SingCERTS might serve its purposes better by focusing on Singapore

According to reports, the Singapore Computer Emergency Response Team (SingCERT) has issued an advisory in relation to a hacking incident at Facebook. On its web page, SingCERT professes that it was set up to facilitate the detection, resolution and prevention of cyber security related incidents on the Internet. On the face of things therefore, SingCERT is just doing its duty by issuing an advisory on Facebook. However, where was SingCERT when SingHealth was so dramatically and spectacularly hacked? Why issue an advisory on Facebook when it was unable to detect something that actually happened on home turf?

Secondly, where was SingCERT when the personal details of about 70,000 Securities Investors Association (Singapore) (Sias) members were hacked in 2013? In this incident, the Sias members were only notified about the breach 5 years after the hack! Where was SingCERT all this time? Is SingCERT still relevant after the occurrence of these cyber security breaches? Is it robust enough as a line of cyber defense for Singapore?

Judging from the fact that it took 5 years to even realise that Sias was hacked and that it seemed totally oblivious to the SingHealth hack, what is SingCERTS relevance in preventing cyber security threats? Is there an overlap between SingCERTs and the Cyber Security Agency of Singapore (CSA)?Do we have too many agencies and departments set up doing the same thing thereby causing inefficiency, work duplication and a lack of ownership? In other words, each agency thinking that the other agency is doing something leading to no one doing anything.

Singapore wants to be a digital hub and a smart nation. However, being smart involves a lot more than setting up multiple agencies with fancy names doing God knows what. It is well and good for SingCERTS to issue an advisory on Facebook but to what extent does it help Singaporeans? Facebook has already in itself issued multiple statements. In that vein, SingCERT’s advisory on Facebook is completely superfluous. Why talk about Facebook when it couldn’t talk about what happened in its own backyard aka the SingHealth and Sias hacks!

What measures are agencies such as CSA and SingCERTS taking to prevent future hacks into Singapore? I note that the Committee of Inquiry (COI) is now underway to investigate the SingHealth hacking incident. Will it also cover the roles that should have been played by CSA and SingCERTS?

We don’t need agencies that report on events that others are already taking responsibility for. Facebook is already managing the situation and interfacing with its users directly. SingCERTS might serve its purposes better by focusing on Singapore.