Countries hosting high-level global meetings not expected to provide secure communications beyond event: Heng Chee How
Questions on measures to safeguard the security of communications lines in Singapore arose in parliament, after a recent incident where a private military conference call in a Singapore hotel was intercepted.
A person using a laptop at a desk. (File photo: iStock)
This audio is generated by an AI tool.
SINGAPORE: The cybersecurity of internal virtual meetings by foreign militaries that are outside the scope of the overseas events they are attending are typically not covered by the host country, Senior Minister of State for Defence Heng Chee How said on Tuesday (Apr 2).
The Ministry of Defence (MINDEF) and Singapore Armed Forces (SAF) take a proactive approach to cybersecurity when involved in high-signature events, such as those involving high-level foreign dignitaries, and work closely with event organisers who are accountable for overall cybersecurity, he said in parliament.
MINDEF and SAF, however, do not cover the cybersecurity of foreign militaries’ internal unilateral virtual meetings, which are outside the scope of these events, noted Mr Heng.
He was responding to a question by Member of Parliament (MP) Yip Hon Weng (PAP-Yio Chu Kang)Â on measures to safeguard the security of communications lines in Singapore, after a recent incident where a private military conference call in a Singapore hotel was intercepted.
A recording of a German military phone call was leaked in March, after one of the participants, who was attending the Singapore Airshow, dialled in via an "unauthorised connection".
Participants at international events and conferences, including those attended by military personnel and Government leaders and officials, do not as a rule expect the host country to provide secured means of communications. Even if a host country is to offer such means, it is questionable whether foreign participants are comfortable using it. Foreign guests who need to transmit sensitive information will typically arrange their own secured means. This is the practice of officials of the Ministry of Defence and Singapore Armed Forces when they attend meetings overseas. Senior Minister of State for Defence Heng Chee How said this in reply to an MP’s question in Parliament on Tuesday (Apr 2).
RESOLVING VULNERABILITIES
Proactive efforts leading up to an event include identifying its digital footprint and cybersecurity risk areas, scanning the vendor websites and checking the commercial systems and applications used for the event, and working out cybersecurity incident escalation and reporting processes, explained Mr Heng.
Event organisers are required to resolve any vulnerabilities uncovered through these checks prior to the events, he added.
Noting that his reply applied to all such events and does not refer to any particular incident, Mr Heng emphasised the difference between the type of communication lines used.
He said that secure measures are implemented for “conferences and meetings that are organised by Singapore that are of a sensitive nature – government meetings, military meetings – where communications are sensitive”, and they differ from the open platforms used by the general public.
“Participants to international events and conferences, including those attended by military personnel and government leaders and officials do not, as a rule, expect the host country to provide secured means of communications,” said Mr Heng.
“Even if a host country is to offer such means, it is questionable whether foreign participants are comfortable using it.”
He said that foreign guests who need to transmit sensitive information will typically arrange their own secured means, such as encryption hardware or software, commercial secured or embassy lines, and other security measures.
“This is the practice of MINDEF and SAF officials when attending meetings overseas,” added Mr Heng.
