Singapore sets up counter ransomware task force to tackle rising cybersecurity threats, attacks

The Cyber Security Agency of Singapore (CSA) announced Wednesday that the government has convened an inter-agency Counter Ransomware Task Force (CRTF) to develop and make recommendations on possible policies, operational plans, and capabilities. The CRTF works towards improving the nation’s counter ransomware efforts on the principle that for efforts to be effective, the ransomware threat must be tackled as a cross-domain challenge.

The Task Force comprises senior government representatives from the technology, cybersecurity, financial regulation, and law enforcement domains. The Task Force is chaired by David Koh, chief executive of Cyber Security Agency (CSA), and comprises representatives from the CSA, Government Technology Agency, Infocomm Media Development Authority, Ministry of Communications and Information, Ministry of Defence, Ministry of Home Affairs, Monetary Authority of Singapore, Singapore Armed Forces and Singapore Police Force.

Set to be published in due course, the CRTF will deliver a report recommending strategies that the government can take to improve its counter ransomware efforts. 

Ransomware is also a cross-border problem. Ransomware criminals are often based overseas and leverage jurisdictional boundaries to move illicit assets and evade legal consequences. Thus, the Task Force is looking into coordinating Singapore’s international engagement strategy to counter ransomware, while pushing for greater international cooperation in cybersecurity cooperation, financial supervision, and cross-border law enforcement operations. 

Ransomware has become a growing concern for businesses both in Singapore and around the world. The number of ransomware cases reported in Singapore is on the rise, with a 54 percent increase between 2020 and 2021. 

Around the world, ransomware attacks have also intensified in scale and impact, becoming threats to essential services and important infrastructure. In 2021, a ransomware attack on Colonial Pipeline systems, caused the shutdown of the largest fuel pipeline on the East Coast of the U.S., affecting fuel prices and fuel supply to around 50 million customers. In the same year, a ransomware attack on meat processing company, JBS Foods suffered a ransomware attack that affected its facilities in the U.S., Canada, and Australia, resulting in food supply chain disruptions and price surges. 

The U.S. administration is also working on countering ransomware attacks to protect Americans online and work with allies and partners to deliver more secure cyberspace while imposing costs on and strengthening U.S. security against malicious actors. Last year, the U.S. administration facilitated a ‘Counter Ransomware Initiative’ among over 30 countries and the European Union, with the goal of accelerating cooperation to counter ransomware that is emerging as a significant risk to critical infrastructure, essential services, public safety, consumer protection and privacy, and economic prosperity.

In July, the CSA released a CII Supply Chain program paper that acts as a blueprint for the CSA, sector leads, CIIOs (critical information infrastructure owners), and vendors to build cybersecurity and resilience into the CII supply chain in response to the evolving threat landscape and increased digitalization. It also published the Codes of Practice or Standards of Performance issued by the Commissioner of Cybersecurity for the regulation of owners of Critical Information Infrastructure (CII), in accordance with the Cybersecurity Act. 

Commenting on the CSA’s move to set up a CRTF, Darren Williams, CEO and founder of BlackFog, said in an emailed statement that “Interconnectivity and alignment between government entities is paramount for any country, regardless of size, to establish a unified approach towards ransomware prevention.” 

“As noted by the Coordinating Minister for National Security, the attacks against Costa Rica served as a prime example of how quickly your entire nation can be undertaken from the swift actions of a skilled attacker,” Williams said. “Moving forward, these targeted countries must not only focus on preventing ransomware as a whole, but on preventing sensitive data from being exfiltrated. We have seen time and time again how even when a ransomware attack is dealt with, once data has been stolen, the damage can perpetuate indefinitely,” he adds.

The CSA’s announcement comes at the same time as the European Commission proposes to strengthen the resilience of EU critical infrastructure, building on the five-point plan for resilient critical infrastructure presented by EU President Ursula von der Leyen at the European Parliament earlier this month. The draft recommendations aim to maximize and accelerate the work to protect critical infrastructure in three priority areas – preparedness, response, and international cooperation.

The Australian government has announced that it has begun consulting on the Risk Management Program Rule under Part 2A of the Security of Critical Infrastructure Act 2018. The initiative works towards a strong and effective government-industry partnership central to achieving the government’s vision for critical infrastructure security and resilience.

The Canadian government introduced in June a legislative bill to strengthen Canada’s cybersecurity stance across the financial, telecommunications, energy, and transportation sectors. The move would also introduce a regulatory regime requiring designated finance, telecommunications, energy, and transportation operators to protect their critical cyber systems.

Anna Ribeiro

Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.