Health Minister: Patient care unaffected in seven-hour website disruption on 1 Nov, no compromised data found

SINGAPORE: Ong Ye Kung, Minister for Health assured that despite the seven-hour disruption to the websites of major public healthcare institutions on 1 November, patient care remained unaffected.

He said during that time, the essential systems crucial for clinical services and operational functions within these institutions, including access to patient records, continued without interruption.

He emphasized that there was no evidence indicating a compromise of public healthcare data or internal networks during this incident.

On Wednesday (22 Nov), several Members of Parliament raised parliamentary inquiries seeking clarification on the cause of the disruption on 1 Nov.

They also questioned the government about measures planned to prevent such disruptions in the future.

Among the MPs who filed parliamentary questions were Poh Li San, MP for Sembawang GRC; Pritam Singh, the Leader of the Opposition; and Jessica Tan, MP for East Coast GRC.

MPs sought clarification regarding the 1 November seven-hour healthcare institutions website disruption

MPs Poh Li San and Jessica Tan also sought clarification from the Minister of Health regarding the impact on website users and the implications for healthcare and other services provided by public healthcare institutions, as recent reports suggest that such cyber attacks are likely to persist.

Pritam Singh specifically inquired about the measures implemented to address and prevent similar disruptions in the future.

In a written response, Minister Ong highlighted that the disruption in internet connectivity experienced by public healthcare institutions on 1 November, resulted from abnormal spikes in internet traffic, commonly known as a Distributed Denial-of-Service (DDoS) attack.

The abnormal traffic circumvented the anti-DDoS blocking services and overwhelmed the firewall.

“This caused the firewall to filter out the traffic, as well as other services requiring internet connectivity, including websites and internet-reliant services, which became inaccessible. ”

Minister Ong addressed the rising frequency of DDoS attacks, noting their evolving methods and the diverse motives behind their deployment, ranging from hacktivism to minor offenses.

“Those who deploy them have a variety of motives, from hacktivism to petty misdemeanor. ”

“The defences against DDoS attacks will have to constantly evolve to keep up with developing threats, ” he added.

Minister Ong reassured that since the disruption, Synapxe, Singapore’s health tech agency, has enhanced its anti-DDoS measures.

“the public healthcare sector will take this opportunity to learn from the episode, and review its defences against DDoS attacks, and to improve its incident response and recovery time.”

Synapxe thwarting 1.7 million attempts to breach internet-facing firewalls monthly

Additionally, Mr Melvin Yong, MP for Radin Mas SMC, asked the minister over the past five years, what is the average number of cyberattacks faced by our public healthcare institutions annually, and what safeguards are put in place to protect such critical systems.

In response, Minister Ong said Synapxe intercepts and blocks an average of 3,000 malicious emails daily, along with thwarting 1.7 million attempts to breach internet-facing firewalls monthly.

He said critical Information Infrastructure in the healthcare sector are regulated under the Cybersecurity Act, and the government adopted a layered Defence-In-Depth approach to safeguard our systems.

“In addition, we have an Advanced Security Operations Centre with detection and response capabilities; and incident response processes calibrated against actual security incidents and aligned to the National Cybersecurity Incident Response Framework.”

Minister Ong added that more than 10 cybersecurity Table-Top Exercises have also been conducted in the last five years.

Government agencies achieve 99.5% system availability in 2022, says MCI Minister

Separately, MP Jessica Tan and Sylvia Lim, WP MP for Aljunied GRC, also filed parliamentary questions to the Minister for Communications and Information (MCI) regarding the recent disruption.

They sought insights into the lessons learned from the extensive disruption and inquired about the government’s strategies to enhance protections for Singapore’s key civilian services and infrastructure, aiming to minimize such disruptions.

Additionally, Ms Sylvia Lim specifically queried when the authorities plan to release a report on the event to the public.

In a written reply, Minister Teo assured that resources are dedicated to fortifying the security of critical systems while maintaining fundamental measures for all systems.

She stressed the importance of complementing cybersecurity defense with business continuity plans to minimize the impact of e-service disruptions when they occur.

The Minister emphasized the role of the Cyber Security Agency (CSA) in identifying and regulating Critical Information Infrastructure (CII) across vital sectors like government, infocomm, banking, and finance.

“For instance, in 2022, Government agencies maintained an availability uptime of at least 99.5% for most of our critical systems, which is equivalent to less than four hours of unscheduled down time per system per month. ”

“The Government recognises that, as we digitalise more, we become more dependent on digital services and infrastructure. ”

However, she emphasised the inevitability of cyber incidents or service disruptions but highlighted the government’s commitment to mitigating and managing these risks.

“While some disruption might be inevitable, prolonged disruptions should not be the norm,” she said.

Minister Teo stressed the need not only for prevention but also for quick recovery in the event of disruptions.

She mentioned that CSA is reviewing the Cybersecurity Act, considering not only Critical Information Infrastructure but also other crucial digital infrastructure and services vital to the nation’s functioning.

Further details will be provided by MCI when available, she said.

Websites of Singapore public healthcare clusters affected by 7-hour internet access disruption

On 1 November, a substantial technical disruption affected numerous public hospitals and polyclinics in Singapore, causing their websites to become inaccessible during the seven-hour disruption.

In an earlier statement on 3 November, Synapxe revealed that in collaboration with the Cyber Security Agency of Singapore (CSA), extensive investigations were conducted, confirming the cause as a Distributed Denial-of-Service (DDoS) attack.

The attack involved flooding servers with internet traffic to impede access to online services for legitimate users, according to Synapxe.

Furthermore, Synapxe said there is no evidence suggesting any compromise of public healthcare data or internal networks.

Synapxe, whose website was also down on 1 November, supports 46 public healthcare institutions, including hospitals, polyclinics, and 1,400 community partners like nursing homes and general practitioners.

Singapore’s healthcare system operates through three clusters: SingHealth (east), National Healthcare Group (central), and NUHS (west).

The websites of Singapore General Hospital, National University Hospital and Tan Tock Seng Hospital were among those affected.

In its statement, Synapxe recounted the disruption in internet connectivity at public healthcare institutions on 1st November 2023, lasting from 9:20 am to 4:30 pm, with the majority of affected services being restored by 5:15 pm.

During this period, essential services at public healthcare institutions, such as websites, emails, and staff productivity tools reliant on internet access, were rendered inaccessible.