SingHealth, HSA and now Singapore Red Cross: Cyber experts explain how hackers do it


After Singapore Red Cross (SRC) announced on Thursday, May 16, that hackers attacked a part of its website that affected personal data of more than 4,000 people, cybersecurity experts explained the scenario and clarified how and why the data breach happened.

In 2018 anonymous hackers attacked SingHealth between June and July that affected 1.5 million SingHealth patients' records. This year, in April Health Sciences Authority's (HSA), Secur Solutions Group (SSG), which was accused of mishandling the data of more than 800,000 blood donors, stated that the information, including names and NRIC numbers which were revealed online, was accessed illegally and probably extracted.

After the cyber attack on SRC came under the spotlight, Tom Kellermann, the Chief Cybersecurity Officer at Carbon Black mentioned that this is yet another attack on Singapore's health organisations which happened because of the failure of "inadequate security controls."

"Healthcare records can yield four times more money ($75 on average) than financial data in underground markets. These records contain all sensitive information about an individual," he said.

In addition, he clarified that in terms of the internet security breach in the healthcare sector, the Republic is not alone. As per the Carbon Black's threat reports, this industry as a whole "is woefully under-protected and it is among the most targeted industry – 73% of IR professionals have seen an attack targeting the healthcare industry in recent months."

In addition, he stated that the rapid adoption of cloud technology and employee mobility has gradually destroyed the traditional perimeter. Essentially, the cybercriminals are now targeting "the laptops, desktops and servers housing the most sensitive information for an organization," he noted.

"As this breach in Singapore suggests, endpoint protection at healthcare organizations appears to be severely lacking. Beyond technology, humans are often the weakest link in any organisation's security posture. This is where education and security awareness training can play an important role," Kellermann said.

ManageEngine, the IT management division of Zoho Corporation also reached out to IBTimes Singapore after news came out on SRC data breach. ManageEngine's Vice President Rajesh Ganesan said that "Passwords are the oldest, secure and convenient way to authoritatively establish identities. Their benefits far outweigh the limitations and hence the many attempts to eliminate them completely has failed time and again."

Ganesan mentioned that in terms of spreading an awareness password hygiene, is the same with the way people deal with "personal hygiene, where strong and healthy individuals lead to strong and healthy communities."

"In the business scenarios, the technology infrastructure offers varieties of methods for information access, often protected by different types of accounts having varying levels of access to information. These accounts are typically protected by passwords and for teams running IT, these passwords are the keys to the kingdom and it becomes one of their top priorities to fully understand the implications, devise a strategy and implement strong password management systems," he added.

Ganesan stated that it is critical for the organizations "to act preventive and secure with managed solutions that will empower them completely and be in control of information security."

Sanjay Aurora, the Managing Director of Darktrace, APAC that is a global artificial intelligence company, stated that these cyber security incidents are the wake-up calls to organisations in Singapore "that no organisation and no data set is invulnerable."

While addressing the HSA cyberattack, he said, "The reality is that you are never going to eradicate vulnerabilities or human error. While the organisations affected must enforce better security hygiene, such as strong passwords, they can't stop there. The status quo is not good enough."

He mentioned that no matter how secure a portal is, such cyber threats will emerge "again and again" and that is why "it's critical to use AI to monitor and protect imperfect systems continually," as every three seconds AI can protect firms from such cyber attacks.

Related topics : Artificial intelligence