The group behind a cyber-intrusion in Singapore has been identified. The Singapore government revealed that a discreet virtual group stole sensitive data from a number of public agencies and international companies operating within the city.
According to Symantec, one of the world’s IT security firms, the unit is known as Whitefly and it has been hacking into corporations since 2017.
Brian Fletcher, the Director of Government Affairs for Australia-Pacific, Singapore, Japan and Korea, has pointed out that Whitefly is comprised of between five and 20 individuals.
Considering that the group is fully-equipped, he has also added the possibility of the outfit being state-sponsored although he refused to identify the suspected entity behind it.
It has been discovered that Whitefly utilized a combination of hacking materials which are both custom-set and commercially available.
Among the instruments used is the Mimikatz which is usually tapped to assess weakness within a company’s security domains. The penetration process is repetitive as more machines and more data will continuously be intruded until the desired targets are met.
Considering that Whitefly invades the network and accumulates huge amounts of information, it is highly likely that the unit is not a typical criminal syndicate. Based on its approach, it is a well-supported espionage team.
- Iswaran, Singapore’s Minister for Communications and Information, has corroborated the findings of Fletcher and Symantec based on the way Singhealth was cyber attacked. Advanced software including a customized malware has been utilized to evade the agency’s virtual security. Once the intrusion is completed, the hackers remain in place for a considerable period of time.
Meanwhile, Symantec has also stated that SingHealth is not the only government institution that was hacked.
Other healthcare firms and companies in the field of telecommunications, media and engineering have also been attacked. Some of the notable data captured belongs to Prime Minister Lee Hsien Loong.
Fletcher has cautioned that Whitefly will sustain its hacking efforts. It is likely that the unit has re-tooled its cyber-intruding approach going forward.