SINGAPORE: Synapxe, Singapore’s health tech agency, has pledged to fortify the resilience of the public healthcare sector’s system design against emerging DDoS (Distributed Denial-of-Service) attacks in the future.
In a statement issued on Monday (20 Nov), Synapxe expressed its commitment to bolstering defences against cyber attacks following a recent incident that disrupted the web services of public hospitals and polyclinics.
The agency emphasized that this incident serves as a clear indicator of the escalating threat posed by DDoS attacks, which employ evolving methods to bypass monitoring systems.
While preventing DDoS attacks entirely may be unfeasible, Synapxe stressed the importance of continuously enhancing defensive strategies, the agency said.
“We will also improve our operating processes through a combination of enhanced monitoring, and tighter coordination between identification of the threats and activation of appropriate defensive measures,” Synapxe said.
These strategic changes aim to empower a more efficient response to future attacks, safeguarding the reliability and accessibility of public healthcare systems, according to the agency.
Websites of Singapore public healthcare clusters affected in 6-hour internet access disruption
On 1 November, a substantial technical disruption affected numerous public hospitals and polyclinics in Singapore, causing their websites to become inaccessible during the six-hour disruption.
In an earlier statement on 3 November, Synapxe revealed that in collaboration with the Cyber Security Agency of Singapore (CSA), extensive investigations were conducted, confirming the cause as a Distributed Denial-of-Service (DDoS) attack.
The attack involved flooding servers with internet traffic to impede access to online services for legitimate users, according to Synapxe.
Furthermore, Synapxe said there is no evidence suggesting any compromise of public healthcare data or internal networks.
Synapxe, whose website was also down on 1 November, supports 46 public healthcare institutions, including hospitals, polyclinics, and 1,400 community partners like nursing homes and general practitioners.
Singapore’s healthcare system operates through three clusters: SingHealth (east), National Healthcare Group (central), and NUHS (west).
The websites of Singapore General Hospital, National University Hospital and Tan Tock Seng Hospital were among those affected.
In its statement, Synapxe recounted the disruption in internet connectivity at public healthcare institutions on 1st November 2023, lasting from 9:20 am to 4:30 pm, with the majority of affected services being restored by 5:15 pm.
“Our systems are also designed with redundancies for resilience, and these include system backups. ”
“To minimise the risks of being overwhelmed by higher-than-usual internet traffic, Synapxe subscribes to services which block abnormal surges in internet traffic before they enter our public healthcare network. In addition, once the traffic is cleared by the blocking service, firewalls are in place to allow only legitimate traffic into the network. ”
Synapxe explained measures to counter abnormal surge in network traffic on 1 Nov incident
On 1 November 2023, an abnormal surge in network traffic was detected at 9.15am.
Synapxe explained that this surge circumvented the blocking service, and overwhelmed Synapxe’s firewall behind the blocks. This triggered the firewall to filter out the traffic, and all the websites and internet-reliant services became inaccessible.
Once the cause was identified, Synapxe immediately worked with service providers to deploy measures to block the abnormal traffic in order to allow legitimate traffic required for internet services to resume. Services were restored progressively from 4.30pm.
“The DDoS attacks are continuing, and we may see occasional disruptions in internet services as a result.”
Synapxe said they are working with relevant parties to actively defend against the attacks, and expedite the recovery processes. Investigations by Synapxe and the Cyber Security Agency (CSA) are also ongoing.
“The measures put in place by Synapxe to protect our systems have enabled us to withstand the attacks with no compromise to healthcare data and internal networks. ”
The agency said the incident is a stark reminder that DDoS attacks are on the rise, with changing attack methods.
“DDoS attacks cannot be prevented, and the defences against DDoS attacks will have to constantly evolve to keep up with advancements. ”
“The public healthcare sector will take this opportunity to review our defences against DDoS attacks, and learn from the episode to further strengthen our cybersecurity. It is important that we continue to remain vigilant against cybersecurity threats, ” the agency added in its statement.