[ad_1]
SINGAPORE: While the "most serious violation of personal data" in the history of Singapore – which has compromised the records of 1.5 million SingHealth patients, including Prime Minister Lee Hsien Loong – arises Questions have arisen?
Integrated Health Information System (IHIS) database administrators detected unusual activity on SingHealth's computer systems on July 4 and ended data breaching activities. Later, they discovered that data had been illegally copied and stolen from June 27 – eight days before the detection of the cyberattack
From July 4 to July 9, administrators continued to monitor closely network traffic before checking that it was a cyber attack and alerted their superiors. On July 10, the Ministry of Health, SingHealth and the Singapore Cybersecurity Agency (CSA) were briefed and forensic investigations were conducted.
million. Jonathan Phua, co-founder of the InsiderSecurity startup if an attacker could hide in a computer system long enough to steal 1.5 million patient records, so the time needed to detect and respond to the threat was "too much" long ".
But, Mr. Phua said that it was not easy to detect a sophisticated attacker hiding inside the system, especially when he is sponsored by the state – this is that other industry experts said to be a probability.
The former DSO National Laboratories researcher reported the violation of Equifax in 2017. About 150 million US consumers were lost, which was discovered only three months later. Another incident involving the US Office of Personnel Management saw about 20 million employee records stolen in 2015, and this was discovered a year later, he added.
HACK DISCLOSURE A "NOBLE THING TO DO"
Darktrace Asia Pacific General Manager Sanjay Aurora said last Friday that information about piracy had been uncovered by SingHealth. "
" How many other countries in the world are able to detect this attack within a month, let alone conduct a full investigation within this short time? Jeff Hurmuses, chief executive of Asia-Pacific at Malwarebytes, a US-based cybersecurity firm, also concluded that IHIS database administrators acted "promptly" to stop the data leak.
. In 1965, FireEye's president for Asia Pacific, Eric Hoh, praised the Singapore government's decision to inform the public of the bombing. "The CSA and the Singapore government have done a good job of detecting (the cyberattack) in a timely manner and publicly revealing the incident – which is a very noble thing to do," Hoh told Channel NewsAsia, adding that the trend is there for the victims to "sweep the material under the rug".
million. Bill Chang, CEO of Singtel's Group Enterprise, which includes the Trustwave cybersecurity company, also said that the fact that government agencies can detect, confirm, isolate and mitigate the threat "in a few days is a robust response." 19659002] He added that for Persistent Threat Advanced attacks (APTs), the median of companies to detect sophisticated violations is more than 100 days and that they can take up to 60 days to respond and mitigate the violation.
million. Rajesh Sreenivasan, head of technology, media and telecommunications at Rajah & Tann, said in a phone interview that it was "almost impossible" to judge whether the Singapore authorities had reacted quickly to detecting the violation . "The reality is that (the) notification of violation can be made in stages," Sreenivasan said.
He added: "At times, cyberattacks could be part of a wider series of attacks, and warning the public too early could jeopardize investigations."
The lawyer has also answered questions about whether IHIS was violating the Cyber Security Act, which requires critical infrastructure owners in 11 key sectors – including health care – to notify the Singapore Cybersecurity Commissioner of A "prescribed cybersecurity incident", among others, does not specify a time limit for reporting incidents
Mr. Sreenivasan pointed out that IHIS did not commit the law because the legislation was not yet in force.
Mr. Bryan Tan, partner at Pinsent Masons, stated that the notice period had not been set.
He pointed out that, on the general plan, it is "fair" that regulators and those affected were not informed earlier of the data breach. He also asked why the Personal Data Protection Commission (PDPC), which investigated the data breaches here, does not seem to be involved in this particular case.
COMMON LAWS ON DATA FOR THE PUBLIC AND PRIVATE SECTORS?
Another issue raised after the SingHealth hack was the way consumers do not have any clear recourse when a data breach or violation involves a government entity, since the public sector does not. 39; is not included in the law on the protection of personal data (PDPA). Mr. Sreenivasan said that it is not clear either which entity is regulated by law and what is not.
The cyber attack on SingHealth was only one of several that targeted public sector agencies. In April this year, four Singaporean universities were victims of online attacks, and at least 52 online accounts were hacked for unauthorized research articles.
In April 2017, the National University of Singapore and the Nanyang Technological University were affected by computer network violations. The same year, the Ministry of Defense revealed that its I-net system was under attack and the personal data of 850 military and employees. Mr. Tan said: "The impression given is that the largest data breaches seem to involve government agencies (schools, MINDEF) and with the lack of detail provided, one can only question whether the internal standards of protection adopted data are sufficient, given the higher risk profile. "
[ad_2]
Source link
