Getting your Trinity Audio player ready...
|
In an increasingly digital world, cyber resilience has become a key issue, highlighting the importance of robust systems and swift recovery measures in the face of disruptions. This observation is epitomised by the global outage impacting IT systems worldwide, including those in Singapore. According to the Ministry of Digital Development and Information, the issue is purely technical, involving software, and is not related to any cybersecurity incident.
The outage originated from a major cybersecurity company that suffered a significant disruption due to a faulty update to its software. This software is widely used by various companies and government bodies globally. The defective update caused widespread issues, leading to the temporary unavailability of numerous services.
Government services remain unaffected, but several companies in Singapore have experienced disruptions in their service delivery to the public. This includes check-in services for airlines, newspaper publishing, and car park operations. Local banks, telecommunications companies, and hospitals have not been impacted by this outage.
The Monetary Authority of Singapore (MAS) revealed that despite the disruptions, the Singapore Dollar money market and foreign exchange market functioned normally. There was a temporary disruption in access to SGX’s post-trade system, but other essential trading and clearing services were not affected.
Additionally, MAS confirmed that its systems, including the MAS Electronic Payment System (MEPS+), which serves as the real-time gross settlement system for SGD payments, have not been affected. As a precaution, MAS extended the operating hours of MEPS+ by two hours, until 9 PM on Friday, to ensure the smooth settlement of SGD payments by MEPS+ participants.
In response to MAS’s request for impact reports from major financial institutions, they reported minimal or no impact on customer services and key operations. While some institutions faced disruptions to internal systems used by staff, their critical systems remained unaffected.
Nonetheless, reports have emerged of a phishing campaign targeting the cybersecurity company’s users. Exploiting the outage, threat actors are sending phishing emails posing as the company’s support, impersonating staff in phone calls, posing as independent researchers claiming evidence of a cyberattack, and selling scripts purportedly automating recovery from the issue.
The Cyber Security Agency (CSA) has identified malicious domains associated with this campaign. System administrators are advised to configure their firewall rules to block connections to these domains. Details of the identified malicious domains can be found on the CSA website.
The Singapore Computer Emergency Response Team (SingCert) has issued an advisory outlining steps for administrators and users of affected systems to mitigate the impact. The advisory can be accessed on SingCert’s official Facebook page.
Despite the challenges, most companies affected by the outage have now restored their services to the public. This includes airline check-in services, newspapers, radio, and postal services.
The government, along with its various ministries, is actively monitoring the situation and providing necessary assistance to affected companies to facilitate their recovery efforts. They are committed to closely overseeing the developments and remain prepared to offer further support as required.
This involves helping businesses restore operations, address technical issues, and minimise disruptions, with government and sector collaboration aimed at mitigating the outage’s impact and speeding up recovery.
As OpenGov Asia reported, in an era of increasing digitalisation, cybersecurity is crucial for national security and economic stability. The opening of the CyberSG Talent, Innovation, and Growth (TIG) Collaboration Centre, a partnership between the National University of Singapore (NUS) and the Cyber Security Agency of Singapore (CSA), marks a significant step in enhancing Singapore’s cybersecurity ecosystem and workforce.
Singapore’s swift incident response, supported by various initiatives and strategic partnerships, underscores its commitment to a secure digital future and its significant contributions to global cybersecurity advancements.