At the ISD Intelligence Service Promotion Ceremony on 14 April 2010, DPM Wong Kan Seng spoke of the potential for friction to be compounded by growing religiosity and religion assertiveness amongst Singaporeans, and of how the Government must continue to ensure a big enough neutral, common space in which our different communities can engage in public life and with one another free from religious considerations and sensitivities.
ISD Intelligence Service Promotion Ceremony - Speech by Deputy Prime Minister and Minister for Home Affairs
Director ISD, Ladies and Gentlemen
The security threat environment is marked by complexity and uncertainty. We can expect it to continue to be so in the foreseeable future. Nevertheless, as we embark on the next decade of the millennium, it is timely to take stock at the strategic level and look at some of the more noticeable trends of security concern. These will further put your professional capacities and capabilities to the test.
Still Rising Threat: Terrorism
First, terrorism. The terrorism landscape has undergone significant changes in the last 10 years. Recent events like the Fort Hood shooting; Umar Farouk’s attempt to blow up Northwest Flight 253; the detection of an Al-Qaeda cell comprising Middle-Eastern and African nationals in Malaysia; the discovery of a motley group of terrorists training in Aceh; and the apprehension of “Jihad Jane”; serve as grim reminders of the ever changing face of this deadly threat.
Indeed, over the years, we have seen the threat morph from organised groups and networks, to plots spawned independently by individuals and small groupings with few, or even without direct connection to established terrorist organisations like Al-Qaeda and JI. The successful decentralisation and spread of the global jihadist ideology are evident in the rise of home-grown terrorism and other lone wolves and self-radicalised individuals, as well as independent terrorist groups which publicly identify themselves as part of the Al-Qaeda franchise.
We need not look far to see such trends. The small group of terrorists who had been training in Aceh comprised breakaway elements from various Indonesian groups who felt that their parent groups were not militant enough. The group took on Al-Qaeda branding, naming itself “Al-Qaeda in Aceh”, even though they had no known affiliation.
As for the trend of self-radicalisation, although not new, it is still a growing phenomenon. The Internet continues to be exploited to this end in no small way, as can be seen in many cases worldwide.
To appeal to the young generations of new-media users, the recruitment videos of the terrorists now resemble something straight out of MTV. Besides the thousands of websites that offer such extremist materials to radicalise those who surf the sites, we also see an increasing trend of terrorist recruiters using social networking sites like Facebook, YouTube and Twitter to make personal and individual contact with those they spot as likeminded or wannabes. The availability of radical websites in English is also growing. This is of concern given the proficiency of Singaporeans in the language.
There is no simple fix. Educating and preventing the unwitting from succumbing to radical religious rhetoric is necessary. Equally important, parents, relatives, teachers and friends are in close positions to notice adverse changes in the behaviour and ideas of a youth. They should not dismiss his bringing up radical notions such as martyrdom and activities such as the surfing of radical websites as mere youthful idealism or idle talk. They should inform the security agencies such as ISD and Police when they come across this. Early intervention can make the difference between a lifetime of regret for the youth, and rescuing him from the clutches of radical ideologues before he bloodies his hands and conscience.
New Form of an Old Threat: Cyber Espionage
Radical ideologue Anwar Al-Awlaki’s influence over Major Nidal and Umar Farouk, are indicative of the power and reach of the Internet. This is a front on which other security threats have also developed, and taken on new forms. Here, I speak of cyber espionage. Our heavy reliance on IT for the functioning of Government opens up vulnerabilities that could be exploited by hostile elements.
Cyber espionage per se is not new, but there has been a marked increase in sophistication and incidents in recent times. It is estimated that there have been more than 50 major cyber attacks against government entities, and defence and high technology companies worldwide since 2006.
Moreover, the attacks have become increasingly sophisticated. In the cyber world, these new forms of attack are known as Advanced Persistent Threat or APT in short. APT is a sophisticated and organised cyber attack to compromise computer networks, and then to access and steal the information within on a long-term basis. These attacks are not carried by the mass-produced viruses and Trojans we are used to seeing in the past, but each APT malware is unique and specially customised for a specific target. The attacker patiently sniffs out the target network and computers, including their architecture and defences, and then designs specific malwares which can circumvent the security measures. The attacker embeds the various malwares widely and deeply into the victim network, gradually compromising more servers and user machines. This allows him to have widespread access to contents and information stored in the network. Furthermore, the attacks do not come with only one or two backdoors. They come in a handful such that if one gap is identified and patched by the defender, there would still be others to provide re-entry for the attacker, who can come and go into the system almost at will.
What is worrying is that these specially designed malwares cannot be detected simply by scanning with traditional anti-virus software. As they are unique, highly customized and exploit zero-day gaps, intrusion detection systems and firewalls are also inadequate.
The emergence of APTs has therefore the potential to overrun traditional cyber defences. A good example is the discovery of GhostNet cyber espionage activities in March 2009. GhostNet targeted over 1000 computers in more than 100 countries, and successfully infiltrated systems belonging to embassies, foreign affairs ministries and other government offices.
A classic means by which an organisation gets infiltrated in the first place is via social engineering. The technique involves masquerading the attacker’s malware delivery as legitimate by spoofing the email as coming from a trusted source, or by enticing the recipient to open file attachments or web-links that purportedly host content of direct relevance and interest to the target. An APT social engineering attack is often successful because the attacker has made efforts to understand the target, especially his contacts and areas of interest.
Unfortunately, in this day and age when there are high expectations that government officers will read every email sent to him, we are highly susceptible to social engineering attacks. We will have to be more discerning when accessing the emails we receive. But this may not be enough. We should also review our IT architecture and IT security policies and measures, to try to make our systems more robust and resilient to APT attacks.
My concern is not only about leakage of sensitive information which compromises national interests. Of greater worry is that APT attacks can also implant destructive malwares in the victim network, to be activated, for example, in times of tension and conflict. Such attacks can cause widespread disruption and damage if the malwares crash the Government’s email network, or critical infrastructures like air control systems and power generation and distribution systems. The consequences would be devastating.
Rising Potential: Religious Friction
With more people having access to the Internet, it has become a convenient and popular platform for individuals to vent their religious hatred and abuse recklessly.
In particular, there is a dangerous tendency among some people to shrug off their social responsibilities when emboldened by the cloak of anonymity of the Internet. They make insensitive, and at times inflammatory and incendiary, postings that denigrate other races and religions. The speed and global reach of the new media technologies mean that such postings are rapidly and repeatedly propagated through multiple websites and social media networks like Facebook and YouTube. These days, public complaints against religiously offensive websites and net discussions are commonplace.
Sometimes, such cyber conflicts can spiral out of control, and spill over into the physical world. As we have seen earlier this year in the incidents of the offensive Facebook postings and Youtube clips, it can easily become another source of inter-religious friction and tension. This increasing potential for friction is compounded by growing religiosity amongst Singaporeans, and accompanying it, growing religious assertiveness.
What is of particular security concern is when religiosity manifests itself in a highly public and assertive manner in a multireligious setting like Singapore, with all our attendant sensitivities. One example is the increase in proselytisation activities. Although the right to propagate one’s faith is enshrined in our Constitution, it becomes problematic when followers become over-zealous and selfrighteous in their missionary activities, and carry them out in an aggressive and insensitive manner, disregarding the feelings of other religions. Unlike previously, devotees of the different faiths today appear to be less tolerant over perceived slights to their religion, and are more ready to retaliate.
The rise in religious assertiveness is also seen in religious groups becoming more vocal and articulate in making their views in public. Some public policies and issues will pose dilemmas for some faiths, and we can expect them to speak up. This development is not a security problem per se. However, there could be flash-points when groups go too far in advocating their cause and make unfounded allegations, whip up the emotions of their followers, or mobilise them. In doing so, they could heighten tensions between the religious community and the State.
Religious groups are also becoming more visible in the public sphere. Religious worship is no longer confined to traditional places of worship such as churches, mosques and temples. The success charismatic churches have had in organising mega-sermons outside purpose-built church buildings have inspired other religious groups to organise similar large-scale worship events at commercial venues such as shopping centres and exhibition halls. Recently, there has also been discussion about the involvement of religions in business. These trends are of concern to Singaporeans as they are seen to be a further encroachment of religion into the common space.
The solution is not to roll-back religion in our society. Singaporeans must be free to practise their faith. However, the Government must continue to ensure that we maintain a big enough neutral, common space in which our different communities can engage in public life and with one another free from religious considerations and sensitivities. We have to find the right balance; we cannot have unbridled freedom of religion, at the expense of nation building and social cohesion; to the extent that it foments divisiveness amongst our people. We will continue to refine our policies to ensure this.
Now and then, this delicate balance will be upset by illconsidered remarks and actions by some groups or individuals. ISD has the responsibility of helping the Government manage the resultant tensions and conflicts in a firm, fair and flexible way. There is no onesize solution. Different responses and measures will have to be deployed according to the circumstances. The bottom line we want to achieve is that we preserve for Singaporeans, for the long term, the social stability and harmony among races and religions that we have enjoyed in the last four decades.
The Road Ahead for ISD
The security terrain in the next 10 years can only grow more complex and challenging. In this regard, investment in technology is important to augment the capabilities of the Department.
Technology, however, is only a tool. Ultimately, it is the men and women like you working in ISD who will make the difference. In intelligence and security work, the most critical success factors are the intelligence officer’s instincts and experience, and his passion, commitment and belief in his work and in the Department’s mission. There will be times when public support, understanding and appreciation for your heavy responsibilities do not appear forthcoming. But you have shown that you will steadfastly soldier on with the quiet stoicism, dedication and professionalism that have become the quintessential hallmark of the Department.
Let me end by congratulating the officers on their well-deserved promotions. I would also like to commend all ISD officers for the hard work they have put in to ensure that Singapore remains a safe, secure and stable place for all of us. Well done.
