Cyber Security Singapore
A cyber week in Singapore
T By Jane Lo Singapore Correspondent
he last week of March in Singapore’s Cyber conference and events calendar got underway with the Asia ICS Cyber Security Conference (27th-28th March, SunTec Convention Hall). Supported by the Cyber Security Agency of Singapore, it gathered the international community of experts in Industrial Control Systems (ICS) Cyber Security for 2 days of conferences, dialogues, exhibitions and social events to exchange leading ideas and thoughts on cyber security issues related to ICS and SCADA Systems; This was followed by IoT Asia 2017 (29th – 30th March, Singapore Expo), officially opened by Dr Vivian Balakrishnan, Singapore’s Minister for Foreign Affairs and Minister-in-Charge of the country’s Smart Nation initiative, welcomed thought leaders, industry experts, decision-makers, leading technology companies and small media enterprises (SMEs) from around the world over the two-day event; The week concluded with the well-regarded BlackHat Asia 2017 (28th – 31st March, Marina Bay Sands Convention), which returned to Singapore for its fifth year. Security professionals and researchers in the industry gathered for a total of four days--two days of deeply technical handson Trainings, and two days of the latest research and vulnerability disclosures. Beyond the presentations, panel discussions and exhibitions on the latest technologies, vulnerability research and risk assessment approaches, a theme that is clearly emerging and receiving much attention of policy makers and practitioners is the need to clarify our understanding and strengthen Cyber-Physical Security Risks in the Industrial Control Systems.
20 | Malaysia & Singapore Security Magazine
A recent incident in the Industrial Control Systems (ICSs) was the Cyber-Physical attack on the Kiev’s power grid during a December weekend last year which cut off power in the residential areas for slightly more than one hour. This event fit a familiar pattern of some 6,500 cyber incidents in Ukraine that month. Early in December, the Ukrainian Ministry of Finance as well as the State Treasury and Pension Fund said their websites was temporarily downed by disruptive attacks. Transport and energy infrastructure, including railway and mining firms, were also targeted that same month. Though these news seized sensational headlines and became centerpieces in this era of cyber disruptions, they were thought to be driven either by destabilization motivations or intelligence gathering exercises, and had not resulted in maximum damage. Outage in the affected areas in Kiev lasted a little more than an hour. Nevertheless, the Kiev attack came a year immediately after the attack on Prykarpattya Oblenergo in Western Ukraine which left many without electricity for hours. The outage in Dec 2015 was the first cyber-physical attack since Stuxnet, a Microsoft Windows malware, degraded Iran’s uranium processing capability in 2010. According to Ukraine’s representative at a conference earlier this year, the investigations of the Kiev’s disruption revealed, for example, malicious software code which included modules to specifically harm equipment inside the electric grid. Mr Olekssi Tkachenko, Deputy Head of Analytical Division, Cyber Security Department, Security Service of Ukraine, pointed out at the Asia ICS Cyber Security conference, in his “Ukraine
Published on Aug 23, 2017
This special introductory edition of the Malaysia & Singapore Security Magazine has been compiled from current, as well as recent articles p...