Singapore Forms New Inter-Agency Task Force to Tackle Rising Ransomware Threats
SINGAPORE – A new inter-agency task force has been formed to help businesses, research and education institutions in Singapore, who may be providers of critical information infrastructure operators, fight the scourge growing ransomware.
Announcing it on Wednesday during the 7th annual International Cybersecurity Week in Singapore, Chief Minister Teo Chee Hean said ransomware is a common threat to all and organizations with poor cybersecurity practices are particularly vulnerable.
“Ransomware criminals can be opportunistic and very sophisticated,” said Teo, who is also the coordinating minister for national security.
Ransomware has brought many large organizations to their knees, some of which run critical infrastructure. After infiltrating the corporate network, the malware allows hackers to exfiltrate confidential data and lock down target systems. Ransomware hackers usually demand a ransom in exchange for a decryption key to unlock compromised systems or to not expose stolen data.
“They take advantage of poor cybersecurity practices to gain access to their victims’ systems and data, gamble that victim organizations are more willing to pay the ransom and hide the attack than report the crime, and profit from gaps between jurisdictions to evade law enforcement,” he said in his keynote address to the event.
The new Counter Ransomware Task Force (CRTF) aims to close this gap, especially as the number of ransomware attacks increased by 54% in Singapore between 2020 and 2021, the Cyber Security Agency (CSA) said. .
Established earlier in 2022, the task force includes senior officers from CSA, GovTech, Infocomm Media Development Authority, Department of Communications and Information, Department of Defence, Department of Home Affairs , the Monetary Authority of Singapore, the Singapore Armed Forces and the Singapore Police.
The task force expands CSA’s scope of Critical Information Infrastructure (CII) protection to support essential services, including transportation, healthcare, and energy.
Protecting all business, research, and educational institutions is important because of the interconnected digital links between vendor and partner systems. Some of these companies may have links with operators of essential services.
“If a critical system is destroyed by an attack, it could have serious effects on countries and the international system, organizations and businesses; financial losses; and threats to lives and livelihoods,” Mr. Teo said.
A data breach in January 2021 involved the personal information of 129,000 Singtel customers following a ransomware attack. Hackers exploited vulnerabilities in file-sharing software from US technology company Accellion, which is used by Singtel and many global companies. The cybercriminals then released a ransom note addressed to Accellion demanding $250,000 in bitcoins. The incident highlighted supply chain risks.
Other high-profile global incidents include an attack on the computer systems of US fuel carrier Colonial Pipeline in May last year which affected its oil and gas supply to around 50 million customers, leading to shortages fuel and price increases.
One of the world’s largest meat producers, JBS, has temporarily suspended operations at its processing plants in North America and Australia, after a ransomware attack in June last year shut down its network computer science. The move threatened to disrupt global food supply chains and further inflate food prices. He then paid 11 million US dollars ($15.3 million) to criminals to restore his data.
The Singapore CRTF will seek to work more closely with overseas counterparts to detect new threats, stop the flow of fraudulent funds, and catch the criminals behind ransomware attacks. The task force will also develop and recommend policies, operational plans and measures to improve Singapore’s ability to counter ransomware, CSA said. Details are not available at this time.
Mr. Teo noted that cyber defense in the digital domain also includes four other domains here: telecommunications equipment and cables; software such as the national digital identity Singpass and the instant payment service PayNow; CII to support essential services; and personal devices.
Zooming in on CII, Teo said CSA works closely with CII operators here to anticipate, prevent, detect and recover from cyber threats. To enhance the effort, CSA is building a National Next-Generation Cybersecurity Center. Mr. Teo did not give details of the new center.