Singapore Health Hack Carried Out By State-linked Group

The government of Singapore has said that the worst cyber attack in its history was likely carried out by a state-linked group.

This is the conclusion of the government’s communications minister, who on Monday was quoted by Reuters as saying a nation state was likely responsible, whilst he was speaking in Parliament.

His comment came after the major cyberattack against the Singapore government last month, which resulted in the theft of the personal data belonging to 1.5 million people.

Health hack

The attack against Singapore’s government health database, also saw the medical records of Prime Minister Lee Hsien Loong stolen.

But now speaking in parliament on Monday, S. Iswaran said the government would not disclose the attackers’ identity for security reasons but had determined the attack was the work of an ‘Advanced Persistent Threat’ group, which is typically state-linked.

“This (APT) refers to a class of sophisticated cyber attackers, typically state-linked, who conduct extended, carefully planned cyber campaigns, to steal information or disrupt operations,” Iswaran, Singapore’s minister for communications and information, was quoted by Reuters as saying.

Iswaran said government agencies had a high level of confidence in the identity of the attackers but not enough evidence to take legal action.

Meanwhile the health minister Gan Kim Yong said that the attackers had made efforts to remove their tracks, making investigations harder, and that they could strike again.

“Despite our security measures, the attackers had been very patient, very persistent and very resourceful,” said Gan.

“With advanced hacking tools, they eventually succeeded… We take this seriously as there’s no reason to believe that they will not try again with even more advanced tools.”

The Singapore health ministry has hired PricewaterhouseCoopers (PWC) and the Cyber Security Agency of Singapore to identify vulnerabilities in their systems and plug any holes to try and prevent a repeat, Gan added.

This is not the first time that Singapore has been targetted.

In February 2017 Singapore’s Ministry of Defence, said basic personal information on 850 national servicemen and staff had been stolen from an Internet-facing network, in what it called a “targeted and carefully planned” attack.

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago