多國政府網絡受到攻擊,新加坡部長回答如何應對
近期,多國政府網絡被曝遭黑客入侵,並攻擊個人電腦。
2024年3月6日,新加坡通訊及新聞部高級政務部長普傑立在國會上回答了楊厝港單選區議員葉漢榮和裕廊集選區議員陳有明針對此事的質詢。
點擊下面視頻觀看詳情:
以下內容為新加坡眼根據國會英文資料翻譯整理:
(左圖:新加坡楊厝港單選區議員葉漢榮,右圖:新加坡通訊及新聞部高級政務部長普傑立)
葉漢榮議員質詢通訊及普傑立部長:
問
在過去三年,通訊及新聞部是否曾發現針對我國政府電腦系統的類似攻擊?
通訊及新聞部是如何應對網絡攻擊行為?
新加坡政府網絡未受到此次攻擊的影響。我們與網絡安全局 (CSA) 和 GovTech 等部門合作,監控重要的電腦系統,並採取行動和措施應對網絡攻擊。鑒於其敏感性,我們無法公開討論這些行動和應對措施。
答
問
這些意外事件並不多見,那麼該如何訓練並提高我們的公務員面對網絡安全威脅的意識?
感謝葉先生的提問。
當談及我們關鍵的信息基礎設施的網絡安全保障措施時,我們必須考慮到各種層面的問題,這不僅僅是訓練我們的公務員,當然這是一個重要組成部分。
在確保政府信息和通信技術系統安全方面,我們有一個多層次的縱深防禦體系,以預防性、主動性、偵查性和反應性等措施以抵禦網絡威脅。
屏蔽惡意內容:我們會保障在瀏覽網頁時的安全,不讓政府工作電腦接觸到網上的惡意內容。
主動安全測試:定期對政府電腦系統進行安全測試,發現並修復任何可能存在的潛在漏洞。
實時監測:我們的線上系統由安全運營中心進行24小時全天候監控,偵測是否有網絡攻擊。
快速反應:如果發現可疑或惡意網絡攻擊行為,我們的緊急反應團隊隨時準備迅速遏制任何攻擊,對事件做調查並進行必要的補救措施,以及跟進系統恢復。
開展網絡安全培訓:依靠一個中央系統來保衛所有地方,這是不夠的。我們還定期開展網絡安全意識培訓,為我們的公職人員提高他們的的網絡安全意識。正是這種分層防禦和縱深布局,保護我們的系統免受網絡威脅。
答
(左圖:新加坡裕廊集選區議員陳有明,右圖:新加坡通訊及新聞部高級政務部長普傑立)
陳有明議員質詢普傑立部長:
問
第一個問題是部長能否向我們保證,政府會更廣泛地關注網絡攻擊的潛在攻擊面,即使這些域名不在gov.SG 內。這是因為電力和公用事業公司即使沒有gov.SG域名,也可能因提供關鍵伺服器從而成為麻煩製造者潛在的攻擊目標。
第二個問題是,部長能否向我們保證,是否持續關注政府網絡潛在的風險,尤其在一些關鍵的節點,因為這些節點一旦故障可能會帶來巨大的風險,是否也持續關注這些風險集中的節點?
這兩個問題的答案都是肯定的。我們在建立網絡安全架構時,就已經設定了系統和系統之間的相互作用,這也是我們網絡安全法制定時考慮的因素,並由此定義了關鍵信息基礎設施和敏感信息基礎設施,這些考慮因素在gov.SG域名以外的網站同樣適用。
答
以下是此次國會質詢英文全文:
state-SPONSORED CYBER ATTACKS ON SINGAPORE GOVERNMENT SYSTEMS
1 Mr Yip Hon Weng asked the Minister for Communications and Information given the recent security breaches of several foreign government computer systems (a) whether the Ministry has detected similar attacks on our Government computer systems over the past three years; and (b) how does the Ministry respond to cyber acts by state-sponsored actors.
The Senior Minister of State for Communications and Information (Dr Janil Puthucheary) (for the Minister for Communications and Information): Sir, there were recent reports that a Chinese cybersecurity firm, I-Soon, had allegedly compromised nearly 20 foreign governments. Singapore was not listed as an affected country.
The Cyber Security Agency (CSA) and GovTech work with our security agencies to monitor threats and respond to any cyberattack on our critical computer systems. Given their sensitive nature, we are unable to publicly discuss such operations and responses.
Mr Speaker: Mr Yip.
Mr Yip Hon Weng (Yio Chu Kang): Thank you, Mr Speaker. I thank the Senior Minister of State for the reply. I have a very short supplementary question. In light of this Incident, how are our civil servants trained to be more aware of such cyber attacks by state-sponsored actors?
Dr Janil Puthucheary:Sir, I thank Mr Yip for his question. When it comes to the safeguards for the cybersecurity of our Critical Information Infrastructure, there are various layers and various issues that we have to think about. It is not just about the training of our civil servants. That is certainly an important component of it, but we have a multi-layer defence in-depth approach in securing our Government’s infocomm technology (ICT) systems. There are preventive, proactive, detective and reactive measures that we put in place to defend against cyber threats.
One example of a preventive measure would be the Secure Internet Surfing, blocking Government workstations from malicious content. An example of a proactive measure is putting Government digital services through security testing to discover and remediate any potential vulnerabilities that may be there. For the systems that are online, our Security Operation Centre monitors the devices and networks 24/7 to detect attacks. Should suspicious or malicious activities or payloads be detected, our Incident Response Teams are prepared to contain quickly any attack, investigate the incident, carry out the necessary remediation and follow-up actions for recovery.
Other than depending on a central system to defend everywhere – that is not going to be sufficient – we also conduct regular cybersecurity awareness training for our public officers, raising their cybersecurity posture in terms of their behaviour and how they interact with systems. It is this layered, defence-in-depth landscape that will protect our systems from cyber threats.
Mr Speaker: Dr Tan Wu Meng.
Dr Tan Wu Meng (Jurong): I thank the Senior Minister of State for the answer. I have got two supplementary questions. The first is, can the Senior Minister of State reassure us that the Government is looking at the broader potential attack surface for cyber attacks, including beyond the gov.sg domain? This is because power and utilities companies, even if not under gov.sg, may supply a critical server and thereby be a potential attack surface by troublemakers.
My second question is, can the Senior Minister of State assure us that there is ongoing attention to looking for potential convergence points of risk, your acupressure points or your shatter points, whereby those points of failure can have disproportionate risk? Is there ongoing attention to such convergences of risk as well?
Dr Janil Puthucheary: Sir, the answer to both questions is yes. That sense of looking at the systems, systems of systems and the interactions between the various components of the systems is indeed the very framework that our Cyber Security Agency takes and the Cybersecurity Act is applied to, and it is how we then derive the designation of Critical Information Infrastructure and Significant Information Infrastructure. These considerations are not only for the gov.sg domains.
CK丨編輯
CF丨編審
Goverment of Singapore丨來源
MCI丨圖源
