• World
    • Africa
    • Asia Pacific
    • Central & South Asia
    • Europe
    • Latin America & Caribbean
    • Middle East & North Africa
    • North America
  • Politics
    • US politics
    • Donald Trump
    • Brexit
    • European Union
    • India
    • Arab world
  • Economics
    • Finance
    • Eurozone
    • International Trade
  • Business
    • Entrepreneurship
    • Startups
    • Technology
  • Culture
    • Entertainment
    • Music
    • Film
    • Books
    • Travel
  • Environment
    • Climate change
    • Smart cities
    • Green Economy
  • Global Change
    • Education
    • Refugee Crisis
    • International Aid
    • Human Rights
  • International Security
    • ISIS
    • War on Terror
    • North Korea
    • Nuclear Weapons
  • Science
    • Health
  • 360 °
  • The Interview
  • In-Depth
  • Insight
  • Quick Read
  • Video
  • Podcasts
  • Interactive
  • My Voice
  • About
  • FO Store
Sections
  • World
  • Politics
  • Economics
  • Business
  • Culture
  • Sign Up
  • Login
  • Publish

Make Sense of the world

Unique insight from 2,000+ contributors in 80+ Countries

Close

Protecting Singapore Businesses from Cyber-Espionage

S. Rajaratnam School of International Studies • May 22, 2013

Cyber-espionage is a real and growing threat to businesses and economies in Singapore. Some counter-measures can be taken by the private sector. But the government plays an important role in protecting its businesses from cyber-exploitation.

By Senol Yilmaz

Over the few decades, Singapore’s economy has moved up from a mere producer of material goods to a creative inventor of ideas. This success stands on two main pillars: Firstly, heavy investment has been made in education as well as research and development. Secondly, the rigorous protection of intellectual property rights has reassured investors that their patents, trademarks, and trade secrets are safe, and that their investments will pay out. Singapore’s innovation-friendliness is ranked in the list of the 20 most innovative countries in the world by the Economist Intelligence Unit; the World Economic Forum’s latest Global Competitiveness Report lists Singapore’s intellectual property protection regime second only to Finland’s.

However, with the widespread and growing use of cyber-espionage, this success could be undone quickly and quietly. The vast majority of companies store their secret business information digitally, whether it is formulas, production processes, or customer lists. The advantages over paper-based storing are obvious: digital storage is more cost effective and data can be accessed more comfortably by employees. But it also means that cyber-spies, who gain access to a company’s IT network, can steal enormous amounts of business secrets cheaply, easily and with little risk of detection.

A popular method of gaining illegal access is “spear-phishing”, as happened in the case of a medium-sized Swiss manufacturing company recently. The sales manager received a legitimate sounding e-mail supposedly from a potential client. He double-clicked on the attached file, assuming it contained an order. In reality, the attachment installed malware, or malicious software on the sales manager’s computer. Subsequently, the malware opened a virtual door that allowed the perpetrator to access and search for information on the company’s computer network and allowed transferring data to the perpetrator. In this or in similar ways, companies’ innovations that may cost millions to develop can be stolen with malware that costs hundreds.

The perpetrators in these cases are difficult to identify as they can conceal their real identity and physical location. While many states engage in political and military espionage, experts argue that Chinese organisations are especially active in economic espionage with their government at best turning a blind eye to such activities.

The magnitude of the financial damage is extremely difficult to estimate since most firms are either not aware of breaches and theft of their secrets, or are unwilling to report them. One estimate puts the annual damage at USD 400 billion for the USA alone. Given Singapore’s emphasis and reliance on innovation, combined with her inter-connectedness, it would be surprising if cyber-espionage did not cause substantial financial damage here.

A Matter of National Security

Since this City-State’s economic well-being stands partly on innovation and on being a place investors can trust, cyber-espionage is a real threat to economic success, for the innovative idea stolen today is tomorrow’s dollar lost. But this is not only an economic issue to be left to private companies to deal with: Joel Brenner, former inspector general of the US National Security Agency, rightly argues that the boundary between economic security and national security has become indistinctive. Creativity and inventiveness are sources of national income which again finance strategic power. Therefore, Brenner points out that the theft of intellectual property is not merely an economic issue but a matter of national security. Consequently, governments must be active in helping businesses to counter cyber-espionage.

What Needs to be Done?

A first step to counter cyber-espionage would be information sharing about attacks suffered: Once security gaps in software applications are identified, they can be closed so that cyber-spies cannot exploit the same gap to intrude other companies’ systems. However, neither private companies, nor government bodies like making instances of cyber-espionage public for fear of reputational damage with citizens, customers, investors, or shareholders.

To overcome this problem, governments have used the stick approach: The European Commission has made a recent proposal that would make it mandatory for companies operating in key business areas to report “significant” cases of cyber-espionage. However, companies will probably not be overly forthcoming with information, especially as they can rationalise that they did not assess a given case as “significant” enough.

An example for an innovative, non-government driven approach can be found in Sweden. Swedish banks are said to have formed a closed circle of trusted partners whose IT security representatives meet and exchange information about attacks regularly. They work on a first name basis and do not know each others’ company affiliation. That way, attacks are not leaked to the media and reputational damage is averted while information is shared, software vulnerabilities closed, and attacks using the same method prevented. In Singapore’s business friendly environment, a similar approach where private business takes leadership could be more readily accepted than top-down government regulation.

This does not mean that there is no role for governments at all. Five initiatives could help alleviate the problem. Firstly, and most easily, a proverbial carrot could be offered to companies operating in key business areas through taxation: Those companies that make investments and upgrade their IT security could be given special tax breaks. Secondly, government contracts, funding and loans could be tied to predefined and continuously updated minimum IT security standards. This would be an incentive for all organisations in key business areas that vie for government money. Thirdly, best practices should be defined, constantly updated in cooperation with the private sector and actively promoted through outreach programmes. Fourthly, supply chain security is crucial: Hard and software must be purchased from trusted manufacturers that deliver products free of malware. Governments can help identify such manufacturers. Lastly, it is governments’ task to represent the interests of its private sector internationally. Since cyber-espionage is an international problem, international cooperation among partners is essential.

Most experts agree that the threats from cyber-spies will increase in the coming years, both in terms of quantity and quality. Since cyber-spies constantly search for and find new software vulnerabilities, fighting cyber-espionage resembles aiming at a moving target, and will therefore be a constant struggle. The only way to keep the threat in check is to remain vigilant.

Senol Yilmaz is an Associate Research Fellow at the Centre of Excellence for National Security (CENS), a constituent unit of the S. Rajaratnam School of International Studies (RSIS), Nanyang Technological University.

*[This article was originally published by RSIS.]

The views expressed in this article are the author's own and do not necessarily reflect Fair Observer’s editorial policy.

Image: Copyright © Shutterstock. All Rights Reserved.

Share Story
CategoriesBusiness, Central & South Asia TagsAsia-Pacific, Cyber-Espionage, Focus Article, Fraud, Identity Theft, RSIS, S. Rajaratnam School of International Studies, Senol Yilmaz, Singapore
Join our network of more than 2,000 contributors to publish your perspective, share your story and shape the global conversation. Become a Fair Observer and help us make sense of the world.

Fair Observer Recommends

Is China’s Belt and Road Initiative Strategic Genius, Arrogant Overreach or Something Else? Is China’s Belt and Road Initiative Strategic Genius, Arrogant Overreach or Something Else?
Atul Singh • Sep 04, 2019
Reassessing China’s Social Credit System Reassessing China’s Social Credit System
Peter Isackson • Aug 02, 2019
What’s Really Behind China’s Falling GDP? What’s Really Behind China’s Falling GDP?
KnowledgeWharton • Jul 20, 2019

Leave a Reply Cancel reply

You must be logged in to post a comment.

Post navigation

Previous PostPrevious Media and Politics in Georgia: A Partisan View
Next PostNext After the Boston Attacks: The Role of Terrorism in the Northern Caucasus
Subscribe
Register for $9.99 per month and become a member today.
Publish
Join our community of more than 2,000 contributors to publish your perspective, share your narrative and shape the global discourse.
Donate
We bring you perspectives from around the world. Help us to inform and educate. Your donation is tax-deductible.

Explore

  • About
  • FO Store
  • FAQs
  • Republish
  • Privacy Policy
  • Terms of Use
  • Contact

Regions

  • Africa
  • Asia Pacific
  • Central & South Asia
  • Europe
  • Latin America & Caribbean
  • Middle East & North Africa
  • North America

Topics

  • Politics
  • Economics
  • Business
  • Culture
  • Environment
  • Global Change
  • International Security
  • Science

Sections

  • 360°
  • The Interview
  • In-Depth
  • Insight
  • Quick Read
  • Video
  • Podcasts
  • Interactive
  • My Voice

Newsletter

© Fair Observer All rights reserved
By continuing to use this site, you agree to the use of cookies or other similar technologies to improve our service for you. We gauge audience usage and offer social networking features. You can find out more details by reviewing our Privacy Policy. Cookie settings Accept
Privacy & Cookies Policy

Privacy Overview

The Fair Observer website uses digital cookies so it can collect statistics on how many visitors come to the site, what content is viewed and for how long, and the general location of the computer network of the visitor. These statistics are collected and processed using the Google Analytics service. Fair Observer uses these aggregate statistics from website visits to help improve the content of the website and to provide regular reports to our current and future donors and funding organizations. The type of digital cookie information collected during your visit and any derived data cannot be used or combined with other information to personally identify you. Fair Observer does not use personal data collected from its website for advertising purposes or to market to you.

As a convenience to you, Fair Observer provides buttons that link to popular social media sites, called social sharing buttons, to help you share Fair Observer content and your comments and opinions about it on these social media sites. These social sharing buttons are provided by and are part of these social media sites. They may collect and use personal data as described in their respective policies. Fair Observer does not receive personal data from your use of these social sharing buttons. It is not necessary that you use these buttons to read Fair Observer content or to share on social media.

 

Privacy Overview

The Fair Observer website uses digital cookies so it can collect statistics on how many visitors come to the site, what content is viewed and for how long, and the general location of the computer network of the visitor. These statistics are collected and processed using the Google Analytics service. Fair Observer uses these aggregate statistics from website visits to help improve the content of the website and to provide regular reports to our current and future donors and funding organizations. The type of digital cookie information collected during your visit and any derived data cannot be used or combined with other information to personally identify you. Fair Observer does not use personal data collected from its website for advertising purposes or to market to you.

As a convenience to you, Fair Observer provides buttons that link to popular social media sites, called social sharing buttons, to help you share Fair Observer content and your comments and opinions about it on these social media sites. These social sharing buttons are provided by and are part of these social media sites. They may collect and use personal data as described in their respective policies. Fair Observer does not receive personal data from your use of these social sharing buttons. It is not necessary that you use these buttons to read Fair Observer content or to share on social media.

 

Necessary
Always Enabled

These cookies essential for the website to function.

Analytics

These cookies track our website’s performance and also help us to continuously improve the experience we provide to you.

Performance
Uncategorized

This cookie consists of the word “yes” to enable us to remember your acceptance of the site cookie notification, and prevents it from displaying to you in future.

Advertisement
Preferences
Save & Accept