In a major effort to shore up its cyber-security capabilities, the Defence Ministry (Mindef) will not only set up a new cyber command but also rope in national servicemen as part of a new cyber-defence vocation.
The vocation, under the Singapore Armed Forces (SAF), will see selected soldiers deployed from August. These “cyber-defenders” will fan out across the new Defence Cyber Organisation, which will also house the SAF’s new Cyber Defence Group, Defence Minister Ng Eng Hen announced on Friday (March 3) in the debate on Mindef’s budget.
The aim is to have about 2,600 servicemen — regulars, full-time national servicemen and operationally ready NSmen — on board in about a decade.
As part of a pilot, some cyber-defenders who are doing National Service may also be deployed to support the Cyber Security Agency of Singapore (CSA) at the national level.
Servicemen can expect to fulfil three key roles: Monitor critical networks and systems around the clock to detect anomalies and flag potential attacks; respond quickly to contain cyber incidents and reduce their impact on regular network operations; and analyse data and detect patterns that may allow the SAF to better defend its networks against similar attacks in future.
Those chosen for the vocation, who will be assessed case-by-case, will need to have the relevant cyber skills, experience and academic background. They could include employees from the cyber-security industry and those who have demonstrated their abilities at cyber competitions.
Before this, only a small number of full-time national servicemen have been deployed to support the SAF’s cyber-defence efforts.
Helmed by Mr David Koh, chief executive of CSA, the new Defence Cyber Organisation will lead and coordinate cyber-security efforts across the defence cluster, including the Defence Science and Technology Agency and DSO National Laboratories.
Its key roles include charting cyber-defence strategies and policies, and supporting the CSA where needed.
As for the new Cyber Defence Group, a formation under the Defence Cyber Organisation, it will monitor and audit the cyber-defence of the SAF’s military networks around the clock and neutralise cyber threats, among other things.
With the SAF transforming itself into a more technology-centric force, the threat of cyber-attacks dealing a blow to its military capabilities has grown. Such hits are already happening overseas. For instance, it was reported last year that cyber-attacks against 160 South Korean firms and government agencies saw more than 140,000 computers compromised, resulting in the loss of more than 40,000 defence-related classified materials.
To ramp up training for cyber-defenders, the Headquarters Signals and Command Systems will this month sign a memorandum of understanding with cyber-security firm ST Electronics (Info-Security) and Nanyang Polytechnic. It will cover six areas, including providing specialised, globally accredited courses and co-developing a customised cyber-defence curriculum.
These new initiatives build on efforts over the years to improve cyber-defence, Mindef said, such as the Cyber Defence Operations Hub established in 2013.
Speaking to reporters earlier this week, Lieutenant-Colonel (LTC) Mok Chuan Hao, the hub’s operations control head, said that the SAF faced “all sorts of attacks”, from those that were less critical detected by its systems to the more advanced ones which require skills and analysis to decipher if an attack has indeed occurred.
“Cyber-attack methods are always evolving, and every year, there’re new methods,” he said, adding that it is thus important for military personnel to learn to spot and counteract such threats.
It takes about half a year to train a cyber-defender. Aside from grasping networks and the SAF’s systems, a cyber-defender — who will undergo a training programme that includes on-the-job training — must also be well-versed in areas such as operating the force’s cyber-defence tools, LTC Mok said.
As part of their training, the cyber-defenders will undergo activities at the Cyber Test and Evaluation Centre regularly. Activities such as network security testing as well as cyber-defence training and exercises have been held at the facility since it opened in 2015.
While figures for cyber attacks against Mindef are unavailable, Dr Ng noted in Parliament last year that cyber intrusions occurred daily: “For those of you in this business, it’s not tens; it’s not hundreds; it’s not thousands; it’s hundreds of thousands or millions of network event logs.”
The New Paper
4 March 2017
As a teenager, he spent four to six hours daily playing online multi-player games like Dota 2 and League of Legends.
Corporal Sim Tian Quan, 21, never thought he would become a cyber warrior, protecting Singapore from cyber attacks.
Cpl Sim is a full-time national serviceman who is an operator at the Cyber Security Operations Centre, which is part of the Cyber Defence Operations Hub (CDOH).
He is part of a team that monitors the Singapore Armed Forces' (SAF) networks and handles incidents like Government website defacements.
The Singapore Polytechnic alumnus graduated from its IT course and enlisted for national service in October 2015.
Cpl Sim is the only one from his cohort in this unit.
He said he enjoys the adrenaline rush of tackling unexpected problems.
Cpl Sim said: "Threats - like humans - also evolve, and that's what I saw after I came into this unit."
In a demonstration at the Cyber Defence Test and Evaluation Centre (CyTEC) at Stagmont Camp on Monday, a team of operators, analysts and evaluators tackled an online attack on a Government website.
REALISTIC
Lieutenant-Colonel Mok Chuan Hao, 37, head of operations control at CDOH, said CyTEC makes training more realistic as it can simulate various scenarios.
A cyber defence training Memorandum of Understanding will be signed between the SAF's Headquarters Signals and Command System, Singapore Technologies Electronics (Info-Security) and Nanyang Polytechnic (NYP) on March 14.
NYP offers a diploma in cyber security and forensics.
Second-year student in the course, Mr Li Kang Li, 18, is looking forward to his NS enlistment with the announcement of the new cyber vocation.
He said: "I can continue using the skills learnt in school during the two years there."
Mr David Maciejak is with security vendor Fortinet and is the head of its research arm, the FortiGuard Lion research and development team in Asia-Pacific.
Mr Maciejak told The New Paper that Singapore's ambition to become the world's first smart nation means smart technology sensors distributed around the city present many non-traditional entry points for new attacks.
Yesterday, NYP told TNP that it will be conducting customised cyber security courses for Mindef's Signals Institute.
These courses will enable signalmen to prevent, detect, respond to and recover from cyber attacks.
An NYP spokesman said: "It is the first cyber security programme for the Signal Institute, and we will train up to 300 cyber defenders annually."