11 Critical Sectors Come Together to Tackle Complex Cyber Threat Scenarios in National Cyber Crisis Management Exercise

The Cyber Security Agency of Singapore (CSA) held its hands-on technical exercise today in a finale to the sixth edition of Exercise Cyber Star (XCS25), the biennial national cybersecurity crisis management exercise. Held at the Singapore Institute of Technology, this technical exercise saw incident response teams from organisations in critical sectors and CSA put their skills to the test in an ICS (Industrial Control Systems) NetWars tournament, which was conducted in partnership with SANS Institute. Exercise participants had to tackle a series of cybersecurity challenges involving ICS technologies, that make physical machines and processes work. Attacks or disruptions to these systems can result in cyber-physical effects or real-world harms. These systems are commonly found in sectors such as Energy, Water and Land Transport.

2.           Coordinating Minister for National Security and Minister for Home Affairs, Mr K Shanmugam, observed the technical exercise and interacted with participants. He was accompanied by Mrs Josephine Teo, Minister for Digital Development and Information and Minister-in-Charge of Cybersecurity. 

3.           Exercise Cyber Star is a nationwide cyber crisis management exercise aimed at enhancing the capability and readiness of Singapore’s critical sectors to respond effectively to cyberattacks. This year’s exercise is the largest in scale and most intensive to date, held over a total of 11 days and involving close to 500 participants from CSA, sector leads, the Singapore Armed Forces’ Digital and Intelligence Service and owners of Critical Information Infrastructure (CII) from 11 sectors.

4.           Participants were tested on scenarios based on key threats observed in the global cyber landscape, such as Advanced Persistent Threats (APTs) and attacks on critical systems. Participants also had to respond to the spillover effects affecting multiple sectors.

5.            As part of XCS25, incident responders also took part in a 2-day operational-level Command Post Exercise (CPX), with a focus on five key sectors i.e. Healthcare, Maritime, Infocomm, Media, and Transport. The sectors were exercised on their responses to cross-sector scenarios such as large-scale service outages, disruption to healthcare and emergency services, data leaks arising from APT attacks, ransomware, and Distributed Denial-of-Service attacks.

6.           In preparation for XCS25, physical and virtual masterclasses were held to train participants in areas such as threat hunting and mitigation for ICS technologies, defending product supply chains, enterprise cloud forensics as well as incident response and crisis communications. Close to 190 participants attended the masterclasses. 

7.           Mr David Koh, Chief Executive, CSA, said “With cyberattacks increasing in frequency and sophistication, it is important for the Government to work closely with Singapore’s critical sectors and companies to enhance crisis response capabilities and ensure the continual delivery of essential services. Malicious actors have targeted Singapore and will continue to do so. Hence, we need to be prepared to respond to such threats. CSA will continue to lead efforts to defend Singapore against attacks by cyber threat actors, but we cannot do this alone. We need all our stakeholders to play their part to protect our cyberspace.”