Singapore authorities are checking and patching government systems thoroughly to guard against a critical vulnerability in widely used software. Singapore then held emergency meetings with critical information infrastructure (CII) sectors to prepare them for the potential threats.
The software is an open-source Java package used to support activity-logging in many Java-based applications. As it is widely used by developers, this vulnerability can have very serious consequences. Successful exploitation of this vulnerability will allow an attacker to gain full control of the affected servers. The situation is evolving rapidly and there have already been numerous observations of ongoing attempts by threat actors to scan for and attack vulnerable systems.
The Cyber Security Agency of Singapore (CSA) is monitoring the situation closely. There have been two emergency meetings by CSA with all the CII sector leads to issue directions and technical details, and to heighten monitoring for unusual activities. Aside from earlier advisories, CSA has also organised a briefing session this morning to trade associations and chambers to underscore the seriousness of the vulnerability and urgency of implementing mitigation measures for all businesses and SMEs.
Security researchers have flagged this incident as one of the most serious cyber vulnerabilities. We are taking this seriously. Our teams at CSA and GovTech are checking and patching our government systems thoroughly as we speak. But it will not be enough and we need to keep vigilant. While the situation is serious, there are always proactive steps we can take. I urge CII owners, business leaders or developers to identify the potential risks in your systems and close these gaps quickly.
– Minister for Communications and Information Josephine Teo
Users of the products should:
- Patch to the latest updates immediately, especially for users with affected versions between 2.0 and 2.14.1. They are advised to upgrade to the latest version 2.16.0 immediately.
- Determine if the software is used in other instances within their system.
- Heighten monitoring for anomalous activity; deploy Protective Network Monitoring and Review System Logs.
Product developers that use the products should:
- Identify, mitigate and develop patches for affected products that utilise the software.
- Inform end-users of your products that contain this vulnerability and strongly urge them to prioritise software updates.
While a security fix has been released by the non-profit organisation that developed the software some of the world’s largest technology companies are still struggling to make their products safe from the vulnerability. Thousands of other programs use the free logger, and those responsible for them must prepare and distribute their own patches to prevent takeovers.
That includes other free software, which is maintained by volunteers, as well as programs from companies big and small.
As reported by OpenGov Asia, CSA has launched a series of tool kits for enterprises, which provide guidance on cybersecurity issues tailored for senior business leaders, owners SMEs, as well as employees. The new toolkits help to simplify cybersecurity and enable businesses to make more informed trade-offs between security, system usability and cost.
The toolkit for enterprise leaders and SME owners will focus on the business reasons for business leaders and SME owners to invest in cybersecurity, such as rationalising investment in cybersecurity, and how fostering a culture of cybersecurity would enable enterprises to reap the benefits of digital transformation.
Although 80 per cent of Singapore SMEs embrace digital transformation and have digital transformation in place, cybersecurity has been the key reason for small enterprises not digitalising. Topics include the cultivation of cybersecurity leadership and guidance for employee cybersecurity education.
Beyond toolkits, CSA will also partner with the industry to further drive cybersecurity awareness to local businesses, individuals and the wider community. CSA launched a new partnership programme that aims to equip businesses and enterprises with tools and information to strengthen their cybersecurity.