Act being amended to stop cyber attacks before they strike

SINGAPORE - The Government wants pre-emptive powers to thwart potentially crippling cyber attacks, according to proposed amendments to the Computer Misuse Act tabled in Parliament on Monday.

The moves will allow the Minister of Home Affairs to order a person or organisation to act against any cyber attack even before it has begun.

Currently, he can only do so when there is an outright cyber attack against critical infrastructure like power stations or water filtration plants that may in turn disrupt the economy and threaten national security.

With the proposed changes, he can take pre-emptive actions when specific intelligence has been received of an imminent attack that could cripple critical infrastructure such as public utilities, telecommunications, banking and transportation.

For instance, the minister may order telcos or banks to disclose how their computer networks are designed, or disclose reports of any attempted breach, to detect or counter any threat.

The changes are part of the Government's efforts to better counter the spread and sophistication of cyber attacks.

The Act - which will be renamed the Computer Misuse and Cybersecurity Act - is "in line with similar moves by other countries", the Ministry of Home Affairs said on Monday.

"Cyber attacks worldwide have increased in frequency, speed and sophistication... Prompt and effective action must be taken to avert such threats well before they endanger our critical information infrastructure," it added.

As the disclosure of information may be sensitive, legal safeguards will also be put in place to protect the use of such data.

Those who act on the minister's direction will be granted immunity from civil and criminal liability.

Non-compliance with the direction will be made a crime.

But the minister's powers will not be used to prevent or investigate a criminal offence that does not threaten Singapore's national security or essential services.

Under the amendments, essential services will also include land transport, aviation, shipping and health care.

Last year, nearly a quarter of the world's banks and 40 per cent of major insurers reported security breaches, according to a Deloitte survey.

In Singapore, about 1,000 cyber crime cases, including hacking, were reported under the Computer Misuse Act over the past five years, Deputy Prime Minister and Home Affairs Minister Teo Chee Hean revealed at the National Security Conference in August.


Get a copy of The Straits Times or go to straitstimes.com for more stories.

Become a fan on Facebook