Public servants in Singapore might have a harder time than most if they want to check their personal email and social network updates at work. Reuters reports that the island city-state is working to implement a policy that will cut off Web access for government employees, as a defense against potential cyber attacks.
The idea is simple: Computers that aren’t connected to the Web aren’t as easy for hackers to attack remotely. This also makes it harder (but not impossible) to leak sensitive data publicly.
The move, which is set to come into effect next May, is being criticized by security experts for being overly restrictive, and it certainly sounds extreme by most measures – especially because the decision isn’t being triggered by any particular attack on Singapore’s systems.
But it’s important to look at this in context. Security firm FireEye notes that organizations in Southeast Asia were 80 percent more likely than the global average to be hit by an advanced cyber attack, with those in nations close to tensions over the South China Sea – where China and other countries are battling for control – were particularly targeted.
It’s also worth noting that cyber attacks in general, are on the rise. According to security software company Malwarebytes, nearly two-fifths of businesses in the US, Canada, the UK, and Germany have been hit in the last year by a ransomware attack; 80 percent of US firms that it surveyed suffered a cyber attack of some kind in the last year. It also noted that instances of ransomware in exploit kits increased by 259 percent in just the last five months.
David Koh, chief executive of Singapore’s new Cyber Security Agency, said that the decision to air-gap government computers from the internet isn’t any different from preventive security measures enforced in ministries in sensitive fields.
It also doesn’t mean a total internet blackout for employees in government offices; public servants will still be able to access the Web on personal or agency-issued devices.
The lack of internet connectivity will likely make it more difficult for government officials to collaborate and communicate electronically – but there are ways around this, including intranets and software designed to work on local networks.
Singapore’s decision seems to make sense in the present day, when there still isn’t a proven method for protecting large internet-connected networks and the threat from hackers is all too real. Better safe than sorry, no?