MDDI's response to PQ on Legal Proceedings by Agencies Suffered Loss from Crowdstrike

Parliament Sitting on 12 November 2024

QUESTION FOR ORAL ANSWER

*29. Mr Saktiandi Supaat asked the Minister for Digital Development and Information in light of the lawsuit filed by Delta Air Lines against cybersecurity firm CrowdStrike (a) what are the status and expected timelines of the study being done by the Ministry’s internal taskforce that was set up in the aftermath of the 19 July 2024 disruption; and (b) whether any agency which has suffered losses will be initiating or joining in legal proceedings against CrowdStrike.

Answer:

The Ministry’s internal taskforce has completed its study of the incident and distilled lessons, particularly relating to software supply chain risks and patch management. The Cyber Security Agency of Singapore will be issuing advisories on them in due course. The taskforce also identified enhancements to improve incident response when such disruptions occur, and to strengthen the resilience of our Critical Information Infrastructure (CII) and Foundational Digital Infrastructure (FDI). Work by the respective Ministry of Digital Development and Information agencies and other Government stakeholders are underway.

As updated to Parliament previously, the Crowdstrike incident did not significantly affect our CII or FDI. The impact to other entities has also been relatively modest. In any case, it is up to affected entities to decide whether or not to take legal action against Crowdstrike or their intermediaries.

Not all disruptions can be prevented, nor will their impact be equally severe. Nonetheless, it is important to have the plans in place to recover quickly from unexpected disruptions, and to have business continuity plans. I encourage all businesses to step up their efforts by tapping resources such as SingCERT’s advisory on building digital resilience, CSA’s cybersecurity toolkits and cybersecurity roadmaps in Infocomm Media Development Authority’s Industry Digital Plans.