Late in the night of 7 November 2013, Mr Ng was on duty when a change on his computer screen caught his attention.
A Consultant with IDA’s Infocomm Security Group (ISEG), Mr Ng, 31, stared hard. Was it a cyber-attack? If so, it was a bold one; the hacker had chosen the Prime Minister’s Office (PMO) as a target. Shortly after midnight, a mocking message appeared on the site. Next to it was an image of the Guy Fawkes mask, a symbol of anti-establishment sentiment worldwide.
The hacker had inserted codes via the website's Google search function, using a technique known as cross-site scripting. Mr Ng worked swiftly to investigate and contain the cyber threat situation. He then proceeded to call PMO’s website managers.“Hello,” he said. “Sorry to call you at this late hour but…”
Securing Singapore’s Infocomm infrastructure is a team effort. ISEG works round infocomm systems, a network that includes more than1,600 government e-services. Through the clock to safeguard public infocomm systems, a network that includes more than1,600 government e-services. Through the wee hours, Mr Ng alerted various agencies that he suspected might be affected by the cyber-attack. ISEG also began an investigation, putting in extra shifts to mitigate the hacking. The attack was finally traced to a lone hacker who was convicted in January 2015 under the Computer Misuse and Cyber-security Act.
As a boy, Mr Ng was thrilled to receive his first personal computer. Technology became his interest: he studied multimedia in polytechnic and computer science at university. Now, at ISEG, Mr Ng helps secure Singapore’s cyber environment. “It’s gratifying work,” he explains. “We protect our systems and, in this way, help those who use them.”
Ultimately, nothing beats on-the-job training and the guidance of supervisors, and Mr Ng is grateful to have found a generous mentor in Mr Edwin Chan, Principal Consultant at ISEG. A pillar of calm, Mr Chan, 44, joined the National Computer Board in 1998. It was as a public officer that he discovered his passion for cyber-security.
“Our job is to help secure the websites and e-services that Singaporeans access daily,” he says. “For example, online buying and banking are here to stay, and people want to be able to transact on the web without worry. That’s our service to the public: keeping the complex technological landscape safe for all of us.”
Working from a dedicated control center at IDA, ISEG holds the fort for government systems against a constantly evolving cyber-threat landscape, with attacks becoming more targeted and sophisticated. “It’s challenging because of the pervasiveness of online attacks,” says Mr Chan. “We search for clues, piece them together and find the root cause of problems. That’s the rewarding part of our work: discovering exactly how an attack happened, and how we can stop it from creating a major disruption.”
According to Mr Chan, a good Infocomm security professional should possess passion and a sharp mind. “You must be excited about dealing with problems and threats – to see them as challenges – and to work fast and systematically on them,” he says.
Mr Ng adds other qualities to the list: “Fast, firm and fearless,” he says. “When we work with data, we have to make sure it is absolutely correct. This also applies to how we work with fellow officers, stakeholders, and the public.”