A cyber-security centre has opened in Thailand with the objective of training personnel from countries in the Association of Southeast Asian Nations (ASEAN) in a bid to combat the threats of cyber attacks in the region. As Singaporeans will no doubt be aware, Singapore was the victim of a huge data breach earlier this year with the personal details of over 1.5 million people (including the details of the Prime Minister of Singapore, Lee Hsien Loong) stolen. In addition, it has been reported that Malaysia had its own share of data security woes where its central bank was the target of a cyber attack attempt. Unlike Singapore however, they were able to foil the plans of the would be hackers.
These incidents clearly indicate that South East Asia is not immune to the world of cyber crime and it is heartening that some action is being taken in the region as a block to tackle this problem. It would however appear that Singapore bears the dubious honour of being the ASEAN country with the largest successful cyber attack to date. The irony in this infamy is that Singapore is also marketing itself as a digital hub and a smart nation. If Singapore is indeed committed to its aims of being a smart nation, to what extent will it be involved in this new cyber-security centre? How many of our personnel will be sent to undergo this training?
A quick search on trusty Google seems to suggest that Singapore has waxed lyrical on cyber security as earlier as 2016. Dr. Yaacob Ibrahim, the Singaporean Minister for Communications and Information and Minister-in-Charge of Cybersecurity had emphasised the importance of ASEAN cyber capacity-building, securing a safer common cyberspace, and facilitating exchanges on cyber norms at the inaugural ASEAN Ministerial Conference on Cybersecurity which took place on 11 October 2016.
At that conference, Singapore made clear that it was trying to take the lead. It was keen to profile itself as the cybersecurity hub in Southeast Asia. Given all the emphasis seemingly placed on cyber security, one has to wonder how the hack happened? If Singapore has publicly put itself in pole position for digital security, how can it also end up being the ASEAN country with the largest hack to date? Given that Singapore has been fronting this cyber safety for ASEAN since 2016, it cannot in good faith say that the cyber attack earlier this year caught it by surprise?
Have our authorities been overly confident, woefully unprepared or both? To date, no personnel in leadership positions have faced any sanction or reprimand. Why is that? While I understand that the issue has to be thoroughly investigated, I would have expected those in key leadership positions where these issues are concerned to at least be suspended in the interim? I can't see any of the top civil servants or ministers involved taking any responsibility. Surely it cannot be business as usual?