Question: With regard to cyber security, you mentioned yesterday – you revealed the UNC3886, and you also mentioned that the Government does not usually disclose all the cyber attacks because of national security reasons. So why are we readily – why is there a change in position such that we are naming a group for the first time?
Minister: Well, we have named in the past. Maybe not groups, but when incidents occurred, we have made them public. For example, when the health records were stolen, and when Ministry of Foreign Affairs was attacked. So what I said is, we don’t disclose all the incidents. The number of incidents we disclose are far smaller than the actual number of attacks, and we don’t disclose because of national security or public interest reasons. This time round, our assessment was that we can disclose these details. I released very little, very few details. And also, we have confidence as to who the attacker was. So we thought that that is appropriate to disclose.
Question: Mandiant actually linked UNC3886 to China. Are we afraid of some retaliation if we call them out?
Minister: No I think that’s speculative. What Mandiant does is what Mandiant does. As far as the Singapore Government is concerned, we can say we are confident that it is this particular organisation. Who they are linked to, and how they operate, is not something I want to go into.
Question: Any strategic advantage for us in naming them?
Minister: We thought that Singaporeans ought to know where the attack was coming from. Thank you.
