SingHealth cyberattack: Database administrator did not immediately recognise 'serious security incident'

·Senior Editor

21 September 2018 at 10:12 am

IHiS database administrator Katherine Tan (left, in green) leaves the Committee of Inquiry hearing with a friend on Friday, 21 September 2018. The COI is investigating the SingHealth cyberattacks that saw the personal particulars of 1.5 million patients compromised. PHOTO: Abdul Rahman Azhari/Yahoo News Singapore

A database administrator with more than 20 years’ experience did not immediately recognise that the multiple failed attempts to log-in to the SingHealth database she had encountered on 4 July amounted to a “serious security incident”, a Committee of Inquiry (COI) investigating the worst ever cyberattack in Singapore was told on Friday (21 September).

Integrated Health Information Systems (IHiS) senior manager Katherine Tan, further acknowledged that even before 4 July, she had been aware of “various IT security incidents” that occurred in the database between June and July 2018. These consisted of multiple log-in attempts using non-existent or unauthorised accounts.

Tan had seen “unusual failed attempts” at logging-in through the software system SingHealth utilises for its electronic medical records (EMR). “By 12 June 2018, I was concerned that something was wrong. I did not know exactly what was taking place, but I knew that it was unusual,” said Tan, who manages more than 50 databases.

“I know that I had a responsibility to report this matter. However, I did not report the matter to anyone,” said Tan, as she assumed that the Applications team would look into the matter since she had informed them of the incidents. On 11 June, she had also escalated the matter to server administrators.

On 4 July, after being alerted by a colleague to an “unusual incident” in the database, Tan realised that “bulk amounts of data” were being queried from the SingHealth database. She then terminated these queries and escalated the matter to her supervisor.

In retrospect, Tan admitted that it should have been “immediately apparent” that IHiS was dealing with a serious security incident, as she should have realised that the separate incidents in June and July were linked.

Earlier on Friday, Solicitor-General Kwek Mean Luck told the COI that the initial response by IHiS staff to the attack, which occurred between 27 June and 4 July this year, was “piecemeal and inadequate”. He added that they “did not fully appreciate that multiple cyber security incidents were happening”.

In this regard, Tan noted in her conditioned statement that she had never been provided with any training or briefing on a security incident reporting framework. She also told the committee that even during an “urgent meeting” called by IHiS senior management on 9 July, the incident was not yet considered by the IT agency to be a cyberattack.

The personal particulars of 1,495,364 unique patients – including that of Prime Minister Lee Hsien Loong – were stolen from SingHealth’s database during the cyberattack. The data comprises the patients’ demographic records and the dispensed medication records of about 159,000 of them.

The four-member Committee of Inquiry is chaired by retired chief district judge Richard Magnus. The other three members on the committee are Lee Fook Sun, Executive Chairman of Ensign InfoSecurity; T K Udairam, Group Chief Operating Officer of Sheares Healthcare Management; and Cham Hui Fong, Assistant Secretary-General of the National Trades Union Congress.

Besides Tan, another witness from IHiS also took the stand on the first day of hearings: Lum Yuan Woh, assistant director (Infra Services – Systems Management), who first discovered on 11 June that certain accounts had been compromised.

The COI will hear from at least nine witnesses from the Ministry of Health, Ministry of Health Holdings, SingHealth, IHiS and the Cyber Security Agency during a series of public and private hearings until 5 October. It is then expected to submit a report on its findings and recommendations to Communications and Information Minister S. Iswaran by 31 December.

1.5M patients’ data, including PM Lee Hsien Loong’s, stolen in major cyberattack

SingHealth cyberattack fits profile of ‘typically state-linked’ groups: Iswaran

Committee of Inquiry formed to probe cyberattack on SingHealth’s database

PropertyGuru
Singapore HDB Rental Prices in Q1 2024: How Much to Expect for 3-room, 4-room, and 5-room Flats
HDB rental prices have risen greatly over the course of the pandemic. Thinking of renting a 3-room, 4-room, or 5-room flat in Singapore? We listed HDB median rental transaction prices in Q1 2024 by estate.
a day ago
INSIDER
The red flags that will tell us when China's actually ready to invade Taiwan
Signs are growing that China could be readying for a showdown over Taiwan. These are the warning signs China experts closely track.
a day ago
The Telegraph
Mohamed Salah in extraordinary touchline row with Jurgen Klopp: ‘If I speak there will be fire’
Mohamed Salah warned there would be “fire” if he discussed in depth his extraordinary touchline row with Jurgen Klopp that broke out when the great Liverpool goalscorer prepared to come on at West Ham in his side’s 2-2 draw at the London Stadium.
21 hours ago
The Telegraph
Russia has found the critical vulnerability in Nato’s American tanks
The arrival of the US M1A1 Abrams tanks in Ukraine was hailed as a turning point in the war. Coming in at roughly $10 million a unit, the Nato stalwart was supposed to provide the armoured fist that would punch through the Russian lines. But tactics evolve quickly in warfare, and Russia’s use of surveillance and hunter-killer drones has led to heavy casualties for Ukraine’s tank fleets. This is alarming for NATO. If Russia has found critical vulnerabilities in our armour, our borders are beginni
2 days ago
SETHLUI.COM
Man accidentally charged $2020.90 for $20.90 steak at Common Grill by Collin’s, takes to Facebook to complain
The post Man accidentally charged $2020.90 for $20.90 steak at Common Grill by Collin’s, takes to Facebook to complain appeared first on SETHLUI.com.
a day ago
The Telegraph
Relegated Sheffield United are a Premier League laughing stock – they may be gone for a while
At some clubs they ban the “R” word during the season, as relegation is unthinkable. But it has been a different story at Sheffield United, where dropping back to the Championship has come off a long run-up and was confirmed at St James’ Park. They have not won two consecutive matches all season and even victory in their final three games will see them rooted in the bottom three.
19 hours ago
The Guardian
‘Indefensible’: UK prisoner jailed for 23 months killed himself after being held for 17 years
Coroner condemns ‘inhumane’ imprisonment for public protection sentences that have no end date for release
5 hours ago
SETHLUI.COM
Moh Swee Kee — Disagreement spurs sister of Rui Ji Chicken Rice to go solo
The post Moh Swee Kee — Disagreement spurs sister of Rui Ji Chicken Rice to go solo appeared first on SETHLUI.com.
a day ago
The Telegraph
Japanese town overlooked by Mount Fuji erects screen to block tourists’ view
A small Japanese town at the base of Mount Fuji is erecting a gigantic screen to block off a viral view of the peak from the “world’s prettiest convenience store” after it began attracting dangerously large crowds.
2 days ago
The Telegraph
The Israel Defence Forces are the most moral soldiers in the world
Just when coverage of Israel in much of the broadcast media couldn’t seem any more spiteful and misleading – the slippage into the mainstream of slurs like “genocide” and “famine”, for instance, neither of which are remotely accurate descriptions for what is going on in Gaza – a story breaks that destroys all my remaining confidence that such outlets will cover the war impartially.
19 hours ago
INSIDER
A 110-year-old man says he's never had back pain and still drives his car every day. Here are his 6 longevity tips.
Vincent Dransfield, 110, lives alone and drives his car every day. He credits movement, milk, and strong relationships with giving him longevity.
a day ago
People
Millie Bobby Brown Pairs Tiny Bikini with Denim Hotpants on Vacation: See the Cheeky Pic!
The 'Stranger Things' star rocked a pair of denim shorts from her fashion brand, Florence by Mills
a day ago
INSIDER
How Lauren Sanchez's style has evolved, from carrying Birkins to wearing see-through dresses
Lauren Sanchez has always made simple yet fashionable outfit choices. But recently, her appearances with Jeff Bezos have been all about daring looks.
a day ago
HuffPost UK
Buckingham Palace Gives New Update On King Charles Following Cancer Diagnosis
The palace previously announced the king's cancer diagnosis on February 5.
2 days ago
The Telegraph
Jurgen Klopp: Blame me for Liverpool’s failure
Jürgen Klopp has blamed himself for Liverpool’s title bid unravelling, and revealed he ‘hated’ the Merseyside derby performance so much he would have led a crowd chant demanding more fight from his team.
2 days ago
SETHLUI.COM
10 best bak kut teh in Johor worth crossing the border for
The post 10 best bak kut teh in Johor worth crossing the border for appeared first on SETHLUI.com.
a day ago
Reuters Videos
How the 'Bengaluru dream' turned into a nightmare
STORY: Nineteen-year-old Kkavya landed in Bengaluru with dreams of getting a degree in English literature and an exciting job at a tech firm.During a job interview, Khavya, who hails from Kashmir, was told she would have amazing job opportunities in India's Silicon Valley.She was sold the "Bengaluru dream.""What was promised to me when I came to work, they were like, 'Listen, the weather is going to be amazing, you're going to get paid, come work for us for seven hours, go home, take a beer, chill, sleep."After three years in the city, the dream is falling apart, and fast.One problem is the traffic."Do you see the horn? Did you hear it? This is my nightmare."As it was transformed into India's tech hub, the city has struggled to keep up with the massive population influx.Kkavya now spends up to five or six hours on her daily commutes.In the 1990s, Bengaluru rapidly became India's answer to Silicon Valley.It attracted millions of workers and the regional headquarters of some of the world's biggest IT companies.But unrestrained urban expansion has affected Bengaluru's character as a liveable city.With the city poised to vote in the second phase of India's national election on Friday (April 26), Kkavya said she felt frustrated to see that these issues are rarely addressed by local politicians and candidates."We are that sad now, we don't even think that this is something politicians can fix, because they never talk about it. Traffic is our problem, roads are our problem, hospital is your problem. So when I tell my boss that I can't reach on time, it's my problem, not the people who made the roads, not the people who are responsible for the traffic."And she struggles every morning to get water for her daily use. Weak southwest monsoon rains last year failed to replenish depleted groundwater causing shortages.This forced residents to ration water use and pay a much higher price.Water rates at her apartment have gone up by almost four times from about $8.40 per month to more than $27. "Water is expensive as it gets. It is something like we fight for, cause I remember, two days back, this building and the next building had a war over one tank. Because there was only one tank available, and we both wanted it, so basically they paid more and they got it."
2 days ago
InStyle
Zendaya and Tom Holland's Love Story Is Straight Out of a Movie
Here's everything you need to know about Tomdaya.
22 hours ago
BuzzFeed
"I Did A No-Spend Year": 23 Frugal Habits People Tried And Ended Up Keeping Because They Liked Them So Much
"It was way easier and more enjoyable than expected."
11 hours ago
People
Jennifer Aniston Shares Cute Puppy Pics and Workout Photos in Rare Instagram Photo Dump
The actress gave her fans a quick life update, showing off her dogs, her go-to exercise spot and more
9 hours ago

Latest stories