On Wednesday (1 Nov), the websites of Singapore’s public healthcare institutions suffered a seven-hour outage, causing them to be inaccessible to users.
Singaporeans may wonder why the websites of such critical services were down for so long.
The IT provider has since revealed that an attack on their servers caused the disruption.
Thankfully, no patient data was affected, they said.
In a media release on Friday (3 Nov), national HealthTech agency Synapxe said that the 1 Nov outage was the result of a Distributed Denial-of-Service (DDoS) attack.
This happens when attackers flood servers with Internet traffic to prevent legitimate users from accessing online services.
Synapxe claimed they detected this abnormal surge in network traffic at 9.15am that day.
The surge apparently circumvented the blocking service and overwhelmed Synapxe’s firewall behind the blocks.
This triggered the firewall to filter out the traffic, resulting in all services that rely on the Internet going down.
During the outrage, services requiring Internet connectivity at public healthcare institutions — including websites, emails and productivity tools for staff — were inaccessible.
Once they identified the cause, Synapxe and service providers immediately deployed measures to block the abnormal traffic.
This was to allow legitimate traffic necessary for Internet services to resume, they said.
Services were restored progressively from 4.30pm, with most of them up and running by 5.15pm.
During the incident, patient data and the internal networks remained accessible and unaffected, Synapxe said.
Patient care was also not compromised, they added, noting,
Synapxe has found no evidence to indicate that public healthcare data and internal networks have been compromised.
That’s because the agency was able to sustain the mission-critical systems essential for clinical services and operations at public healthcare institutions, including access to patient records.
Synapxe employs a “layered defence” system to protect their networks, they explained. The system aims to detect and respond to cyber threats including DDoS attacks.
Specifically, the agency’s services can block abnormal surges in Internet traffic before they enter our public healthcare network. They can also put up firewalls to allow only legitimate traffic to enter.
For resilience, their system factors in redundancies like system backups.
Thus, these measures enabled them to withstand the attacks “with no compromise to healthcare data and internal networks”.
However, Singapore’s public healthcare institutions might face “occasional disruptions” in future, Synapxe warned.
That’s because the DDoS attacks are continuing, they said, adding,
Synapxe is working with relevant parties to actively defend against the attacks, and expedite the recovery processes.
Synapxe and the Cyber Security Agency (CSA) are currently conducting investigations.
Synapxe said the public healthcare sector will learn from this incident and further strengthen our cybersecurity, including reviewing defences against DDoS attacks.
They emphasised the importance of staying vigilant against cybersecurity threats and positioned the recent outage as a “stark reminder that DDoS attacks are on the rise”.
As the forms of attack keep on changing, Synapxe noted that DDoS attacks are inevitable.
Thus, the defences against such attacks must constantly evolve to keep up with advancements.
Hopefully, we manage to keep one step ahead of the attackers at all times.
Have news you must share? Get in touch with us via email at news@mustsharenews.com.
Featured image adapted from Google Maps and MS News.
A record of more than 553,000 travellers crossed both checkpoints on 13 Dec.
There has been no year-end Covid-19 wave, as had been expected.
The beef was imported without a veterinary health certificate and halal certification.
One fan started queueing as early as 7am.
The company made the change after parents said they wanted to make sure their gifts…
An incredible twist of fortune for the police -- and a stroke of bad luck…