Singapore cyber attack may be state-linked: minister (Update)

Hackers broke into a government database and stole the health records of 1.5 million Singaporeans, including Prime Minister Lee
Hackers broke into a government database and stole the health records of 1.5 million Singaporeans, including Prime Minister Lee Hsien Loong

The biggest ever cyber attack to hit Singapore was carried out by highly sophisticated hackers typically linked to foreign governments, a cabinet minister said Monday, but did not give names.

Hackers broke into a government database and stole the health records of 1.5 million Singaporeans, including Prime Minister Lee Hsien Loong who was specifically targeted in the "unprecedented" hack, the government has said.

"We have done a detailed analysis of this attack and have determined that it is the work of an advanced persistent threat (APT) group," Minister for Communications and Information S. Iswaran said Monday.

"This refers to a class of sophisticated cyber attackers typically state-linked who conduct extended, carefully planned cyber campaigns to steal information or disrupt operations," he told parliament, which discussed the issue.

Iswaran said the APT group "was persistent in its efforts to penetrate and anchor itself on the network, bypass the security measures and illegally access and exfiltrate data".

While the attack fitted the profile of "certain known APT groups", Iswaran said he would not publicly give any names for reasons of national security.

Hackers used a computer infected with malware to gain access to the database between June 27 and July 4 before administrators spotted "unusual activity", authorities have said.

The compromised data includes personal information and medication dispensed to patients, but medical records and clinical notes have not been affected, according to the authorities.

Security experts had also earlier pointed to state-actors as the likely culprit, citing the scale and sophistication of the hack.

Healthcare data is of particular interest to hackers because it can be used to blackmail people in positions of power, Jeff Middleton, chief executive of cybersecurity consultancy Lantium, told AFP last month.

Medical information, like personal data, can also be easily monetised on criminal forums, said Sanjay Aurora, Asia Pacific managing director of Darktrace, a cyber security firm.

Iswaran, who is also the minister in charge of cyber security, has convened a committee of inquiry to look into the hack.

"We will do our utmost to strengthen our cyber security. But it is impossible to completely eliminate the risk of another cyber attack," he said.

"This is an ongoing battle with potential cyber attackers who are constantly developing their capabilities and seeking out new vulnerabilities."

Iswaran said the attack will not derail the affluent and highly-wired city-state's ambitions to become a "smart nation" through the extensive use of technology in daily activities and transactions.

Explore further: Singapore says hackers stole 1.5 million health records in record cyberattack