Singapore’s status as a hyperconnected financial hub makes it a prime target for hackers, and recently reported attacks have intensified the focus on cybersecurity as it pushes to become one of the world’s leading technology hubs.
In what local media have been calling the largest data breach in the country’s history uncovered last month, hackers stole information on 1.5 million patients including Prime Minister Lee Hsien Loong during an attack on Singapore’s biggest public health-care group, SingHealth. Within days, the Securities Investors Association (Singapore) also reported that hackers stole the personal data of 70,000 members in 2013.
“Singapore certainly has attractive assets that would be of significant interest to cyber threat adversaries from across the motivation spectrum, including financial crime and state-sponsored espionage,” said Tim Wellsmore, director of Asia Pacific government security programs for cyber security firm FireEye. “It certainly is raising the attention of the right officials within the Singapore government,” he said by phone.
Singapore, ranked the world’s seventh wealthiest country by Allianz in a recent report and home to 127 foreign and local banks with total commercial bank deposits of more than S$613bil (RM1.82tril), promptly launched a police investigation into the attack and convened a Committee of Inquiry to conduct an independent external review.
The Monetary Authority of Singapore, the country’s central bank, also issued a notice to all financial institutions, directing them to tighten their customer verification processes and not to rely only on full name, national identification number, address, gender, race and date of birth for customer verification.
Singapore in 2016 announced plans to stop most of its public servants from being able to access the Internet from their work computers in the face of growing hacker threats, affecting around 100,000 public servants’ computers. The government also introduced new laws to ensure that the sensitive data collected by mobile app developers and other companies was safe from hackers.
“Attackers are likely to feel that they will have rich pickings if they’re able to breach public or private systems,” Reuben Sinclair, a cyber security representative from the UK’s Department of International Trade who is based in Singapore, said by phone.
Cybersecurity specialists believe only a few countries such as China, Russia and the US could have been capable of such a sophisticated attack as the one on SingHealth. North Korean hackers have also been linked to several recent high-profile cyberattacks.
“With any discussion of hacking, China does leap to mind,” Tom Uren, a visiting fellow at the Australian Strategic Policy Institute, said in an email. “But Singapore is regionally important so there could be a number of Asian countries that would possibly have some motivation.”
In the past, China appeared to have hacked large volumes of personal information with the intention of creating a database to strengthen its espionage and counter intelligence capabilities, he said. “This hack does match their modus operandi,” Uren said.
China’s Ministry of Foreign Affairs did not respond to a faxed request for comment.
“Geopolitical relations are impacted by incidents like this, particularly in light of global tensions, including over trade,” said Gino Bello, a senior director at business advisory firm FTI Consulting.
While Singapore ranked number one on the International Telecommunication Union’s 2017 Global Cybersecurity Index, the SingHealth cyberattack reinforced the need for heightened and effective security, said Bello.
“In comparison to less connected nations, the repercussions of an attack are potentially more significant,” Bello said. “More information can be accessed by hackers if successful. But the consequences to bad threat actors when uncovered, are arguably graver.”
Still, when a breach such as this is uncovered, FireEye’s Wellsmore said, it could help many other organisations around the world take steps to prevent similar attacks from succeeding.
Singapore’s quick response to the SingHealth attack also helped to contain the fallout, Wellsmore added. This included temporarily imposing Internet surfing separation across SingHealth’s IT systems, placing additional controls on workstations and servers, and the resetting of user and systems accounts.
“This one could have been much worse if they hadn’t responded so quickly,” Wellsmore said.