Singapore Expats

Let's wildly speculate about who hacked Singhealth and how incompetent the response has been.

Discuss about the latest news & interesting topics, real life experience or other out of topic discussions with locals & expatriates in Singapore.
Post Reply
User avatar
PNGMK
Moderator
Moderator
Posts: 9076
Joined: Thu, 21 Mar 2013 9:06 pm
Answers: 10
Location: Sinkapore

Let's wildly speculate about who hacked Singhealth and how incompetent the response has been.

Post by PNGMK » Sun, 05 Aug 2018 6:19 pm

I'm up to three letters now to my house addressed to three different people apologising for the hack.

They can't even get their own data correct.

State actor hacked it? To get at LSL medical data? That's just what the hackers want you to think.

In the meantime my NRIC and enough data related to it float around the deep web. Damn.
I not lawyer/teacher/CPA.
You've been arrested? Law Society of Singapore can provide referrals.
You want an International School job? School website or http://www.ISS.edu
Your rugrat needs a School? Avoid for profit schools
You need Tax advice? Ask a CPA
You ran away without doing NS? Shame on you!

bgd
Manager
Manager
Posts: 1684
Joined: Wed, 25 Jul 2007 4:09 pm

Re: Let's wildly speculate about who hacked Singhealth and how incompetent the response has been.

Post by bgd » Mon, 06 Aug 2018 10:13 am

How can the hackers monetize the data - is there enough info to be useful and is the quantity large enough? Numbers are pretty small by recent standards.

If they can't then you look to who else might be interested in it, which is where your State actors may come into play. However from the one letter we have received they "say" only identifying data was compromised, not medical records, so doesn't seem that useful. Perhaps the embarrassment factor is enough.

Maybe just some kid in his bedroom experimenting with tools he found on the net.

User avatar
PNGMK
Moderator
Moderator
Posts: 9076
Joined: Thu, 21 Mar 2013 9:06 pm
Answers: 10
Location: Sinkapore

Re: Let's wildly speculate about who hacked Singhealth and how incompetent the response has been.

Post by PNGMK » Mon, 06 Aug 2018 2:35 pm

Hi BGD. The problem is there is no obvious way to lock down the system (i.e. stop people misusing the data - i.e. a credit freeze or whatever). All it takes is this data and some reasonably good NRIC cards with the data and they can do a lot of harm to your credit - so yes I think they will be trying to monetize it. Even if it's a state actor they may still offer on the dark web to distract the investigators.

Who hacked it? Someone with a pretty good toolset - I doubt a script kiddie could have done it. It's appalling that it could happen and that the data wasn't properly segmented and separated into DMZ's. I truly hope Singapore Intelligence gets this one sorted. I've never, ever liked having all my data linked to one key (my IC).
I not lawyer/teacher/CPA.
You've been arrested? Law Society of Singapore can provide referrals.
You want an International School job? School website or http://www.ISS.edu
Your rugrat needs a School? Avoid for profit schools
You need Tax advice? Ask a CPA
You ran away without doing NS? Shame on you!

bgd
Manager
Manager
Posts: 1684
Joined: Wed, 25 Jul 2007 4:09 pm

Re: Let's wildly speculate about who hacked Singhealth and how incompetent the response has been.

Post by bgd » Tue, 07 Aug 2018 9:56 am

I have a certain amount of sympathy for the intrusion, it's difficult to remove the human element.

I get several malicious phishing emails a week. Easy to spot and we have a mechanism to route to a security group who deal with them and also feedback. The same group send out periodic test mails, again easy to spot. But it amazes me how often well trained IT professionals click on these mails. What chance does a government department have?

As to how the data was stored and segregated, that's a different matter.

Post Reply
  • Similar Topics
    Replies
    Views
    Last post

Return to “General Discussions”

Who is online

Users browsing this forum: No registered users and 16 guests