BillionPhotos.com - Fotolia
Singapore’s public healthcare providers have limited internet use on employees’ computers after an unprecedented attack on the country’s healthcare IT systems.
The move is part of containment and monitoring measures implemented to further protect patient data against emerging forms of cyber threat.
Other measures put in place include additional controls on workstations and servers, reset of user and systems accounts, and installation of additional system monitoring controls on IT systems.
On 20 July, the Singapore government revealed that the non-medical personal details of about 1.5 million patients who had visited SingHealth’s specialist outpatient clinics and polyclinics between 1 May 2015 and 4 July 2018 had been illegally accessed and copied in a deliberate, targeted and well-planned cyber attack.
Data taken included names, national identity card numbers, addresses and dates of birth. Information on the outpatient dispensed medicines of about 160,000 patients was also exfiltrated through an initial breach on a front-end workstation.
Singapore’s ministry of health said the decision to impose what it called internet surfing separation (ISS) would strengthen public healthcare IT systems against evolving cyber security threats and, more importantly, would safeguard the confidentiality of patient data.
“We would like to assure all patients that their safety and care are our priority, and we will work to ensure that these are not compromised as a result of the implementation of ISS and various security measures,” it said.
Singapore’s public healthcare institutions rely on the internet to deliver some services, including reading of diagnostic reports from laboratories, submission and retrieval of results from screening databases, birth and death registration, referrals, video consultation, and payment and claims processing.
The ministry said patients may experience longer waiting times for consultations and to receive test results, as well as delays in checking their MediSave medical savings accounts or making claims.
“The technical teams are also on the ground to address issues that have arisen,” it added. “Interim alternatives are being deployed to departments requiring internet access, including separate shared workstations for connection to the internet where needed for the staff’s work.”
Read more about cyber security in ASEAN
- Singapore was a victim of advanced persistent threats, phishing and website defacements in 2017, according to the latest threat landscape report by the Cyber Security Agency.
- Grab, a Southeast Asian ride-hailing company, prefers detective controls rather than preventive ones to deter cyber threats – an approach it claims is less intrusive and costly to implement.
- The personal data of more than 46 million mobile phone users in Malaysia was reportedly leaked online in possibly the biggest data breach in the Southeast Asian country.
- Cyber resilience remains low across ASEAN, a regional economic powerhouse that is increasingly susceptible to cyber threats as its digital economy grows.
Sid Deshpande, research director at Gartner, stressed the importance of having “defence in depth”, or security controls at various layers of technology infrastructure to mitigate similar cyber threats.
“An equal emphasis needs to be applied on application security, endpoint security, data security, web/email security and identity/access management to prevent or reduce the number of security incidents,” he said. “Preventative approaches need to be supplemented with good detection and response capabilities.
“Attackers usually intend to stay dormant in systems to avoid detection and cause further damage, so the fact that the breach was detected this early actually shows that the security teams in this case were actively monitoring systems to detect incidents.”