Singapore Cyber Chief speaks out on hacking threat

By Amit Roy Choudhury

David Koh, Chief Executive of the Cyber Security Agency says that Singapore will remain an attractive target, all must remain vigilant.

Data has become the new currency of global trade. Any criminal gang which steals valuable data can potentially make a lot of money by monetising it in the Dark Web - a hard to access marketplace where stolen data is bought and sold across the world.

The combination of top criminal minds, deep pockets and occasional involvement of government actors has resulted in cyber attacks taking a nasty and serious dimension over the past few years.

It is no surprise, therefore, that David Koh, the CEO of the Cyber Security Agency of Singapore (CSA) tells GovInsider that: “The top cybersecurity threats that Singapore needs to guard against are Advanced Persistent Threats (APTs), website defacement, phishing and malware activities”.

Koh gave this interview in the run up to Singapore International Cyber Week (SICW) in Singapore on 1-3 October.
 

Fighting back


Each of these attack vectors are highly sophisticated and require specialised defences to counter. The CSA chief notes that there is no magic bullet in cybersecurity and defence against threat actors is an ongoing process. “There are skilled, well-resourced hackers out there who are out to steal state secrets, or compromise systems for huge returns. They are able to adapt their modus operandi to the changing landscape and technologies quickly,” he adds.
 

Double-edged swords


According to Koh, new technologies such as Artificial Intelligence (AI) have become a double edged sword. “While organisations are making use of AI to enhance their cyber defence capabilities such as in anomaly detection and response, cyber criminals are similarly hard at work using AI to scan through networks in search of the weakest link to breach.” It is a virtual arms race.

The CSA chief readily acknowledges the common adage in the cybersecurity world and that is “as defenders, we are playing catch-up.''

He adds: “There is a Chinese saying – that it is easier to dodge the spear in the open, than to avoid a stab in the dark. However, thankfully, the vast majority of attacks are at the basic level, such as phishing, use of weak passwords and SQL (structured query language) injection.”

An SQL injection, more commonly known as SQLI in the cybersecurity community, is a common and relatively less sophisticated attack vector that uses malicious SQL code for backend database manipulation that allows the attacker to access classified information such as sensitive company data, user lists or private customer details.

It is useful to note that while a multitude of less sophisticated attacks, like SQL injections, are at best an irritant, one major APT attack can cause massive damage.

Koh notes that for good cyber defence organisations need to build up not just their hardware and software, but also put in measures such as employee awareness training to minimise any compromise from human error. “Users have to be vigilant and take measures to protect their devices,” he adds.
 

The APT menace




Explaining why APTs are considered the most dangerous type of cyber-attack, Koh notes that these attackers, who are often associated with nation-states, have access to a wealth of resources and deep expertise that help them achieve their objectives, which include causing disruption, cyber theft for financial gain and conducting cyber espionage.

Collaboration is vital to be able to deal with these threats. SICW is the regional and global effort to cement this approach. “We are excited to be a platform to bring the cybersecurity community together to exchange insights and discuss ways to tackle challenges in the ever-evolving cyberspace, as well as grow the industry through collaboration and innovation,” Koh said in the show briefing pack last week.

The event is themed around “Partnerships for Trust and Confidence”, and SICW 2019 aims to drive international and regional cooperation for a trusted and secure cyberspace. As the region’s most established cybersecurity event, it is a platform to enable international and regional cooperation, cyber ecosystem development and ever-evolving innovation in cybersecurity.

The CSA chief concludes noting that Singapore will continue to be an attractive target for hackers, but calls for people to come together. “The government will continue to take the lead in protecting our cyberspace but we will not be able to do it alone.”

“Everyone has a key role to play. If we – the government, businesses and our community can take steps to protect our systems and data, we will be able to build a safe and trusted cyberspace together”.

Amit Roy Choudhury, a media consultant, and senior journalist, writes about technology for GovInsider.