Aug 2017: The attacker gained an "initial presence" in SingHealth's network by infecting workstations.
Dec 2017 to May 2018: The attacker moved laterally in the network, using malware planted in one of the initially infected workstations to gain remote access and control the station.
Please subscribe or log in to continue reading the full article. Learn more about ST PREMIUM.
Enjoy unlimited access to ST's best work
- Exclusive stories and features on multiple devices
- In-depth analyses and opinion pieces
- ePaper and award-winning multimedia content