Lessons from the SingHealth hacking incident
Share this on

Lessons from the SingHealth hacking incident

PATIENTS who had visited SingHealth’s specialist outpatient clinics and polyclinics between May 1, 2015 and Jul 4 this year have lost critical information to hackers.

The cyberattack, in progress since June this year, managed to acquire personal and clinical information related to 1.5 million Singaporean citizens and residents. Among those affected are the country’s Prime Minister and several other government officials.

The leak, which came to light late on Friday evening, sparked the organisation to send out 700,000 text messages to those affected, with the remaining messages set to go out soon.

SEE ALSO: Vietnam’s new cybersecurity law could further undermine free speech, disrupt businesses

According to local media, “investigations by the Cyber Security Agency of Singapore (CSA) and the Integrated Health Information System (IHIS) confirmed that the attack was a “deliberate, targeted and well-planned cyberattack” and was “not the work of casual hackers or criminal gangs”.

The recent cyberattack on Singapore’s largest group of healthcare institutions, which led to an unprecedented breach of personal data, indicates that no industry is safe from the increasingly targeted nature of cyber attacks.

Cybersecurity needs to be a priority

“Though no single silver bullet can mitigate all the risk, having the ability to detect threats in real time along with adopting a ‘data-centric’ approach can add credible strength to an organisation’s defenses,” Micro Focus President for Asia Pacific and Japan Stephen McNulty told Tech Wire Asia.

In a large and heterogeneous technology environment, such as those within governments and businesses, finding a balance between data security and usability is a complex task.

While the information owners are looking to harness the power of data and develop its usability to drive better outcomes, they must ensure end to end security, which requires data to be secured at rest or when it’s being used across all environments.

2018-07-23T072424Z_1660412799_RC14CBE25600_RTRMADP_3_SINGAPORE-CYBERATTACK

An SMS message sent by SingHealth to clients affected by a cyberattack is seen on a mobile phone in Singapore July 23, 2018. Source: Reuters/Thomas White

It is important for governments and enterprises to build an overall cyber strategy that spans across traditional IT environment, modern application workload and smart devices.

This strategy must encompass identity, data security, application security, advanced security monitoring, and effective incident response.

“Today, information technology delivers incredible capabilities to our society and businesses. The evolution of Smart Cities and its corresponding Internet of Things (IoT) devices will certainly bring value and significantly improve citizens’ quality of life,” added McNulty.

However, this also means that as hackers and cyberattacks become more sophisticated, we must do more to protect what matters most – the data.

Evaluate, understand, and secure your data

Ultimately, data-centric security is the key enabler for unleashing the business potential, and its importance should never be overlooked.

With so much at stake and data driving information-driven companies, there are a lot of resources placed in protecting live data. However, this sometimes comes at the cost of neglecting data that might be considered at first glance to be “offline”.

These include backup and archives, as well as secondary storage data that, while not always forming part of online systems, are still used by businesses for insight and analysis.

SEE ALSO: Thailand ranked 5th highest risk for cybersecurity threats in Asia

“Businesses should not fall into the trap of thinking that offline system data is safe – they still require proper control and audit, a comprehensive protection approach to ensure only authorised access, Commvault’s Director Systems Engineering Gary Lim told Tech Wire Asia.

In fact, 70 percent of data are secondary data but most businesses are only investing in protecting primary, or live, data.

A simple, complete approach to data protection and management is required to protect data, otherwise the weakest link (secondary data) – whether exploited by attackers or exposed through outages and technical failures – simply shifts to an equally vulnerable entry point.

This article originally appeared on our sister site Tech Wire Asia.