16 May 2019

Ladies and gentlemen, 

Good afternoon and thank you for being here today at the official opening of the Maritime Cybersecurity Operations Centre (MSOC). I have just 3 points to make.

Cyber threats are more real today than before

2.    First point – cyber threats are more real today than before, are more widespread, and much more likely to cause significant damage. The Ninth Annual Cost of Cybercrime Study published by Accenture in March 2019 found that the frequency of attacks has increased by 11% over the past year and their average cost to organisations has grown from US$1.4 million to US$13 million per attack. The sophistication of cyber-attacks has risen drastically over the years, with online black markets offering automated attack tool-kits, zero-day vulnerabilities and hacking services, and some may even come with support services and helplines to anyone who is willing to pay!

3    I remember that in 1987 the first MS-DOS virus, the Pakistani Brain virus was created by two 19 year old brothers from Pakistan. It was the first stealth virus in the world at that time, and was spread using bootleg copies of software programs such as "Lotus 1-2-3", the virus activates whenever a copy is being made. It will  take over the boot sector of the disk, transfer the original boot sector to another part of the disk and certify the new location as "bad" in the file allocation table ("FAT"), so that the disk operating system (DOS) would not show it as an entry or attempt to write on the floppy disk. Thereafter the virus redirects all the boot sector requests back to the original boot sector but remains in control of the machine.  The virus actually spread farther than the brothers had intended infecting thousands of machines all over the world. There have been many variants since then. Many more dangerous malwares and viruses have been created. Last year, Statista a market data coy estimated that more than 20 billion IoT devices were installed worldwide and the number could grow at least three-fold by 2025. These are all fertile ground for cyber attacks.

4    In 2017 and 2018 we heard about the Wannacry and Petya ransomware which caused much damage to major companies like Mearsk. In March this year, the Norsk Hydro aluminium company one of the largest in the world, was forced to halt production and switch other units to partial manual operations after a new ransomware, the LockerGoga, hit its system which impacted its production plants. It encrypted their computer files and demands payment to unlock them. In April this year it was reported that hackers targeted and possibly compromised over a million Asus computers through a legitimate LIVE update utility which is used to automatically update the BIOS, drivers and applications. Hackers stole their digital certificates and used it to sign off as legit binaries. Just last week we heard about the NSO group from Israeli that managed to insert surveillance software via Whatsapp. 

5    Closer to home, you would be familiar with the incidents involving the healthcare sector in Singapore. Not all of these incidents are due to cyber-attacks. Some are due to lapses in protocols.

We need to boost our cyber defence readiness

6    Let me go on to my second point – recognising our vulnerabilities, we need to boost our cyber defence readiness.

7    Today's launch of the Maritime Cybersecurity Operations Centre or MSOC in short, is timely. The MSOC is a 24 by 7 centre that will focus on early detection, monitoring, analysis and swift response to potential cyber-attacks on our Maritime Critical Information Infrastructure (CII). ST Engineering will share more on MSOC’s capabilities later.

8    Besides the MSOC, we are also working on 3 other initiatives. First, MPA will build key data linkages between the MSOC and the existing Port Operations Control Centre (POCC) at PSA Vista in order to respond to cyber incidents in a more holistic and timely manner. We will also design an integrated command and control centre of the future when we move to the new Tuas port.

9    Second, MPA is collaborating with the Singapore Shipping Association (SSA) and Singapore Polytechnic to develop a new “Maritime Cybersecurity (Intermediate) Training Course” for maritime personnel to enhance their knowledge in managing cyber threats and challenges. This course will be rolled out in the first half of next year.

10   Third, MPA will embark on a Maritime Cybersecurity Research Programme in collaboration with the Singapore Maritime Institute and local institutes of higher learning. This programme will focus on the protection of shipboard systems and prepare bridge-officers to respond effectively to a cybersecurity breach. I would add that on the MPA Board level, we are also creating a cybersecurity Board sub-committee to look at cybersecurity matters at Board level just like we have an Audit Committee or Investment committee.

We need to share information to cue timely responses

11   Finally, my third point – we need to share information among like-minded partners around the world to cue timely responses against cyber-attacks. MPA will build on the existing Port Authorities Roundtable (PAR) initiative, as well as with other partner networks, to enhance situational awareness of cyber threats and incidents and to collaborate on cybersecurity initiatives for the maritime sector.

12    During the NotPetya ransomware global outbreak in 2017, MPA received an early alert from the Port of Rotterdam informing us that a ransomware attack had hit APM terminals globally. This heads-up of an additional 2 to 3 hours had allowed us to inform key stakeholders in advance to heighten their cybersecurity postures and ready their internal resources to mitigate threats and respond to incidents.


13    In conclusion, let me thank ST Engineering and all our key partners and stakeholders for supporting the MSOC project. This is an important effort to ensure the security and integrity of Singapore's maritime sector. Thank you.