SINGAPORE: Ong Ye Kung, Minister for Health assured that despite the seven-hour disruption to the websites of major public healthcare institutions on 1 November, patient care remained unaffected.
He said during that time, the essential systems crucial for clinical services and operational functions within these institutions, including access to patient records, continued without interruption.
He emphasized that there was no evidence indicating a compromise of public healthcare data or internal networks during this incident.
On Wednesday (22 Nov), several Members of Parliament raised parliamentary inquiries seeking clarification on the cause of the disruption on 1 Nov.
They also questioned the government about measures planned to prevent such disruptions in the future.
Among the MPs who filed parliamentary questions were Poh Li San, MP for Sembawang GRC; Pritam Singh, the Leader of the Opposition; and Jessica Tan, MP for East Coast GRC.
MPs sought clarification regarding the 1 November seven-hour healthcare institutions website disruption
MPs Poh Li San and Jessica Tan also sought clarification from the Minister of Health regarding the impact on website users and the implications for healthcare and other services provided by public healthcare institutions, as recent reports suggest that such cyber attacks are likely to persist.
Pritam Singh specifically inquired about the measures implemented to address and prevent similar disruptions in the future.
In a written response, Minister Ong highlighted that the disruption in internet connectivity experienced by public healthcare institutions on 1 November, resulted from abnormal spikes in internet traffic, commonly known as a Distributed Denial-of-Service (DDoS) attack.
The abnormal traffic circumvented the anti-DDoS blocking services and overwhelmed the firewall.
“This caused the firewall to filter out the traffic, as well as other services requiring internet connectivity, including websites and internet-reliant services, which became inaccessible. ”
Minister Ong addressed the rising frequency of DDoS attacks, noting their evolving methods and the diverse motives behind their deployment, ranging from hacktivism to minor offenses.
“Those who deploy them have a variety of motives, from hacktivism to petty misdemeanor. ”
“The defences against DDoS attacks will have to constantly evolve to keep up with developing threats, ” he added.
Minister Ong reassured that since the disruption, Synapxe, Singapore’s health tech agency, has enhanced its anti-DDoS measures.
“the public healthcare sector will take this opportunity to learn from the episode, and review its defences against DDoS attacks, and to improve its incident response and recovery time.”
Synapxe thwarting 1.7 million attempts to breach internet-facing firewalls monthly
Additionally, Mr Melvin Yong, MP for Radin Mas SMC, asked the minister over the past five years, what is the average number of cyberattacks faced by our public healthcare institutions annually, and what safeguards are put in place to protect such critical systems.
In response, Minister Ong said Synapxe intercepts and blocks an average of 3,000 malicious emails daily, along with thwarting 1.7 million attempts to breach internet-facing firewalls monthly.
He said critical Information Infrastructure in the healthcare sector are regulated under the Cybersecurity Act, and the government adopted a layered Defence-In-Depth approach to safeguard our systems.
“In addition, we have an Advanced Security Operations Centre with detection and response capabilities; and incident response processes calibrated against actual security incidents and aligned to the National Cybersecurity Incident Response Framework.”
Minister Ong added that more than 10 cybersecurity Table-Top Exercises have also been conducted in the last five years.
Government agencies achieve 99.5% system availability in 2022, says MCI Minister
Separately, MP Jessica Tan and Sylvia Lim, WP MP for Aljunied GRC, also filed parliamentary questions to the Minister for Communications and Information (MCI) regarding the recent disruption.
They sought insights into the lessons learned from the extensive disruption and inquired about the government’s strategies to enhance protections for Singapore’s key civilian services and infrastructure, aiming to minimize such disruptions.
Additionally, Ms Sylvia Lim specifically queried when the authorities plan to release a report on the event to the public.
In a written reply, Minister Teo assured that resources are dedicated to fortifying the security of critical systems while maintaining fundamental measures for all systems.
She stressed the importance of complementing cybersecurity defense with business continuity plans to minimize the impact of e-service disruptions when they occur.
The Minister emphasized the role of the Cyber Security Agency (CSA) in identifying and regulating Critical Information Infrastructure (CII) across vital sectors like government, infocomm, banking, and finance.
“For instance, in 2022, Government agencies maintained an availability uptime of at least 99.5% for most of our critical systems, which is equivalent to less than four hours of unscheduled down time per system per month. ”
“The Government recognises that, as we digitalise more, we become more dependent on digital services and infrastructure. ”
However, she emphasised the inevitability of cyber incidents or service disruptions but highlighted the government’s commitment to mitigating and managing these risks.
“While some disruption might be inevitable, prolonged disruptions should not be the norm,” she said.
Minister Teo stressed the need not only for prevention but also for quick recovery in the event of disruptions.
She mentioned that CSA is reviewing the Cybersecurity Act, considering not only Critical Information Infrastructure but also other crucial digital infrastructure and services vital to the nation’s functioning.
Further details will be provided by MCI when available, she said.
Websites of Singapore public healthcare clusters affected by 7-hour internet access disruption
On 1 November, a substantial technical disruption affected numerous public hospitals and polyclinics in Singapore, causing their websites to become inaccessible during the seven-hour disruption.
In an earlier statement on 3 November, Synapxe revealed that in collaboration with the Cyber Security Agency of Singapore (CSA), extensive investigations were conducted, confirming the cause as a Distributed Denial-of-Service (DDoS) attack.
The attack involved flooding servers with internet traffic to impede access to online services for legitimate users, according to Synapxe.
Furthermore, Synapxe said there is no evidence suggesting any compromise of public healthcare data or internal networks.
Synapxe, whose website was also down on 1 November, supports 46 public healthcare institutions, including hospitals, polyclinics, and 1,400 community partners like nursing homes and general practitioners.
Singapore’s healthcare system operates through three clusters: SingHealth (east), National Healthcare Group (central), and NUHS (west).
The websites of Singapore General Hospital, National University Hospital and Tan Tock Seng Hospital were among those affected.
In its statement, Synapxe recounted the disruption in internet connectivity at public healthcare institutions on 1st November 2023, lasting from 9:20 am to 4:30 pm, with the majority of affected services being restored by 5:15 pm.
During this period, essential services at public healthcare institutions, such as websites, emails, and staff productivity tools reliant on internet access, were rendered inaccessible.
DPM Wong defends SA closure for 55+, netizens demand autonomy for their own CPF savings
Coalition talks intensify as Prabowo-Gibran leads Presidential quick count
SDP Chief Chee Soon Juan receives POFMA order for comments on HDB policies
Indonesia Election update: Prabowo-Gibran commanding lead with 58.91%
AGC to evaluate further action on Kenneth Jeyaretnam over alleged falsehoods
Singapore fines man S$30,000 for illegally importing 2 tonnes of meat
Kenneth Jeyaretnam criticizes MSF’s POFMA on NCMP Leong Mun Wai’s Facebook post
SCDF annual report reveals 31% surge in AMD-related fires in 2023
Angry participants demand refunds for ‘delayed’ Sky Lantern Festival in Sentosa
SPF: At least 419 victims lost S$1.8M to fake buyer phishing scams since January
Love Aid Singapore raises US$60,000 in two days for Palestinians iftar meals
Indonesian lecturers spark “#JanganJadiDosen” movement, demand academic welfare reform
Singapore2 weeks ago
PM Lee encourages more births in the year of the dragon amid declining fertility rates
Singapore1 week ago
Singapore surpasses nursing recruitment target in 2023 amidst high attrition rates
Featured1 week ago
PA surveys community & govt confidence amid pending general election
Comments1 week ago
PAP Marcus Loh accuses WP’s MP of alleged dishonesty on debate about reserves
Civil Society1 week ago
Singaporeans stand firm in support for Palestine amidst police scrutiny
Civil Society6 days ago
At least 9 individuals summoned by police over Palestine solidarity activities on 2 Feb
Community1 week ago
Connectivity struggles in Tengah town prompt online user discussion
International1 week ago
Singapore Police investigate two events amid Israel’s genocide in Gaza