Agency (7 Sep2016)

• Straits Times - SAF sets up new 'cyber army' to fightdigital threats (30 Jun 2013)

• Pointer 2015 - Cyberspace: What are the Prospects for the SAF? By CPT Lim Guang He (PDF)