Minister: Singapore cyber attack may be state-linked

The biggest ever cyberattack to hit Singapore was carried out by highly sophisticated hackers typically linked to foreign governments, a cabinet minister said Monday, but did not give names.

Hackers broke into a government database and stole the health records of 1.5 million Singaporeans, including Prime Minister Lee Hsien Loong who was specifically targeted in the “unprecedented” hack, the government has said.

“We have done a detailed analysis of this attack and have determined that it is the work of an advanced persistent threat (APT) group,” Minister for Communications and Information S. Iswaran said on Monday.

READ MORE: With hacking of US utilities, Russia could move from cyberespionage toward cyberwar

“This refers to a class of sophisticated cyber attackers typically state-linked who conduct extended, carefully planned cyber campaigns to steal information or disrupt operations,” he told parliament, which discussed the issue.

Iswaran said the APT group “was persistent in its efforts to penetrate and anchor itself on the network, bypass the security measures and illegally access and exfiltrate data”.

While the attack fitted the profile of “certain known APT groups”, Iswaran said he would not publicly give any names for reasons of national security.

Hackers used a computer infected with malware to gain access to the database between June 27 and July 4 before administrators spotted “unusual activity”, authorities have said.

The compromised data includes personal information and medication dispensed to patients, but medical records and clinical notes have not been affected, according to the authorities.

Security experts had also earlier pointed to state-actors as the likely culprit, citing the scale and sophistication of the hack.

Healthcare data is of particular interest to hackers because it can be used to blackmail people in positions of power, Jeff Middleton, chief executive of cybersecurity consultancy Lantium, told AFP last month.

Medical information, like personal data, can also be easily monetised on criminal forums, said Sanjay Aurora, Asia Pacific managing director of Darktrace, a cyber security firm.

READ MORE: Liberty clients urged to change all banking passwords amid inside-job rumours

Iswaran, who is also the minister in charge of cyber security, has convened a committee of inquiry to look into the hack.

“We will do our utmost to strengthen our cyber security. But it is impossible to completely eliminate the risk of another cyber attack,” he said.

“This is an ongoing battle with potential cyber attackers who are constantly developing their capabilities and seeking out new vulnerabilities.”

Iswaran said the attack will not derail the affluent and highly-wired city-state’s ambitions to become a “smart nation” through the extensive use of technology in daily activities and transactions. — AFP

We make it make sense

If this story helped you navigate your world, subscribe to the M&G today for just R30 for the first three months

Subscribers get access to all our best journalism, subscriber-only newsletters, events and a weekly cryptic crossword.”

Agency
External source

Related stories

WELCOME TO YOUR M&G

Already a subscriber? Sign in here

Advertising

Latest stories

Links between colleges, industry vital

Weak partnerships with industry and poor curriculum choices are among the factors driving unemployment among graduates

‘South Africa on a path to unjust transition’

The country needs a greener economy but energy specialists say policymakers must ensure the creation of a fairer economy in the process

Whistleblower helps SIU in diamonds corruption raid

The SIU alleges fraud and graft in state mining company's procurement

SA Mint launches rhino coin

The coins are produced in limited quantities ranging from 500 to 2 000, depending on the demand
Advertising

press releases

Loading latest Press Releases…
×