Last Friday (20 July), more than 1.5 million people have had their medical records stolen in the worst cyber attack in Singapore’s history.
Hackers stole prescription records from more 160,000 people, including Prime Minister Lee Hsien Loong.
Investigations by the Cyber Security Agency of Singapore (CSA) and the Integrated Health Information System (IHiS) confirmed that this was a “deliberate, targeted and well-planned cyber attack”, and not the work of casual hackers or criminal gangs.
Authorities are now working to track down those who are responsible for the attack.
Say is like that say lah, but surely somebody has to be responsible for it right? So if I want to blame somebody, who can I blame?
You say or they say all no use, let the cyber security expert Southeast Asia Director for Mandiant, Steven D’sa tell us. In case you didn’t know, Mandiant is a prominent cyber security firm hailing from the United States.
In case you’re running low on data and don’t want to play the video, here’s a Singlish version of the interview:
1) Now our healthcare data kena stolen leh. How ah? Like that got more jialat than having our credit card data or social security system data stolen a not?
Steven D’sa: If the data that has been stolen are used for criminal acts then siao liao lor. But considering this is likely a nation-state threat, this cyber attack is more like an intelligence-gathering exercise (means gather information first then see how).
2) So is it they hack the healthcare database because they cannot find the financial system or the credit card data of other groups or companies ah?
Steven D’sa: Healthcare data, as compared to the financial or defence data, is more interesting to know and may have a lesser adoption of security measures.
3) Like that is it Singapore’s information technology system lousy?
Steven D’sa: No lah, it’s not because Singapore’s information technology system lousy in this case, but the attackers too persistent in trying to get through the infrastructure liao. Very hard to siam and avoid this kind of attack one lah.
4) Isn’t Singapore a Smart Nation, not supposed to be very technology savvy one meh? How can this happen?
Steven D’sa: Singapore is definitely technology-leading. In fact, the Gahmen take very fast action on this breach liao hor. At least they identified it and they disclosed it.
5) But only after two weeks wor?
Steven D’sa: Last time, I’d investigated in the cyber-attacks in the Asia-Pacific before, there are cases in which organizations don’t even know that their system kena attacked, until about 500 days later. And they needed a few weeks after that to remove the threat actors from the environment. You think very easy ah?
6) Is it Singapore’s healthcare database got problem since the software system too cheem and too luan liao because they all come from different vendors?
Steven D’sa: This one is very common lah. If you see any other business out there, they also use a wide range of different products together mah. Many different brands, different systems and different vendors also. Means hor, if this can happen to healthcare, it may also happen to other different types of environment one.
So hor, actually cyber attacks are not uncommon. It is happening all the time all over the world, not just in Singapore. If really you want to blame, blame the attacker lor.
If you’d like to contribute your story to us, drop us an email at editors@sureboh.sg and we’ll review it. We read each submission that comes to us within two weeks of receiving it.
