MINDEF: Hosts not obliged to provide secure comms for international events

SINGAPORE: Countries hosting international events and conferences are generally not expected to provide secure means of communication, said Senior Minister of State for Defence Heng Chee How on Tuesday (2 April).

He emphasized that foreign guests typically arrange their own secure methods for transmitting sensitive information, and urged everyone to practice cyber hygiene and take necessary precautions when such sensitive data.

These precautions may involve using encryption hardware or software, commercially secured lines, or those provided by embassies.

Mr Heng also noted that officials from the Ministry of Defence (MINDEF) and the Singapore Armed Forces (SAF) adhere to similar practices when participating in meetings abroad.

“Even if a host country is to offer such means (of secured communications), it is questionable whether foreign participants are comfortable using it,” said Mr Heng.

Mr Heng was responding to a parliamentary question (PQ) filed by Mr Yip Hon Weng, PAP MP for Yio Chu Kang SMC during the Tuesday Parliamentary sitting.

Mr Yip asked the MINDEF given the recent incident where a private military conference call in a Singapore hotel was being intercepted, whether the Singapore Government is investigating the incident to identify and address specific vulnerabilities in our telecommunications infrastructure.

Mr Yip also asked the Minister whether there are measures in place to safeguard the security of communications lines originating from Singapore, especially during international meetings and military events which involve high-level foreign dignitaries.

In February, German Air Forces faced scandal following Russia’s state-run media outlet Russia Today (RT) disclosed details of a 38-minute audio call involving senior German officers regarding the potential deployment of Taurus cruise missiles to Ukraine

One of the officials on the call was reportedly a general who stayed at a Singapore hotel during the biennial Singapore Airshow, held from 20 to 25 February.

German Defence Minister Boris Pistorius revealed that Russia intercepted the audio containing sensitive information from a German military officer who inadvertently logged in through an insecure line from a hotel room in Singapore.

Mr Heng asserted that participants in international events and conferences, including military personnel and government leaders, do not expect the host country to provide secured means of communications, as these are typically arranged by the participants themselves.

Mr Yip then asked about the potential impact of this incident on Singapore’s reputation for international military and defense-related discussions like the Shangri-La Dialogue, and whether the ministry is proactively conducting vulnerability assessments on our telecommunications infrastructure

In response, Mr Heng clarified the difference between sensitive conferences and general communications used by visitors to Singapore.

Mr. Heng underscored the importance of visitors taking personal responsibility for their cybersecurity by employing encryption hardware and software.

“we will also encourage everybody to practice cyber hygiene and take care when using, for example, open Wi-Fi access, ” Mr Heng added.

“For Mindef and SAF, we take a proactive approach to cybersecurity when we are involved in high signature events inclusive of those involving high-level foreign dignitaries, and we work closely with event organisers who remain accountable for the overall cybersecurity of these events,” Mr Heng told the House.

“If vulnerabilities are uncovered through these checks, event organisers would be required to resolve them prior to the event.”

“Mindef and SAF, however, does not cover the cybersecurity of foreign militaries’ internal (and) unilateral virtual meetings, which is outside the scope of these events,” said Mr Heng.