\n<\/p>\n
SINGAPORE \u2014 As Singapore ramps up efforts to confront cyber terrorism, Yahoo Singapore speaks to RSIS\u2019 Muhammad Faizal Abdul Rahman about cyber threats and what you can do to be better prepared in 2026.<\/p>\n
Faizal, who has a research background in terrorism and geopolitical cyber threats, also gives his thoughts on why Singapore is cautious about publicly identifying state actors and the government\u2019s move to start sharing classified threat intelligence with organisations in critical sectors.<\/p>\n
Q:<\/strong> What can the government do to better educate the regular person on cyber threats?<\/p>\n Faizal:<\/strong> The government has implemented cybersecurity awareness campaigns and cyber hygiene programmes, including in schools, to educate the public. These should be sustained and could be updated to adapt to changes in the threat landscape and could be further customised to suit different sections of the demography.<\/p>\n Q:<\/strong> A recent case involving three foreign hackers in Singapore<\/a> mentioned the use of PlugX-related tools. What exactly is PlugX?<\/p>\n Faizal: <\/strong>Cybersecurity experts have described PlugX as a sophisticated malicious software that can avoid detection while infiltrating computer devices and performing a multitude of cyber espionage activities.<\/p>\n Q:<\/strong> Going back to the case: There’s quite a lot of information in the report to digest, can you pick out any key observations?<\/p>\n Faizal: <\/strong>One key observation is that the use of the same malware by both state-affiliated cyber threat actors and cybercriminals have blurred the lines between crime and national security as well as law enforcement and defence in the digital domain. Similar to how nation states have used mercenaries in the physical world to avoid international law and accountability in pursuing geopolitical interests, nation states can use cybercriminals as a deniable tool of state power to compete geopolitically in the digital domain.<\/p>\n Q:<\/strong> In a recent opinion piece<\/a> back in July, you suggested Singapore prefers technical attribution over political attribution when it come to identifying state actors involved in cyber-attacks. Please explain.<\/p>\n Faizal: <\/strong>Countries that consider themselves neutral or non-aligned may prefer technical attribution over political attribution of malicious cyber activities. Technical attribution is based on factual data gathered during investigations and point to the perpetrator operating these activities.<\/p>\n Political attribution may not always use factual data and usually pins the blame on a nation-state believed to be behind the perpetrator. While technical attribution demonstrates an act of defence, political attribution could be perceived as escalatory.<\/p>\n So, countries need to assess where they stand in the realm of geopolitics and power to decide the course of action that best suits their national interests.<\/p>\n Q:<\/strong> In October, MINDEF established the Digital Defence Hub (DDH)<\/a>. Can you talk a bit about the importance of this development in light of the UNC3886 attacks<\/a>?<\/p>\n Faizal: <\/strong>The Digital Defence Hub is a new unit in the Centre for Strategic Infocomm Technologies (CSIT), which has been around in MINDEF since 2003. It is likely that the strategic goal of the Hub is to better bring together defence capabilities and threat intelligence with those of the civilian Cyber Security Agency (CSA) and SAF\u2019s Digital and Intelligence Service.<\/p>\n This development also shows that civilian and defence agencies need to work together in defending the digital domain where civilian interests are often the targets in cyber conflict between nation-states. It may also be a response to better prepare Singapore for the reality that the digital domain is being increasingly militarised, which is a reflection of the physical world today where there is an increase in armed conflicts and inter-state tensions.<\/p>\n