A lot has been written about Singapore's recent decision to disconnect 100,000 public sector workers' computers from the internet, starting in May 2017. Sneering disbelief from some quarters, cautious approval from others; nobody seems quite sure what to make of it.
Yes, one of the most technologically advanced nations in the world is consciously uncoupling its public sector from the internet. It's almost unprecedented. True, Russia is moving away from computer-based storage to paper and typewriters for some documents, but that's mainly to combat spying. And it's not on the same scale.
There are good reasons for Singapore's big disconnection, since Asian countries suffer a huge number of targeted attacks on their internet infrastructure. Those attacks are increasingly sophisticated in terms of both the technology employed and the psychological profiling of targets. In fact, Singapore's decision is more a question of philosophy than IT security. Actually, there are two questions:
1. Is it possible to completely secure a system that's connected to the internet?
2. If not, what are the potential consequences if such a system is compromised?
The answer to the first question is a resounding no. No operating system is exploit-free. The same applies for any mail client or web browser. Vulnerabilities may not be widely known yet, but they exist and will be discovered. In this respect, the internet is broken. Switch off your system's security updates if you disagree.
More importantly, even if it were possible to write bug-free, internet-connected software – which it isn't – there's still the problem of the user. Humans are increasingly the weakest link in the chain. So much is now known about psychological vulnerabilities that the majority of successful hacking attempts are achieved due to human failings, whether that's poor passwords, link-clicking or cleverly targeted spear-phishing.
To use an old analogy, the most dangerous component of any vehicle is the nut that holds the steering wheel. Users may not be nuts, but they are often naive about the sophistication of online attackers, and no amount of training will fix that.
Now to the second question. Before government records were computerised, everything was paper-based. Any 'hacker' who got through the security doors would have had trouble stealing more than a dozen citizens' records, unless they had a seriously large trench-coat under which to secrete the musty paper folders. But today an entire population's database – containing medical records, ID information, criminal records and countless other details – can be siphoned off undetected in the time it takes you to read this article.
Any risk analysis has to take into account consequences as well as probability. In Singapore's case the risk is non-zero and the consequences are potentially calamitous. So by disconnecting 100,000 public sector workers' computers from the internet, Singapore is removing – or at least reducing – 100,000 potential threat vectors that could result in a catastrophic breach of citizens' private information, or worse.
Inevitably, this move will make some aspects of life more difficult. Although there will be separate internet-connected machines for employees to access the outside world, this will increase staff workload. But there will be benefits too, above and beyond the security aspect:
- Email can be a productivity sink, the internet in general even more so. Expect higher productivity and probably better customer service. Sure, there's a tier of society used to interacting with government workers online, but those people may just have to pick up the phone instead, or write a letter.
- IT support costs should drop. One of the most time-consuming aspects of maintaining a network of computers is the constant updating required to maintain security, or at least the fig-leaf of security. Remove internet access and that massive headache goes away.
- Then there's the huge saving on IT consultants with four-figure day rates. They'll be forced to find more gullible governments to which they sell their “Connect and centralise everything!” snake oil.
Some pundits have commented that this decision won't make the Singapore systems completely secure. Of course it won't. No computer can ever be completely secure, unless you encase it in concrete and sink it in the ocean. But references to the Stuxnet worm propagating via USB stick are not hugely helpful here. Even USB ports can be disabled – with epoxy resin if necessary.
It won't be the end of the world for Singaporeans and their government. Fifteen years ago few government computers were connected to the internet anyway, and people got by. It will be inconvenient and there will be an awkward transition period, and then it'll be business as usual.
This move won't make Singapore's government computers completely secure. But it will make them more secure. Singapore may be the first government to take this apparently drastic step, but it's unlikely to be the last.