By Kuksung Nam, The Readable
Oct. 19, 2023 9:00PM GMT+8 Updated Oct. 20, 2023 12:15PM GMT+8
Singapore ― SICW 2023 ― The primary cybersecurity threat currently facing Singaporeans comes from the malicious activities of scammers, the head of Singapore’s cybersecurity agency emphasized on Thursday.
David Koh, Commissioner of Cybersecurity and Chief Executive of the Cyber Security Agency of Singapore (CSA), noted that the complexity of fraudulent activities has increased to the point where bad actors no longer deceive victims simply by making a phone call.
“They are tricking victims into downloading malware onto their phones. Once the malware has taken over the phone, and the bank has sent you a one-time password (OTP), it’s all compromised,” said the chief executive in a conversation with foreign journalists during the 8th Singapore International Cyber Week (SICW). “This is the biggest challenge that we’re facing now.”
Singapore is battling scams in which bad actors hijack a victim’s mobile device using malware, steal their online banking credentials, and carry out unauthorized financial transactions in their victim’s name. After they extract as much money as they can, the criminals then factory-reset the phone, erasing all the data including evidence of their activity.
The Singapore Police Force published a public advisory last month in which they described the new malware scam variant, noting that more than 750 victims have fallen for the deceptions of cybercriminals in the first half of this year. At least 10 million Singapore dollars ($7 million) in total were extorted from between January to June.
Koh explained his country’s efforts to protect its citizens from scams, noting the nation’s recent push to enter into relationships with big tech companies. Singapore officials announced on Tuesday during the SICW that it will be cooperating with Google and Microsoft in a joint effort to counter cybersecurity threats.
The head of the CSA further stressed the importance of the need for all electronic devices to be packaged with better security capabilities. “The majority of people aren’t tech-savvy,” said Koh. “From the moment they are obtained by consumers, devices should already be secure.”
Kho employed the analogy of seatbelts to illustrate the need to make the pre-installed settings of the new digital devices. Although there was a period when having seatbelts installed in new cars was optional, having seatbelts ultimately became mandatory, with the reason being that they protect lives.
“What happens [if you don’t put on your seatbelt]. First, the car will make an irritating beeping sound. From that, I will know that something is wrong. Next, if a policeman stops me while driving without my seatbelt properly fastened, I will certainly be in trouble. Furthermore, if I get involved in an accident while not wearing a seatbelt, my health insurance will not cover me. There are consequences for ignoring safety, and I know that whatever goes wrong while I’m being willfully unsafe is my fault,” said the head of CSA.
“There are no such safety requirements on the books today in cybersecurity. Electronic devices come without seatbelts, so there is no way for the casual user to receive warnings from the device itself. And that’s the problem.”
However, Koh added that security principles should not be forced on individuals, as this would likely compromise and weaken the entire “outdoor” system. “You can design a car that doesn’t move unless you have the seatbelt on,” said Koh. “But I think a lot of people would be made unhappy by that. You want your freedom of choice.”
This article was copyedited by Arthur Gregory Willers.
Kuksung Nam is a journalist for The Readable. She has extensively traversed the globe to cover the latest stories on the cyber threat landscape and has been producing in-depth stories on security and privacy by engaging with industry giants, foreign government officials and experts. Before joining The Readable, Kuksung reported on politics for one of South Korea’s top-five local newspapers, The Kyeongin Ilbo. Her journalistic skills and reportage earned her the coveted Journalists Association of Korea award in 2021 for her essay detailing exclusive stories about the misconduct of a former government official. She holds a Bachelor’s degree in French from Hankuk University of Foreign Studies, a testament to her linguistic capabilities.