On January 14, 2013, Singapore passed an amendment to the Computer Misuse Act (now renamed the Computer Misuse and Cybersecurity Act), which provided the government with additional authorities to prevent, detect and counter cyber attacks on critical infrastructure. Key aspects of this law include the ability of the government to direct a person or organization to take specific steps – including exercising certain powers under the criminal procedure code -- with respect to preventing, detecting, or countering a cyber threat where the threat relates to certain types of critical infrastructure. Such broad authority could encompass directing companies to conduct “pre-emptive” strikes or other measures prior to the onset of an imminent cyber attack. Importantly, the law confers immunity from any civil or criminal liability resulting from fulfilling an obligation under the law, but also provides for criminal penalties for failing to comply.