SingHealth data breach reveals many absolute security measures

Analysis of the July 2018 incident reveals that the use of weak administrative passwords and an unpatched device is still a trading practice.
The analysis of Singapore’s most severe cybersecurity breach has pointed out several poor security practices.

The July 2018 security breach has compromised personal data of 1.5 million SingHealth patients. The incident also affected outpatient medical data of 160,000 patients that visited the healthcare provider’s facilities, which included four public hospitals, nine polyclinics, and 42 clinical specialties.

Researchers said more could have been done to prevent the security incident from escalating.
Hackers were able to breach so easily because the affected devices were running a version of Microsoft Outlook that was not updated with a patch.
Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;

This provided the hackers access into SingHealth’s network, distributing malware and infecting other devices after the initial breach.
Furthermore, one local administrator accounts had used “[email protected]” as a password, which could have been easily brute force hacked.
Another flaw in the network, allowed the hackers to run bulk queries because the system lacked rules or controls that could have identified such patterns of behavior or unauthorized use.

There was even a coding vulnerability in the SCM software, and this was likely the reason the hackers were able to eventually extract database credentials from a Citrix server hosted on the Healthcare-Cloud.
Even worse is the fact that a former employee had alerted IHIS, back in 2014, about the coding vulnerability, but no action was taken by the healthcare IT operator to resolve the issue.

Kwek also noted that IHIS staff became aware of the unauthorized attempts to access the database on The hearing will continue with several witnesses including from the Ministry of Health, SingHealth, and IHIS.
We would continue to monitor this cybersecurity problem. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.