There was no indication thus far that Singapore’s CII and Government systems have been adversely affected by the SolarWinds breach.
The Minister for Communications and Information S. Iswaran has assured the Singapore Government that the SolarWinds attack didn’t affect any departmental or enterprise networks.
According to Minister Iswaran said there was no indication thus far that Singapore’s CII and Government systems have been adversely affected by the SolarWinds breach.
However, the Government was adopting a cautious stance, and the Cyber Security Agency had issued public advisories on steps that enterprises and organisations should take to safeguard their systems against this threat. These include having full visibility of their networks and detecting unusual activity in a timely manner.
According to the Minister in the longer term, dealing with these sophisticated cyber threats requires a fundamental shift in mindset towards a “zero-trust” cybersecurity posture. At its core, this “zero-trust” cybersecurity posture has the notion that we should protect our networks by observing two key principles – first, we should not trust any activity without first verifying it; and second, ensure constant monitoring and vigilance for suspicious activities.
This includes compartmentalising and restricting access to different segments of the network, validating transactions across segments, reconciling any escalation of user privileges, and actively and regularly hunting for threats. Organisations should also put in place robust plans for cyber incident response in the event they fall victim to a cyber-attack. CSA will strengthen engagements with CII sectors, enterprises, and organisations to adopt and sustain these measures.
Minister Iswaran said the SolarWinds incident underscores the global and transborder nature of cyber threats. Given the nature of the digital domain, such cyber incidents will happen from time to time. Malicious actors only need to exploit one vulnerability, while the defenders must ensure that there are no vulnerabilities in all the systems and networks that they are protecting, all the time.
“Though difficult to completely prevent, we need deliberate, targeted and consistent efforts to strengthen our cyber defences against sophisticated threats like the SolarWinds breach, which exploit the supply chain of trusted vendors and software,” he noted. “Our CIIs, enterprises and citizens must also maintain their vigilance against cyber threats, as we mitigate the risks while leveraging the opportunities of digitalisation.”
The SolarWinds cybersecurity breach occurred in December 2020 and compromised a network management software that is widely used by major companies worldwide.
The attacker used the software’s regular updates to implant a backdoor and gain a foothold in the networks of organisations that downloaded and installed the malicious update. This is a very sophisticated attack that evaded detection for many months.
As reported by the media, SolarWinds’ clients include US government agencies and Fortune 500 companies – including Microsoft, CISCO Systems and VMWare.
It affected about 18,000 customers, although a much smaller number were compromised by follow-on activity on their systems. This breach is especially noteworthy because the SolarWinds software is part of the network control and management infrastructure – hence, it was trusted and had privileged access to internal networks. The situation is still evolving in 2021, and the affected firms are continuing with their investigations.