The Straits Times says

Securing Singapore's cyberhealth

The public report by a high-level panel tasked to probe last June's cyber attack on SingHealth, Singapore's worst data breach, has highlighted serious areas of concern. These include staff who fell prey to phishing attacks, weak administrator passwords, not applying a patch that could have stopped the hacking, and an IT cyber-security team that could not even recognise a security incident. To be fair to SingHealth, such failures reflect perhaps the confidence that comes from Singapore's technological abilities. This could easily slip into a "won't happen here" complacency that puts these institutions at risk. Although the Committee of Inquiry's (COI) report is about SingHealth, it applies to other entities as well.

In the attack, hackers stole the personal data of 1.5 million patients and the outpatient prescription details of 160,000 people, including Prime Minister Lee Hsien Loong. The patently political nature of the attack should alert all organisations, but particularly those in the public sector, to the danger of sophisticated cyber incursions that are linked usually to the national agendas and the technological prowess of states. Every organisation in Singapore must see itself as a potential victim of cyber predators who could breach its defences to achieve objectives that are unrelated to the mandate of those organisations. Cyber security is an irreplaceable part today of the alertness that Singapore has displayed traditionally to preserve its core interests.

TO READ THE FULL ARTICLE

Thank you for reading The Straits Times

You have reached one of our Premium stories. To continue reading, get access now or log in if you are a subscriber.

What is Premium?

A version of this article appeared in the print edition of The Straits Times on January 15, 2019, with the headline 'Securing Singapore's cyberhealth'. Print Edition | Subscribe