BreachExchange mailing list archives
Singapore public healthcare sector limits internet use
From: Destry Winant <destry () riskbasedsecurity com>
Date: Mon, 23 Jul 2018 19:32:13 -0500
https://www.computerweekly.com/news/252445405/Singapore-public-healthcare-sector-limits-internet-use The move is part of containment and monitoring measures implemented to further protect patient data against emerging forms of cyber threats. Other measures that have since been put in place include additional controls on workstations and servers, reset of user and systems accounts, and installation of additional system monitoring controls on IT systems. On 20 July 2018, the Singapore government revealed that about 1.5 million patients who visited SingHealth’s specialist outpatient clinics and polyclinics from 1 May 2015 to 4 July 2018 have had their non-medical personal particulars illegally accessed and copied in a deliberate, targeted and well-planned cyber attack. The data taken included names, national identity card numbers, addresses and dates of birth. Information on the outpatient dispensed medicines of about 160,000 patients was also exfiltrated through an initial breach on a front-end workstation. The Ministry of Health (MOH) said the decision to impose what it calls internet surfing separation (ISS) will strengthen public healthcare IT systems against evolving cyber security threats, and more importantly, to safeguard the confidentiality of patient data. “We would like to assure all patients that their safety and care are our priority, and we will work to ensure that these are not compromised as a result of the implementation of ISS and various security measures,” it said. Singapore’s public healthcare institutions currently rely on the internet to deliver some healthcare services. These include reading of diagnostic reports from laboratories, submission and retrieval of results from screening databases, birth and death registration, referrals, video consultation, as well as payment and claims processing. MOH said patients may experience longer waiting time for consultations and to receive their test results, as well as delays in checking their MediSave medical savings accounts or making their claims. “The technical teams are also on the ground to address issues that have arisen. Interim alternatives are being deployed to departments requiring internet access, including separate shared workstations for connection to the internet where needed for the staff’s work,” it added. Sid Deshpande, research director at Gartner, stressed the importance of having “defence in depth”, or security controls at various layers of technology infrastructure in mitigating similar cyber threats. “An equal emphasis needs to be applied on application security, endpoint security, data security, web/e-mail security and identity/access management to prevent or reduce the number of security incidents. Preventative approaches need to be supplemented with good detection and response capabilities. “Attackers usually intend to stay dormant in systems to avoid detection and cause further damage, so the fact that the breach was detected this early actually shows that the security teams in this case were actively monitoring systems to detect incidents,” he added. Sid Deshpande, research director at Gartner, stressed the importance of having “defence in depth”, or security controls at various layers of technology infrastructure in mitigating similar cyber threats. “An equal emphasis needs to be applied on application security, endpoint security, data security, web/e-mail security and identity/access management to prevent or reduce the number of security incidents. Preventative approaches need to be supplemented with good detection and response capabilities. “Attackers usually intend to stay dormant in systems to avoid detection and cause further damage, so the fact that the breach was detected this early actually shows that the security teams in this case were actively monitoring systems to detect incidents,” he added. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Singapore public healthcare sector limits internet use Destry Winant (Jul 24)