A dreary midweek morning has been shaken with news that all internet access will be revoked from over 100,000 computers being used by public servants from May next year. The Straits Times reported that a memo is currently going out to all government agencies, statutory board and ministries.
This measure is a bid to eradicate the potential of leaks from work emails and shared documents, a spokesperson from the Infocomm Development Authority (IDA) stated that “The Singapore Government regularly reviews our IT measures to make our network more secure”.
To this, dedicated internet terminals have been issued to those who need them for work, which presumably has higher security in accordance with IDA standards.
Moving forward, public servants can still access the internet via their personal mobile phones and tablets, since these devices are not connected to government email systems. They will also be allowed to forward work emails to their private accounts if the need arises.
Moving Towards Smart (And Secure) Nation
The move comes as quite a surprise in a country with an emphasis on building a Smart Nation and increased island-wide connectivity.
As quoted in The Straits Times, Asia-Pacific executive vice-president of global computing security association Cloud Security Alliance Mr Aloysius Cheng expressed that he felt like the move was a return to the 1990s when only dedicated computer terminals could access the internet.
“In the past, it was hard for malware to extract sensitive information from within government networks,” he said. “Now, it is hard to control any leak on social media or file-sharing sites.”
However, there is also the increased threat of cyber attacks that comes all the more because of how connected everything and everyone is.
Dr Yaacob Ibrahim, Minister for Communications and Information, told Parliament in 2015, “We must ensure our infrastructure is resilient and secure, protect personal data and information, and create a safe and conducive environment online.”
Plans for a five-year National Cyber Security Masterplan was also revealed, and it aims to boost Singapore’s reputation as a trusted yet robust infocomm hub by 2018.
Could this move on public servants be part of the plan?
Government Agencies – A Target For Hackers
Hackers have been known to target vulnerable government agencies before.
On 9 July 2015, 21.5 million Americans who had underwent government background checks were affected by a colossal hacking of government computer systems, resulting in the theft of private details such as addresses, health and financial history, social security numbers and fingerprints.
Forwarding government emails to personal devices can be controversial too. Hillary Clinton, while serving as the U.S. Secretary of State, exclusively used her family’s private e-mail server for classified official communications. Like Hillary, our public servants are subject to a non-disclosure agreement (NDA) with the government, which puts them at an unnecessary risk.
So far, there has only been one prominent hacking attempt on Singaporean governmental systems.
On 5 June 2014, TODAY reported that over 1,560 Singpass accounts might have been accessed, of which 419 passwords were reset. Since then, on 26 Jan 2016, two-factor authentication services have been implemented for Singpass in order to solve account access vulnerabilities.
It’s hard to predict how Singaporean public servants will cope with this change in their daily workflow, but as with all things, only time will tell.