Dr Vivian Balakrishnan Image: Ministry of Foreign Affairs Singapore

Publicly naming SingHealth cyber-attackers an unhelpful act, counterproductive to system’s security and Singapore’s foreign policy: Foreign Minister Vivian Balakrishnan

The decision to keep the identities of the perpetrators behind Singapore’s largest cyber-attack last year is rooted in the need to protect the Republic’s foreign policy, in addition to serving as a potentially unhelpful and counterproductive act against the public healthcare system, said Foreign Minister Vivian Balakrishnan.

Dr Balakrishnan made the statement in response to a question posed by researcher Gillian Koh at a dialogue session of the Singapore Perspectives conference, organised by the Institute of Policy Studies (IPS) at the Sands Expo and Convention Centre on Monday (28 Jan).

TODAY Online reported Dr Balakrishnan as saying that carrying out an exposé on the cyber-attackers, who launched the attack for “commercial and state advantage”, will not increase the security of the SingHealth system, and will potentially result in negative outcomes for Singapore’s foreign policy should any particular nation-state be named.

Following the Government’s stance regarding the issue – that it is not in the public’s interest to reveal the identities of the cyber-attackers – Dr Koh asked Dr Balakrishnan as to “where citizens fit in the broader foreign and defence strategy and maintaining sovereignty”, in addition to whether there are exceptional circumstances in which Singaporeans should be informed as to who the nation’s adversaries are, the latter replied that the Government needs to solve other issues that are more urgent.

For example, Dr Balakrishnan said that protecting sensitive data such as the medical records of patients in the public healthcare system “is not only a matter of having safeguards such as encryption, firewalls or Internet separation,” but also improving “surveillance systems, audits, checks and balances”.

The Foreign Minister stressed that this is because individuals remain the “weakest link”, and that “you cannot take humans out of human systems”.

Dr Balakrishnan added that it is also crucial for IT staff in the public healthcare system to keep up with technological developments, as “what works today may not work tomorrow”.

Given the ever-evolving technological landscape in today’s world, making preparations against such cyber-attacks and managing them continue to be a “never-ending challenge”, he added.

Consequently, the Foreign Minister emphasised the “importance of awareness, taking basic precautions and public participation in formulating legislation as it evolves, so that they can be “part of the solution and not just a passive victim of the problem”.

“We know who the perpetrator is and appropriate action has been taken”: Minister for Communications and Information S Iswaran

Dr Balakrishnan’s statements appear to be in line with Minister for Communications and Information S Iswaran’s firmly held stance that it is the Government’s prerogative to withhold the identities of the perpetrators of the cyber-attack.

In response to Pioneer Member of Parliament Cedric Foo Chee Keng’s question as to whether the Government could elaborate on the decision behind keeping the perpetrators’ identity a secret, given that there “seems to be a vacuum as far as the sense of justice is concerned”, Mr Iswaran told Parliament on Tuesday (15 Jan) that “in deriving a sense of confidence, our citizens should be looking at the totality of our response and not focus on one particular aspect of the response”.

Mr Iswaran added that the Government has full knowledge of the perpetrators of the cyber-attack and that it has taken the “appropriate” course of action, following that discovery.

“Firstly, we made the knowledge of the cyber-attack public within days – if I recall correctly, 10 days after it was brought to the attention of CSA. I think it was 10 July that it was brought to the attention of CSA, and on 20 July, Minister Gan and I had a press conference and we announced it and shared it with members of the public.

“Why do we do that? Because we want to demonstrate that we are transparent and we want to ensure that all Singaporeans understand that we have nothing to hide here. We want to get to the bottom of it as much as Singaporeans do.

“Apart from actions against individuals, we have taken actions against the organisations and we have also undertaken a slew of activities and measures in order to further strengthen our cybersecurity system, some informed by the COI, others that our agencies have already been working on.

“That is the totality of our response. And I do not think we should deduce whether we have confidence in the sense of justice to just one specific point, that there is no public attribution of the perpetrator.

“Everything else is out there – unvarnished, stark but very clear on what we need to get done. So, again, if you contrast what we have done with the responses in other domains by different parties, I think we can hold ourselves up to the best practices and standards in terms of how we responded.

“I can understand that Members have a desire, and on behalf of their constituents, to know this, but I think we have to exercise judgement as to what is in our national interests and whether a public attribution serves our best interests,” concluded Mr Iswaran.