A breach in an internet-connected system at the Singapore Ministry of Defence (MINDEF) has resulted in a loss of 850 national servicemen and staffs' personal data, including telephone numbers and dates of birth. The cyber attack took place earlier this month and MINDEF believes it was a "targeted and carefully planned" attack. Fortunately, no classified military data were stolen.
According to reports, breach happened in MINDEF's I-net system, which provides internet access to employees for their personal communications via thousands of dedicated computer terminals in the ministry, as well as in Singapore Armed Forces (SAF) camps and premises. As for classified military information, they are stored on a separate system with more tight security.
After the breach, the affected server was disconnected and an immediate forensic investigation was ordered on the entire I-net system, MINDEF said.
After the initial investigation, it was revealed that the attack originated online and not from an SAF camp. The officers also believe that the miscreants wanted to get access to official secrets. "The attacks were targeted and well-planned. Based on our investigations, they are not the work of casual hackers or criminal gangs," said MINDEF's Deputy Secretary for Technology David Koh, as reported by Channel News Asia.
MINDEF also said it has asked CSA and the Government Technology Agency of Singapore to stay alert and investigate other government systems that any other attempts of breaching can be avoided. As a precautionary measure, all computer systems in MINDEF and SAF will be thoroughly checked.
Meanwhile, the ministry said that the affected persons will be assisted. The national servicemen and employees, who had their data stolen, will be advised to change their passwords and to report any unusual activity. A special helpdesk will be set up for them, added MINDEF.
MINDEF also said that the breach was not announced earlier because it needed time to understand the extent of the breach and maintain operational security while the investigations were going on.
"It's no secret that government agencies, including MINDEF, are prime targets, and we are under constant cyberattack. Because of this we need to continually be vigilant and improve our cyber defences so that we remain resilient against cyberattacks," said Mr Koh, as reported
This is the first time that security of the MINDEF was threatened. In 2014, Foreign Affairs Ministry's IT system was hacked and in 2013, Prime Minister's office website was hacked.
