In Parliament yesterday, Minister for Communications and Information S Iswaran spoke about how the SingHealth network’s data breach last month were traits of a “class of sophisticated cyberattackers” who deployed what was known as an “advanced persistent threat” (APT) attack.
He also said that while the attack fit the profile of certain known APT groups, which are typically state-linked, “for national security reasons, we will not be making any specific public attribution”.
The SingHealth data breach took place on July 4 and had accessed personal data and medical records of 1.5 million patients.
During the session, Non-Constituency MP Daniel Goh asked Mr Iswaran if the government would be looking into whether there was any negligence on SingHealth’s part. To this, Mr Iswaran said that the Committee of Inquiry (COI) convened would look into the factors behind the attack as well as what could have been done.
However, he added “I would urge members to refrain from going down the path of allocating blame at this point”.
While a blame game would hardly add any value to on-going investigations by the COI, as Mr Iswaran said, a cyber attack like this “can disrupt essential services and affect public welfare and confidence”. In a time where people seek answers and solutions, a lack of information does nothing to assuage their fears.
Mr Iswaran also added that based on a detailed analysis by Singapore’s Cyber Security Agency (CSA), the SingHealth hackers made use of “advanced and sophisticated tools, including customised malware that was able to evade SingHealth’s anti-virus software and security tools”.
“After establishing a foothold in the network, the attacker took steps to remain in the system undetected before stealing the patients’ information,” he said.
While a report from the COI will be submitted by December 31, not all the information will be accessible to the public.
Chair of the COI former senior district judge Richard Magnus said, “As some aspects of the inquiry have security implications, the COI will decide which part of its hearings can be held in public”.
Discerning netizens were sceptical of Mr Iswaran’s speech, and felt that they were not being told the entirety of the incident.
As for now, many Singaporeans just want answers as to what may come of this data breach, and of the measures taken to minimise the existing damage done. A lack of information only serves to exacerbate worry amongst people.