The Straits Times has recently reported that data on 70,000 members of the island’s Securities Investors Association (SIA) were stolen five years ago with the association and its victims only informed about this breach last week. If the SingHealth data hack had not occurred, would this SIA breach ever see the light of day? If the details of the Prime Minister of Singapore were not affected, would it ever have been noticed and revealed?

When asked about the SIA incident, Deputy director of the Singapore Computer Emergency Response Team (Singcert), Ms Goh Yan Kim, stated that this incident was completely unrelated to the SingHealth incident as SIA is not a public sector agency or Critical Information Infrastructure. But that’s not really answering the question is it? It could still be the same people hacking into the systems? It could also be that the government would have taken more steps to protect its data if this incident had been made public back in 2013. It is also shockingly appalling that the victims of the SIA hack were only informed about their stolen data 5 years later! What has Singcert been doing all this while? Are they overworked, under-resourced or sleeping on the job?

Are there even more hacking incidences waiting to be discovered? Now that hacking is not just confined to the health sector or the public sector, to what extent is the rest of our data in other sectors safe? 

Given that Singapore prides efficiency above all else, have we been too focused on ticking the checklists rather than reviewing the checklists for relevancy? In declaring arbitrary deadlines for new projects, are we crossing all the Ts and dotting all the Is?

Given that Singapore has publicly declared its desire to be a smart city and pumped large sums of money into developing these industries, I wonder if we have given ourselves enough time to consider the risks and vulnerabilities. Did we grow too big too fast? Do we have enough skilled IT security employees? Are Singcert’s current employees up to scratch? How can 70000 individuals have their data illegally accessed without drawing the attention of anyone for 5 years? That is as preposterous as it is scary.

The government has been criticised as complacent but perhaps this complacency permeates all areas of Singapore. We blindly trust the system trusting it to be fail safe even though the world has changed. If anything, this hacking saga is a wake up call to the entire foundation of how we do things. Focus less on getting things done fast and more on doing things thoroughly and right.

Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments
You May Also Like

Is the Govt coming up with a more convoluted way of dealing with minimum wage because it does not want to give WP any credence or recognition? 

The Worker’s Party (WP) has long championed the need for Singapore to…

WhatsApp is the most popular video messaging client in Asia Pacific during the pandemic, reveals Picodi study

During the pandemic, video messaging clients meet the users’ needs and make…

38% would let go of social media to guarantee lifetime data privacy, reveals Kaspersky

According to cybersecurity company Kaspersky’s latest report, it has been found that…

Lawrence Wong has promised review on COVID-19 – Will this before or after GE?

Minister for National Development, Lawrence Wong has said that the government will…