Last Friday, consumers were notified of a breach that had occurred in the SingHealth system. The major cyberattack on 4 July infiltrated the SingHealth database containing over 1.5 million patient personal particulars and outpatient dispensed medicines.
According to a joint press release from the Ministry of Communications and Information and Ministry of Health, information on approximately 160,000 outpatient dispensed medicines were retrieved. However, it was not tampered with. Currently, SingHealth has also taken measures to create a temporary surfing network for its staff to work on and other public healthcare institutions will be taking the action as well. The statement added that no financial data, medical records and personal data of patients were accessed and it has taken measures to notify all patients along with an apology.
The release also added that the main target of this cyberattack was Prime Minister Lee Hsien Loong as his personal information on his medical history was “repeatedly” accessed. This led to the Prime Minister taking to Facebook to acknowledge the breach of data and said that he willingly allowed his personal records to be kept in the SingHealth database.
PM Lee also added that he was confident of the digitalisation agenda for Smart Nation, despite the breach.
Commenting on the measures that government has taken so far, Ryan Lim, founder of QED Consulting said that this will not have a major effect on the overall SmartNation agenda on the strategic level. He added that the government, however, came across as one which was prepared for such breaches and had certain measures in place.
Lim said that there was also no “possible” way to anticipate all scenarios in advance, but the government as a defender of the hack, needs far more resources than the hacker, put in place.
Eric Hoh, president of Asia Pacific at FireEye said that many businesses and governments in Southeast Asia face cyber threats, but few recognise the scale of the risks they pose. He added that the government disclosing the breach "should be commended".
It’s not easy, and many organisations decline to disclose breaches.
"Singapore ranks among the leaders in cyber security, and we would like to see more governments follow its lead in disclosing breaches. Disclosure enables other organisations to take steps to improve their defenses against similar attacks," he added.
Investigations conducted last year by FireEye, showed that Asia Pacific organisations were breached for a median of 498 days before they even detected the intruder. Against those metrics, this is a relatively fast response [for Singapore].
“I haven’t found a government which has put more time into thinking about cyber security than Singapore. As we all increasingly rely on technology, we become more vulnerable to those who would exploit it. Singapore’s leadership understands this, takes the threat seriously and has a robust security strategy in place," he said.
How we can better safeguard against breaches
Hoh said that it is important that business and governments work together to improve the collective security so that when breaches do occur, consequences can be minimised. Moreover, there are no quick fixes to the cyber security challenge, and breaches are inevitable.
In cyber security, attackers almost always have the advantage. They only need to succeed once to gain a foothold, and when they can’t be detected and stopped before they complete their mission, we need to go back and assess how they succeeded and evaluate the security strategy.
Organisations must ensure their defenses can match the threats they face.
He explained that health records contain information that is valuable to governments and they are often targeted by nation-state threat actors. Nation-states increasingly collect intelligence through cyber espionage operations which exploit the very technology we rely upon in our daily lives. "A cyber espionage threat actor could leverage disclosure of sensitive health information, or financial health related vulnerabilities to coerce an individual in position of interest to conduct espionage," he added.