- Fotolia

Singapore public healthcare sector limits internet use

Healthcare workers who require internet access will have to use separate internet workstations following an unprecedented attack on Singapore’s public healthcare system

Singapore’s public healthcare providers have limited internet use on employees’ computers after an unprecedented attack on the country’s healthcare IT systems.

The move is part of containment and monitoring measures implemented to further protect patient data against emerging forms of cyber threat.

Other measures put in place include additional controls on workstations and servers, reset of user and systems accounts, and installation of additional system monitoring controls on IT systems.

On 20 July, the Singapore government revealed that the non-medical personal details of about 1.5 million patients who had visited SingHealth’s specialist outpatient clinics and polyclinics between 1 May 2015 and 4 July 2018 had been illegally accessed and copied in a deliberate, targeted and well-planned cyber attack.

Data taken included names, national identity card numbers, addresses and dates of birth. Information on the outpatient dispensed medicines of about 160,000 patients was also exfiltrated through an initial breach on a front-end workstation.

Singapore’s ministry of health said the decision to impose what it called internet surfing separation (ISS) would strengthen public healthcare IT systems against evolving cyber security threats and, more importantly, would safeguard the confidentiality of patient data.

“We would like to assure all patients that their safety and care are our priority, and we will work to ensure that these are not compromised as a result of the implementation of ISS and various security measures,” it said.

Singapore’s public healthcare institutions rely on the internet to deliver some services, including reading of diagnostic reports from laboratories, submission and retrieval of results from screening databases, birth and death registration, referrals, video consultation, and payment and claims processing.

The ministry said patients may experience longer waiting times for consultations and to receive test results, as well as delays in checking their MediSave medical savings accounts or making claims.

“The technical teams are also on the ground to address issues that have arisen,” it added. “Interim alternatives are being deployed to departments requiring internet access, including separate shared workstations for connection to the internet where needed for the staff’s work.”

Read more about cyber security in ASEAN

Sid Deshpande, research director at Gartner, stressed the importance of having “defence in depth”, or security controls at various layers of technology infrastructure to mitigate similar cyber threats.

“An equal emphasis needs to be applied on application security, endpoint security, data security, web/email security and identity/access management to prevent or reduce the number of security incidents,” he said. “Preventative approaches need to be supplemented with good detection and response capabilities.

“Attackers usually intend to stay dormant in systems to avoid detection and cause further damage, so the fact that the breach was detected this early actually shows that the security teams in this case were actively monitoring systems to detect incidents.”

Read more on Data breach incident management and recovery

Data Center
Data Management