SingHealth data breach reveals several inadequate security measures

Investigating the most serious computer security violations in Singapore revealed some poor security measures, such as poor performance administrative passwords and use of unpatched desktops.

This survey result became clear on the first day of the hearing led by the Investigation Committee (IOC) which investigated the security breach of July 2018 infringing personal information. 1.5 million SingHealth patients. The case also impaired the medical data of 160,000 patients outpatient visiting healthcare provider facilities, including 4 public hospitals, 9 polycnistin and 42 clinical specialists.

Kwek Mean Luck said at the press conference Friday that the initial response to security breach was "fragmentation" and "insufficient".

He said that other means could have been taken to prevent the security incident from spreading, but the violation also showed the characteristics of advanced attack (APT) of the threat. This included the use of highly sophisticated tools, including custom malware that penetrated SingHealth 's antivirus and security tools.

Based on the findings by Singapore's Cyber ​​Security Agency (CSA), Kwek said attackers are using hacking tools that are open to rape workstations. Last user. This could be done because the workstation was running a version of Microsoft Outlook that is not updated with a fix that handles the use of the hacking tool.

This allowed hackers to access the SingHealth network early in August 2017, distribute malware after the first offense, and allow them to infect other workstations, he said.

In addition, the local administrator used "P @ ssw 0 rd" as the password. This may have been easily deciphered, indicating the IOC. An attacker used an administrator account to remotely connect to a Citrix server hosted at Singapore General Hospital.

In fact, the attacker could not repeatedly access the database running Sunrise Clinical Manager (SCM) of Allscript Healthcare Solutions that was managed by the integrated IT department of the Integrated Health Information System. (IHIS).

This reveals another shortfall on the network and allows hackers to launch bulk queries for the system …

Hope you like the news SingHealth data breach reveals several inadequate security measures. Stay Tuned For More Updates 🙂

Compsmag