How To Be Cyber-Prepared After SingHealth Recent Database Attack

How To Be Cyber-Prepared After SingHealth Recent Database Attack

Health Minister Gan Kim Yong and Minister for Communications and Information S. Iswaran both described recent SingHealth’s attack was the most serious personal data breach in Singapore’s history (Tham, 2018).

Reported by Channel News Asia, it is known that personal data of 1.5 million patients who visited SingHealth’s clinics or polyclinics between May 1, 2015 to July 4, 2018 were copied and 160,000 of their medical records accessed before the database admin detected the unusual activity (Kwang, 2018).

On July 10, Integrated Health Information System (IHiS) confirmed that data had been stolen between June 27 to July 4, 2018. Cyber Security Agency of Singapore (CSA) established the fact that the attackers first gained access through a breach on a particular front-end workstation and from there, they managed to get credentials to access the database. This accident shows us that no one can really escape the threat of cyberattack.  We all have the same potential to become victims of cyberattack as the IT landscape is always evolving and what organizations should do today is to be more proactive in building up their own network and cybersecurity resilience.

Minister for Communications and Information, S. Iswaran on SingHealth cyberattack said that we cannot allow and must not allow this incident or any others like it to derail our plans for a Smart Nation (Yong & Tham, 2018).

“We must adapt ourselves to operate effectively, and securely in the digital age. So that we can deliver better public services, enhance the economic competitiveness and create jobs and opportunities for Singaporeans,” added S. Iswaran on the news conference.

A data breach is a serious issue everywhere.  This accident could be a nightmare in daylight for a business owner. Because when your security is compromised, this could cripple your business, costing you thousands or millions of dollars and having bad exposure to your brand image and reputation.

The next question is that what we should do to prevent this thing from happening again?

The key to deal with cyberattacks is not the chance or warranty that they won’t attack you in the first place and try to get into your system. The key is to be prepared when they do try to attack you. When you build up your network and cybersecurity resilience through the adoption of cybersecurity tools or services to mitigate such threats, on different levels, for example, ISP level, Network / Server and End Points, you can respond quickly and effectively when the attacker is trying to attack your system.

What are the best solution that our Cyber Security experts here at Netpluz can offer you to be cyber-ready after learning from the recent SingHealth’s database server attack?

The 4 Levels of End-to-end Cyber Security Protection by Netpluz

ISP Level Network Defense

• DDoS Mitigation and Web Application Firewall (WAF)
• DDoS Mitigation (Internet Clean Pipe)  – A total solution to protect your company’s infrastructure from malicious traffic and DDoS attacks. More specifically, Netpluz Internet Clean Pipe, powered by Nexusguard, prevents flooding or volumetric attacks that abuse the weaknesses in various communications protocols, including TCP, UDP, ICMP, FTP, and SIP.
• Web Application Firewall (WAF) – this can protect a server from cross-site scripting, SQL injection attacks. By preventing the injection of SQL queries, the WAF can help keep sensitive information stored on the database away from snooping eyes.

On Premise Network Perimeter Defense

• Firewall –  All the advanced networking, protection, user, and app controls you need to stay secure and compliant.

On Premise Server Perimeter Defense

• Server Protection Software installed on the server – to help prevent an attacker from taking advantage of the common hacking techniques and persistent hacking attempts. Netpluz recommends SOPHOS Server Advanced Protect.

End-point Protection

• Endpoint protection – For those who have access to the database server- end-user machines. This is to help detection of malware be installed on the machines that can potentially gather information on what users are accessing (ie. Database server). Also, to prevent ransomware to spread across the network. Netpluz recommends SOPHOS Advanced Protection + Intercept X.

Some Useful Tips & Tools :

• Email Phishing Simulation Tool– To educate and create security awareness to the largest attack surface – the end-users, on what a phishing email looks like and be trained to spot a legit email and URL links. People are the #1 weakness, from a security perspective, in any organisation.
• Keep Patches updated– make sure all software’s are up-to-date and security patches too, this is to fix those known vulnerabilities that can be exploited by attackers.
• Do not use shared server – if your database store sensitive data, you should have your own dedicated server instead of getting a hosting provider to host your data. You can opt to do it but make sure you review with the hosting provider their security policies and what will be their responsibilities in the event that your data been compromised.

Source :

• Kwang, Kevin. (2018, July 20). News. Singapore health system hit by ‘most serious breach of personal data’ in cyberattack; PM Lee’s data targeted. Retrieved July 24, 2018 from https://www.channelnewsasia.com/news/singapore/singhealth-health-system-hit-serious-cyberattack-pm-lee-target-10548318
• Yong, Jeremy Au & Tham, Irene. (2018, July 21). Info on 1.5m SingHealth Patients Stolen In Worst Cyber Attack.Retrieved July 24, 2018 from https://www.straitstimes.com/singapore/info-on-15m-singhealth-patients-stolen-in-worst-cyber-attack
• Tham, Irene. (2018, July 20). Personal Info of 1.5m SingHealth Patients, Including PM Lee, Stolen In Singapore’s Worst cyberattack. Retrieved July 26, 2018 from https://www.straitstimes.com/singapore/personal-info-of-15m-singhealth-patients-including-pm-lee-stolen-in-singapores-most