News
Synapxe confirms DDoS attack as cause of hours-long disruption to Singapore public hospitals’ websites
Singapore’s public healthcare websites encountered prolonged downtime on Nov 1 due to a DDoS attack, as confirmed by Synapxe’s investigations. The attack flooded servers, hindering legitimate access.
The agency said there is no evidence suggesting any compromise of public healthcare data or internal networks.
On Wednesday (Nov 1), the websites of Singapore’s public healthcare institutions faced an hours-long disruption stemming from a distributed denial-of-service (DDoS) attack.
According to a statement released on Friday, Singapore health tech agency Synapxe’s investigations revealed that the attack involved flooding servers with internet traffic to impede access to online services for legitimate users.
Furthermore, Synapxe confirmed that there is no evidence suggesting any compromise of public healthcare data or internal networks.
Synapxe, whose website was also down on Wednesday, supports 46 public healthcare institutions, including hospitals, polyclinics, and 1,400 community partners like nursing homes and general practitioners.
Singapore’s healthcare system operates through three clusters: SingHealth (east), National Healthcare Group (central), and NUHS (west).
The websites of Singapore General Hospital, National University Hospital and Tan Tock Seng Hospital were among those affected.
In its statement, Synapxe recounted the disruption in internet connectivity at public healthcare institutions on 1st November 2023, lasting from 9:20 am to 4:30 pm, with the majority of affected services being restored by 5:15 pm.
During this period, essential services at public healthcare institutions, such as websites, emails, and staff productivity tools reliant on internet access, were rendered inaccessible.
Despite the disruption, Synapxe managed to maintain the critical systems necessary for clinical services and operations at public healthcare institutions, ensuring uninterrupted access to patient records.
They confirmed that patient data and internal networks remained secure and unaffected, emphasizing that patient care was not compromised.
Synapxe added that their networks are protected in a layered defence designed to detect and respond to cyber threats, including DDoS attacks.
“Our systems are also designed with redundancies for resilience, and these include system backups. ”
“To minimise the risks of being overwhelmed by higher-than-usual internet traffic, Synapxe subscribes to services which block abnormal surges in internet traffic before they enter our public healthcare network. In addition, once the traffic is cleared by the blocking service, firewalls are in place to allow only legitimate traffic into the network. ”
Synapxe explained measures to counter abnormal surge in network traffic on Wednesday
On 1 November 2023, an abnormal surge in network traffic was detected at 9.15am.
Synapxe explained that this surge circumvented the blocking service, and overwhelmed Synapxe’s firewall behind the blocks. This triggered the firewall to filter out the traffic, and all the websites and internet-reliant services became inaccessible.
Once the cause was identified, Synapxe immediately worked with service providers to deploy measures to block the abnormal traffic in order to allow legitimate traffic required for internet services to resume. Services were restored progressively from 4.30pm.
“The DDoS attacks are continuing, and we may see occasional disruptions in internet services as a result.”
Synapxe said they are working with relevant parties to actively defend against the attacks, and expedite the recovery processes. Investigations by Synapxe and the Cyber Security Agency (CSA) are also ongoing.
“The measures put in place by Synapxe to protect our systems have enabled us to withstand the attacks with no compromise to healthcare data and internal networks. ”
The agency said the incident is a stark reminder that DDoS attacks are on the rise, with changing attack methods.
“DDoS attacks cannot be prevented, and the defences against DDoS attacks will have to constantly evolve to keep up with advancements. ”
“The public healthcare sector will take this opportunity to review our defences against DDoS attacks, and learn from the episode to further strengthen our cybersecurity. It is important that we continue to remain vigilant against cybersecurity threats, ” the agency added in its statement.
Synapxe is wholly owned by MOH. So it seems like MOH and MCI and whatever agencies are NOT coordinated on the Smart Nation narrative. Coordinating Minister sleeping . . . again?
They F Singaporeans. But when it’s the opposite tt SG F them, they SUE, put people in jail, OR POFMA.
This is the ESSENCE of the School Pledge FORCED DAILY on Young and Vulnerable Minds. And human rights on record, Singapore Style.
At the end of the day, STUPID Singaporeans buybthe IDEA, only the PAP Administration is ENTITLED to politicise every liflihood issues in SG.
So many digital services disruptions/failures recently. Why hasn’t the MCI minister (Cybersecurity & Digital adoption) commit hara-kiri already? She can still do it in small spaces, mah.
I think the National Library web service is also under attack. They seem to be having a sudden flurry of “maintenance” going on.
The best is Synapxe go back to school before they talk more cocks.
Huh? Take so long to confirm that it was due to DDoS? Whoever was providing web server services for their websites should be able to tell them almost immediately as detection and mitigation of such attacks should be a BASIC service for their customers.